Follow us on Twitter!
One mans freedom fighter, another's terrorist.
Friday, April 25, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 19
Guests Online: 18
Members Online: 1

Registered Members: 82908
Newest Member: krishna7799
Latest Articles
View Thread

HellBound Hackers | Computer General | Cryptography

Author

Message Digest


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 08-01-06 18:16
Can someone explain to be why a MD cant be revearsed? I know information is lost when making an MD but since the same string produces the same MD then the same information is lost each time isn't it possible to work out what teh gaps were, or atleast give your self a base to start bruteforcing from? Or is the where information is lost dependant on the string which would probably mean it would be difficult to work back. Is this why? I have read some sites about it but I dont understand a single word of them, also I have looked at the algorythm for making MD5's and still nothing.

Thanks.
(excuse the gramma/spelling mistakes I'm lazy.)


Author

RE: Message Digest

n3w7yp3
Member

Your avatar

Posts: 358
Location: USA
Joined: 19.03.05
Rank:
Moderate
Posted on 08-01-06 19:50
Yes and no Wink

See, the same string doesn't have to produce the same Digest (hash), only when you use an IV of 0, and/or a non-salted digest. However, if you use the same salt, you get the same digest.

Read up on the Digest::MD5 man page, and the crypt man page. That will explain a good bit about it. And feel free to post if you have any other questions, or would like some sample code.


"Root is a state of mind" -- K0resh
Author

RE: Message Digest


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 08-01-06 20:02
Errrrrrrrrm, Thanks Smile


Author

RE: Message Digest

SySTeM
Member

Your avatar

Posts: 1524
Location: England, UK
Joined: 27.07.05
Rank:
HBH Guru
Posted on 08-01-06 20:09
Lol, wolfman didn't understand, did ya? awwww, me too lol


img138.imageshack.us/img138/6527/sig2ak1.jpg
www.hellboundhackers.org/sig/r/2783.png

http://www.elites0ft.com/
Author

RE: Message Digest


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 08-01-06 20:23
No Sad


Author

RE: Message Digest

n3w7yp3
Member

Your avatar

Posts: 358
Location: USA
Joined: 19.03.05
Rank:
Moderate
Posted on 08-01-06 20:54
If you don't understand, just say so Wink

Okay, a salt is a value that is used to set off the permutations. Consider the following examples of me hashing the string "test" with MD5 (salted):


[n3w7yp3@localhost crypto]$ ./md5-crypt.pl test
Plaintext: test
Salt: $1$vozgebae$
MD5 hash: $1$vozgebae$fCNUhx7UJYZ4yNcEp92KQ.
[n3w7yp3@localhost crypto]$ ./md5-crypt.pl test
Plaintext: test
Salt: $1$tsowalko$
MD5 hash: $1$tsowalko$IAaIH/Oe2d6PGBdZsSR37.
[n3w7yp3@localhost crypto]$ ./md5-crypt.pl test
Plaintext: test
Salt: $1$xpurluys$
MD5 hash: $1$xpurluys$ioZgg9HGsCKorNXHi6LUp0
[n3w7yp3@localhost crypto]$ ./md5-crypt.pl test
Plaintext: test
Salt: $1$xlppkkyi$
MD5 hash: $1$xlppkkyi$JORXHfYD9kzki9mC8cTjl0
[n3w7yp3@localhost crypto]$

My script uses a randomly generated salt, and as you can see, the salts make a big difference. Compare this to teh outcome of hashing the same string with MD5, this time keeping it "clean" (more commonly known as MD5 hexadecimal):

[n3w7yp3@localhost crypto]$ ./md5-hash.pl test
Encrypting 'test' with MD5...
Your MD5 hexadecimal hash is: 098f6bcd4621d373cade4e832627b4f6
[n3w7yp3@localhost crypto]$ ./md5-hash.pl test
Encrypting 'test' with MD5...
Your MD5 hexadecimal hash is: 098f6bcd4621d373cade4e832627b4f6
[n3w7yp3@localhost crypto]$ ./md5-hash.pl test
Encrypting 'test' with MD5...
Your MD5 hexadecimal hash is: 098f6bcd4621d373cade4e832627b4f6
[n3w7yp3@localhost crypto]$

See how the results never differed?

Hope that cleared up some of your questions. If you have any more, post 'em Wink


"Root is a state of mind" -- K0resh