Members Online
Total Online: 32 Web Spiders: 13
Guests Online: 29
Members Online: 3
Registered Members: 70201 Newest Member: subnick
|
View Thread
| Author |
Message Digest |
wolfmankurd
Member
Posts: 1519
Location: UK
Joined: 30.05.05
Rank: God |
|
Can someone explain to be why a MD cant be revearsed? I know information is lost when making an MD but since the same string produces the same MD then the same information is lost each time isn't it possible to work out what teh gaps were, or atleast give your self a base to start bruteforcing from? Or is the where information is lost dependant on the string which would probably mean it would be difficult to work back. Is this why? I have read some sites about it but I dont understand a single word of them, also I have looked at the algorythm for making MD5's and still nothing.
Thanks.
(excuse the gramma/spelling mistakes I'm lazy.)
BY READING MY POST, YOU ACCEPT IT AS IS AND AGREE TO MY DISCLAIMER OF ALL WARRANTIES, EXPRESS OR IMPLIED, AS WELL AS DISCLAIMERS OF ALL LIABILITY, DIRECT, INDIRECT, CONSEQUENTIAL OR INCIDENTAL, THAT MAY ARISE FROM THE USE OF THIS (MIS)INFORMATION.
|
  
|
| Author |
RE: Message Digest |
n3w7yp3
Member
Posts: 358
Location: USA
Joined: 19.03.05
Rank: Mad User |
|
Yes and no 
See, the same string doesn't have to produce the same Digest (hash), only when you use an IV of 0, and/or a non-salted digest. However, if you use the same salt, you get the same digest.
Read up on the Digest::MD5 man page, and the crypt man page. That will explain a good bit about it. And feel free to post if you have any other questions, or would like some sample code.
"Root is a state of mind" -- K0resh |
|
|
| Author |
RE: Message Digest |
wolfmankurd
Member
Posts: 1519
Location: UK
Joined: 30.05.05
Rank: God |
|
Errrrrrrrrm, Thanks 
BY READING MY POST, YOU ACCEPT IT AS IS AND AGREE TO MY DISCLAIMER OF ALL WARRANTIES, EXPRESS OR IMPLIED, AS WELL AS DISCLAIMERS OF ALL LIABILITY, DIRECT, INDIRECT, CONSEQUENTIAL OR INCIDENTAL, THAT MAY ARISE FROM THE USE OF THIS (MIS)INFORMATION.
|
|
|
| Author |
RE: Message Digest |
SySTeM
-=[TheOutlaw]=-
Posts: 1524
Location: England, UK
Joined: 27.07.05
Rank: The Overlord |
|
Lol, wolfman didn't understand, did ya? awwww, me too lol
|
|
|
| Author |
RE: Message Digest |
wolfmankurd
Member
Posts: 1519
Location: UK
Joined: 30.05.05
Rank: God |
|
No 
BY READING MY POST, YOU ACCEPT IT AS IS AND AGREE TO MY DISCLAIMER OF ALL WARRANTIES, EXPRESS OR IMPLIED, AS WELL AS DISCLAIMERS OF ALL LIABILITY, DIRECT, INDIRECT, CONSEQUENTIAL OR INCIDENTAL, THAT MAY ARISE FROM THE USE OF THIS (MIS)INFORMATION.
|
|
|
| Author |
RE: Message Digest |
n3w7yp3
Member
Posts: 358
Location: USA
Joined: 19.03.05
Rank: Mad User |
|
If you don't understand, just say so
Okay, a salt is a value that is used to set off the permutations. Consider the following examples of me hashing the string "test" with MD5 (salted):
[n3w7yp3@localhost crypto]$ ./md5-crypt.pl test
Plaintext: test
Salt: $1$vozgebae$
MD5 hash: $1$vozgebae$fCNUhx7UJYZ4yNcEp92KQ.
[n3w7yp3@localhost crypto]$ ./md5-crypt.pl test
Plaintext: test
Salt: $1$tsowalko$
MD5 hash: $1$tsowalko$IAaIH/Oe2d6PGBdZsSR37.
[n3w7yp3@localhost crypto]$ ./md5-crypt.pl test
Plaintext: test
Salt: $1$xpurluys$
MD5 hash: $1$xpurluys$ioZgg9HGsCKorNXHi6LUp0
[n3w7yp3@localhost crypto]$ ./md5-crypt.pl test
Plaintext: test
Salt: $1$xlppkkyi$
MD5 hash: $1$xlppkkyi$JORXHfYD9kzki9mC8cTjl0
[n3w7yp3@localhost crypto]$
My scblockedript uses a randomly generated salt, and as you can see, the salts make a big difference. Compare this to teh outcome of hashing the same string with MD5, this time keeping it "clean" (more commonly known as MD5 hexadecimal):
[n3w7yp3@localhost crypto]$ ./md5-hash.pl test
Encrypting 'test' with MD5...
Your MD5 hexadecimal hash is: 098f6bcd4621d373cade4e832627b4f6
[n3w7yp3@localhost crypto]$ ./md5-hash.pl test
Encrypting 'test' with MD5...
Your MD5 hexadecimal hash is: 098f6bcd4621d373cade4e832627b4f6
[n3w7yp3@localhost crypto]$ ./md5-hash.pl test
Encrypting 'test' with MD5...
Your MD5 hexadecimal hash is: 098f6bcd4621d373cade4e832627b4f6
[n3w7yp3@localhost crypto]$
See how the results never differed?
Hope that cleared up some of your questions. If you have any more, post 'em
"Root is a state of mind" -- K0resh |
|
|
|
|
|
Main:
