The Ethical Hacker Network - cracking MD5 hash [request tutorial]

Latest Additions

Who's Online

tempa

Newbie

Offline

Posts: 1

cracking MD5 hash [request tutorial]

« on: September 20, 2007, 08:26:28 PM »

hi there:

Well.. my english is not so good.. amm let me try to explaind my self

I'm trying to crack a couple of MD5 hashes the thing is I have used alot of md5 crackers methods [brute force, dictionary, etc] and I'm not getting the desired results...

the hash I'm trying so hard to crack is up to 8 characters, please somebody would tell me how, a method, tutorial?

thanks in advance


	Logged

jimbob

Guest

Re: cracking MD5 hash [request tutorial]

« Reply #1 on: September 21, 2007, 04:04:49 AM »

Hi,
There are a few different approaches you can use and you're already mentioned a couple of them.

Dictonary attack

This is good for discovering the #low hanging fruit' i.e. the weakest passwords in the stack. A good password cracker will also try variations of the dictionary list e.g. changing case, adding number to the end etc.

Brute force/Incremental attack

This method hashes all permutations of a given character set and compares this to the given hash. This can take a long time but will eventually discover the password given enough time. If the password is long and complex it may become infeasible.

Rainbow tables

A variation on the brute force attack. A rainbow table is a precomputed set of hashes as opposed to one created at the time of cracking. You simply take your hash can look it up in the table. If it's there you have your password.
[/list]

Recommended tools:
John The Ripper - An excellent password cracker - http://www.openwall.com/john/
RainbowCrack - Rainbow table generator - http://www.antsight.com/zsl/rainbowcrack/
GData - Online MD5 cracker, I've not tested this one - http://gdataonline.com/seekhash.php

You should find plenty of documentation on the web, google is your friend.

Jimbob


	Logged

BillV

Hero Member

Offline

Posts: 1892

Re: cracking MD5 hash [request tutorial]

« Reply #2 on: September 21, 2007, 07:11:22 AM »

There used to be an online Rainbow Table website, where you could pay for each submission. I can't remember the URL and can't seem to find it atm either. As soon as I come across it I'll post the link (or maybe someone else knows).


	Logged

don

Editor-In-Chief
Administrator
Hero Member

Offline

Posts: 4167

Editor-In-Chief

Re: cracking MD5 hash [request tutorial]

« Reply #3 on: September 21, 2007, 03:06:10 PM »

Take a look at Chris Gates article:

Tutorial: Rainbow Tables and RainbowCrack

And http://www.plain-text.info/

Don


	Logged

CISSP, MCSE, CSTA, Security+ SME

oleDB

Recruiters
Full Member

Offline

Posts: 236

Re: cracking MD5 hash [request tutorial]

« Reply #4 on: September 21, 2007, 03:51:53 PM »

The best lightweight, free hash cracker is Ophcrack. The next option for stronger passwords would be either Cain or LC5 with a full RT hash set. You can either generate those tables yourself(6months) or download the torrent. The full set including the <space> is over 60G, so make sure to have a big hard drive. Another great option within Cain that many people ignore is dumping the cached credentials. It requires admin rights, but often the domain accounts used have the same password as the local account.