Author Topic: md5 hash (Read 1571 times)

HuNtEd23 · « **on:** May 29, 2013, 09:12:16 pm »

Hy there,

I am new here, so please bare with me.

I'm going right to point.. I am trying to crack a md5 hash code into clear text, is there anyway to do that by using python? I tried used scripts coming from google, but was't much..

any suggestions on how to do it.

thanks

ande · « **Reply #1 on:** May 29, 2013, 09:21:43 pm »

Hashes are one way algorithms. You cant reverse them. However you can guess them(brute force).

Lets say you have hash x. x is an MD5 hash. The only way you can find out what x is un-hashed is by guessing. So the story goes:

Code: [Select]

while(md5(y) != x) {
    y = next_word/letter();
}

HuNtEd23 · « **Reply #2 on:** May 29, 2013, 09:32:41 pm »

thanx for reply.

this is going to be one hell of a work

guessing 32 characters will be like forever.

but let say I guessed the first x
how would I know that I guessed the right one?

Kulverstukas · « **Reply #3 on:** May 29, 2013, 09:36:58 pm »

You can't guess and MD5 letter by letter. You guess the hash as a whole word.

ande · « **Reply #4 on:** May 29, 2013, 09:42:55 pm »

Quote from: HuNtEd23 on May 29, 2013, 09:32:41 pm

thanx for reply.

this is going to be one hell of a work

guessing 32 characters will be like forever.

but let say I guessed the first x
how would I know that I guessed the right one?

The fact that the MD5 hash is 32 characters doesn't mean the un-hashed value is 32 characters. An MD5 hash is always 32 characters, even if the hashed value is a million characters.

You will know you guessed right when md5(y) == x because that would be the same as y == unhashed(x). You cannot guess letter by letter, you have to guess the entire value.

And actually it is not that much work writing a brute forcer, what takes time is the actual cracking.

HuNtEd23 · « **Reply #5 on:** May 29, 2013, 10:14:46 pm »

thank you for the reply..

I will give it a try..

it's it allowed to post the result here..?

ande · « **Reply #6 on:** May 29, 2013, 10:25:17 pm »

Quote from: HuNtEd23 on May 29, 2013, 10:14:46 pm

thank you for the reply..

I will give it a try..

it's it allowed to post the result here..?

Ofcourse, highly encouraged! You might want to start a new thread about the results as well.

str0be · « **Reply #7 on:** May 29, 2013, 10:46:08 pm »

One easy trick is to simply search for the hash itself on google. If google doesn't show a result, you can be fairly confident that the value is at least moderately complex and that a simple brute-force might not work without some insight as to what type of value was hashed.

HuNtEd23 · « **Reply #8 on:** May 30, 2013, 12:07:20 pm »

Alright.

so, here is another method I was thinking about.

I written a python code which generates md5 hash for a file, the code tells me in right a way what the md5 code is.

so I was thinking if I send the file (which I just hased) to my friend and tell hem to find out what the hash code is?

I was thinking to write another tool which does exactly the opposite, by like picking the "hashed file" and run the code to find out the hash code?

you guys think that's possible?

Snayler · « **Reply #9 on:** May 30, 2013, 12:21:56 pm »

Quote from: HuNtEd23 on May 29, 2013, 09:12:16 pm

I am new here, so please bare with me.

Offtopic and not wanting to sound like a grammar nazi, but it's "bear with me". "Bare with me" means "get naked with me".

Quote from: HuNtEd23 on May 30, 2013, 12:07:20 pm

so, here is another method I was thinking about.
I written a python code which generates md5 hash for a file, the code tells me in right a way what the md5 code is.
so I was thinking if I send the file (which I just hased) to my friend and tell hem to find out what the hash code is?
I was thinking to write another tool which does exactly the opposite, by like picking the "hashed file" and run the code to find out the hash code?
you guys think that's possible?

I don't think you're understanding how hashing works... When people say it is a one-way hashing algorithm, it means you can't reverse the process.

There's no magical "hash code" that can reverse the process. The only known way of doing it is by using brute force, which means, keep hashing strings until you get the same hash as the one you're trying to brute-force. Or use some on-line reverse lookup tool, although they are still somewhat limited.

Stackprotector · « **Reply #10 on:** May 30, 2013, 12:48:24 pm »

Quote from: HuNtEd23 on May 30, 2013, 12:07:20 pm

Alright.

so, here is another method I was thinking about.

I written a python code which generates md5 hash for a file, the code tells me in right a way what the md5 code is.

so I was thinking if I send the file (which I just hased) to my friend and tell hem to find out what the hash code is?

I was thinking to write another tool which does exactly the opposite, by like picking the "hashed file" and run the code to find out the hash code?

you guys think that's possible?

Cracking a hashed file will take some longer to crack xD, to decrypt a message you would use a encryption algorithm like RC4, AES, Serpent, you name it

Though, there are mallware versions who decrypt themselfs by bruteforcing a weak encryption key...

Alin · « **Reply #11 on:** May 30, 2013, 02:16:35 pm »

"Cracking" a md5 hash of a file is impossible due to collisions (well, and time). Your friend might find a set of byte values that gives the same hash value, but that does not equal him finding the exact set.

Try reading a bit on the topic
http://en.wikipedia.org/wiki/MD5

EvilZone

News:

Author Topic: md5 hash (Read 1571 times)

HuNtEd23

md5 hash

ande

Re: md5 hash

HuNtEd23

Re: md5 hash

Kulverstukas

Re: md5 hash

ande

Re: md5 hash

HuNtEd23

Re: md5 hash

ande

Re: md5 hash

str0be

Re: md5 hash

HuNtEd23

Re: md5 hash

Snayler

Re: md5 hash

Stackprotector

Re: md5 hash

Alin

Re: md5 hash