Follow us on Twitter!
Become the change you seek in the world. - Gandhi
Friday, April 25, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 21
Guests Online: 18
Members Online: 3

Registered Members: 82909
Newest Member: awais
Latest Articles

MD5 cracking

Arrow Image the "one-way" hash broken.



In this Article I will explain what a MD5 hash is, List ways to crack an MD5 hash and explain the how those ways work.

OK so lets see here. First lets learn what MD5 is.
(note: in stars taken from Wikipedia.org)

******************************
In cryptography, MD5 (Message-Digest algorithm 5) is a widely-used cryptographic hash function with a 128-bit hash value.
******************************

Ok so now we know what MD5 is. I wont go into grave details about the flaws concerning it but I will tell you that by the use of collision we can crack an MD5 hash.

So how do we do this?
We use a program called Cain & Abel. Please Note that there are many other programs that you can use to crack an MD5 hash.

Cain & Abel is a program that cracks various hashes and can also dump details about yours and others computer(s). Abel is a program that works in conjunction with Cain to control computer(s) on a network. The program we want right now is Cain.

Lets assume you have gotten a MD5 hash from somewhere. OK so go into Cain then click on the Cracker tab. I know what your thinking right now, your think wow there are really that many ways to protect your password? the answer is yes and there are nmany more also. soooo we are going to cruise on down the list until you see \"MD5 Hashes\". Click on that and a blank table will come up. Now right click on the table and goto \"Add to list\". From there you simply input your MD5 hash. Now that you have inputed the MD5 Hash click OK. To crack the hash we have a variety of tools ast our disposal. WE could Brute-force it, use a dictionary attack or use a Rainbow-Table. Now while using a Rainbow Table is the fastest method to use, it also takes a very long time to create the table and sort it. The method I would use to start out with would be a dictionary attack. Now in order to use this method you need to get your hands on a dictionary(not a real one) file. I would suggest getting one from http://packetstormsecurity.nl/Crackers/wordlists/ or on www.antiserver.it there are several dictionary file creators. When you get a file then the rest is pretty self-explanitory. Now if the dictionary attack fails to find a password, the next thing to try would be a brute-force attack. Now a brute force attack will usually take a very long time and in some other scenarios it might take as little as 2 minutes, but that is very uncommon. A brute force attack consists of trying every combination of letters, numbers, or symbols and testing them to match the hash. I would only use this method of attack if you really want the password. Now we are onto Rainbow Tables. Cain comes with a built-in program called Winrtgen. I both generates the table and sorts it. A rainbow table is basicly a brute force attack but only shorter. a rainbow table is actually a premade list of text strings to check against the hash. It usually takes about an 1/18th of the time a brute force attack takes. I hope this article has tought you everything you need to know about MD5 hashes and ways to crack them. I would include salted hashes but not even I understand them completely.

~Nubzzz

Comments

godon January 23 2006 - 14:58:57
B) nicely put together Smile though there's another article almost just like it Pfft
oxehon January 23 2006 - 16:51:42
Dude, you just ripped my whole tutorial. >_<
godon January 23 2006 - 18:56:33
lol thats gay Shock
Nubzzzon January 23 2006 - 22:03:08
Oxeh the only think he same about our articles is the topic and the program.
system_meltdownon January 23 2006 - 22:49:29
Nice man
thousandtooneon January 23 2006 - 22:52:55
Worthless, shallow article. We don't need more stubs of information here. Howtos mean nothing to hacking. You're simply promoting script kiddies.
Nubzzzon January 23 2006 - 23:04:38
First of all, how is it shallow may i ask? it explains the subject better than oxeh's. second, This isnt a howto, and finally I would rather die then promote script kiddies.
Jakeon January 23 2006 - 23:16:54
Okay, no lets not start flaming. In my opinion, the article is 'ok'. However, I do think it would be good to go over some of the basic concepts of how MD5 works and go more in depth on the types of attacks used to find a collision so the reader has an idea of what is going on.
Nubzzzon January 23 2006 - 23:22:04
Thank you for stoping that and thatnk you for your input i will be sure to remember that the next time i post an article.
thousandtooneon January 24 2006 - 04:17:27
Didn't mean to come off on flaming, but it is a moderately shallow article. 'I hope this article has taught you everything you need to know about MD5 hashes...' Well, didn't see any content about md5 specifically, or even a hash versus encrypted content. My personal view is that articles should just be deeper than a howto and basic explanations like this.
cainamon December 12 2006 - 04:44:16
I didnt see the other article but this one helped. Good job!Wink
Post Comment

Sorry.

You must have completed the challenge Basic 1 and have 100 points or more, to be able to post.