#!/usr/bin/perl 
use Crypt::PasswdMD5;

open(FG, "/boot/grub/menu.lst") || die "Problem opening /boot/grub/menu.lst !\n";
for ($count=0, $ct=0; <FG>;){
	if (/^title\s+(.+)/) { $title[++$ct]=$1;  $tline=$. }
	if (/^password --md5 (\S+)/) { $md5hashes[++$count] = $1; $hashline=$. }
	if ( $tline+1 == $hashline && $. == $hashline ) { print "MD5crypt hash for $title[$ct]: $md5hashes[$count]\n" } 
	if ( eof(FG) && $count==0 ) { print "GRUB is not using password authentication!" }
}



close(FG);

print"\n";

open(DC, "$ARGV[0]");

if ($count > 0) { print "Using dictionary $ARGV[0] to crack GRUB passwords...\n\n" }

for($y=1; $y<=$count; $y++){
 
	while ($line=<DC>) {
		chomp($line);
		if ( $md5hashes[$y] =~ /\$1\$(.....)\$\S+/ )  { $salt=$1; }
		$genhash = unix_md5_crypt($line, $salt);
		if ( $genhash eq $md5hashes[$y] ) { print "Password for $title[$y+1]: $line \nMD5hash for $title[$y+1]: $md5hashes[$y]\n"; last; }
	
	}
	
	seek(DC,0,0);	

}

close(DC);