md5 hash brute force

tom4ta · March 08, 2007, 10:45:09 PM

I'm trying to write a program that brute forces md5's. I want to be able to be able to change the character set from say "26" to "70". Show progress with the number of attempts per minute, etc.

Any help would be great.

Tedd · March 09, 2007, 01:27:35 PM

number of md5 hash values = 2^128 = 3.4e38

optimisitic number of hashes you'd have to test before you get lucky = 2^64 = 1.8e19

how long this would take if you could generate one hash per millisecond = 1.8e19ms = 584.54 million years

Have fun :bdg

(Do a little research on "rainbow tables" - that might give you some more constructive ideas :wink)

On the other hand, if all you're trying to do is flip a few bits/characters in an already hashed message..
There are two cases:
- the message is shorter than the hash-buffer size (64 characters? I don't remember off the top of my head.) This is the easier case - you can make your own tests, flip bits/chars and see how the bits change in the resulting hash. Due to the way md5 is designed, this will be most/all of them, but there is a specific pattern (it's just very chaotic, and not at all simple - if it was, it wouldn't be a very good hash.)
- the second case is where the message is longer than a single buffer, which means the hashed characters will be overlapped onto each other. And so, flippin one bit will also change the resulting output bits (as in the first case) but the way this changes will be different depending on what the overlapping bits on top of it are -- this is so much more complicated, and it's arguably easier to do a brute force search in order to try to find a 'collision' (a message, which is different, but happens to give the same hash) -- which is probably not a good idea either :bdg

tom4ta · March 09, 2007, 02:33:32 PM

Thanks for your input. I'm not trying to build a super-cracker program. My goal is to learn each of the steps & how they work with this program.

Thanks,

Tom

PBrennick · March 09, 2007, 05:53:32 PM

Ask Drizz,
IIRC he has a nice set of sources for most of the hashes on his website so he definitely could give you some ideas.

Paul

tom4ta · March 09, 2007, 09:21:41 PM

Thanks a lot. I'll check out the website now. :cheekygreen:

tom4ta · March 15, 2007, 11:06:39 PM

I could not find the site. Can you point me in the right direction? :boohoo:

PBrennick · March 15, 2007, 11:40:05 PM

Tom,
I would like you to send me an email.

rifleman8@verizon.net

Paul

News:

md5 hash brute force

tom4ta

Tedd

tom4ta

PBrennick

tom4ta

tom4ta

PBrennick