This page has been robot translated, sorry for typos if any. Original content here.

MD5 descramblers or hash attack

On this topic:

MD5 дешифраторы или атака на хеш


To tell about decoding methods.

Teach young hackers to learn passwords (or other data) encrypted by the MD5 algorithm (and not only MD5) themselves, based on real examples.

Show users that they need to be more careful about choosing a password.


Methods of finding a password from a light one (in my opinion) to a complex one (in terms of speed, etc.) will be considered in turn.

About MD5:

MD5 (English Message Digest 5) is a 128-bit hashing algorithm developed by 1991 by Prof. Ronald L. Rivest of Massachusetts Institute of Technology (MIT).

Designed to create "fingerprints" or "digests" messages of arbitrary length.

About decoding:

In fact, it would be incorrect to call this decryption, since with this so-called decryption we (or rather, programs) select the same hash, the initial value of which we know.

Example: we have a hash 0575c8d592fb7b088226750aceec2b4e, we need to know its underlying graphics, we also have Intel, we have the word tutorial hash, which is 0575c8d592fb7b088226750aceec2b4e, so we take our hash, 0575c8d592fb7b08828b5e, so we take our hash, 0575c8d592fb7b08822b4e there is such a hash and that this hash corresponds to the value of the tutorial.

Keep in mind that the longer the initial value of the characters, the more time (except for word search) you (or rather the program) will have to spend on finding it.

Methods of "decryption":

Dictionary selection.

Rainbow Table Selection
( D0% B0% D0% B4% D1% 83% D0% B6% D0% BD% D0% B0% D1% 8F_% D1% 82% D0% B0% D0% B1% D0% BB% D0% B8% D1% 86% D0% B0).

( D1% B1 D0% BE% D0% B9_% D1% 81% D0% B8% D0% BB% D1% 8B).

What we need to "decrypt":

Site to check for a possible match.

The program for checking matches, in the dictionary, rainbow tables, brutus. Optional one program, you will understand why.

Dictionary, rainbow table.

Sites: True, there are no simple passwords like other services, but simple passwords can be learned very quickly by themselves, this will be discussed later.

So, for example, go to this service and enter our hash 0575c8d592fb7b088226750aceec2b4e in the hash field, click the search button and get the answer: the password tutorial is found in our database!

A match was found in the database and the initial hash value was 0575c8d592fb7b088226750aceec2b4e = tutorial.


It is with the help of programs that you can get the initial value of the hash in 3 ways.

Method one, compiling rainbow tables

Rainbow tables and a program that wakes up to check and compare them to get the initial value that we need.

So, as for the tables, we either download them or generate them.

Find where you can download in google.

I use the program in the package which also includes a generator. It is called Cain & Abel and you can download it from here

Download, install (during installation asks whether to install winpcap, select yes).

In the main program folder there is a subfolder called Winrtgen, there is a table generator, we launch it. We press Add Table, here we need to set up which tables we will have.

At the time of this writing, I generated tables of 4-7 characters, here are my settings, play, there is all the data (I described in the picture) about your future table, they change with different settings.

So click OK, and again OK, the generation went. By the way, you can stop and continue it whenever you want. Look like that's it.

We proceed to finding, launch the program, go to the Cracker tab and on the left select MD5 Hashes. We see an empty list, click on it with the right mouse button and select Add to list. In the window that opens, we enter our hash, click OK, the hash appears in the list. We press the right button on our appeared hash and select Cryptanalysis Attack via Rainbow Tables. In the window that opens, click Add Table and add our tables. We press start, we wait, if in the table it wakes up the desired value, we will get an answer.

The second way, the dictionary selection

The same program will come down, only dictionaries are needed, they can be taken from here

Some dictionaries with .dic extension, change to .txt

Everything is the same as in method 1, but instead of Cryptanalysis Attack via Rainbow Tables we select Dictionary Attack, in the opened window we see an empty list, press the right button on it and Add to list.

Choose our dictionaries. We press start, also before the start we can play around with ticks, they are described in the examples. If a match is found, we will get an answer that interests us.

Last way, BRUT

For brutus, you can also use Cain & Abel, but this is slow. I use barswf, so far the fastest MD5 brute I have ever seen is brutes with millions of hashes per second.

You can download it here

We use through CMD.

Example: C: \> barswf.exe -h 0575c8d592fb7b088226750aceec2b4e -ca

The program will start for the 0575c8d592fb7b088226750aceec2b4e hash only small letters, to see which parameters you can set with a description, type C: \> barswf.exe

I advise you to immediately check for numbers, and then for numbers and letters.

For practical exercises, try to encrypt anything here and then try to find out in all ways.