This page has been robot translated, sorry for typos if any. Original content here.

MD5 decoders or hash attack

On this topic:


MD5 дешифраторы или атака на хеш

Goal:

Tell about the ways of decoding.

Teach young hackers to recognize passwords (or other data) encrypted by the MD5 algorithm (and not only MD5) themselves, based on real examples.

Show users that they should be more careful about choosing a password.

Sequence:

The methods of finding a password from the lung (in my opinion) to a complex one (in terms of speed, etc.) will be discussed in detail.

About MD5:

MD5 Message Digest 5 is a 128-bit hash algorithm developed by Professor Ronald L. Rivest of the Massachusetts Institute of Technology (MIT) in 1991.

It is intended for creation of "prints" or "digests" of messages of any length.

About decoding:

In fact, it will be incorrect to call this decryption, since with this so-called decryption we (more precisely the program) select the same hash, the initial value of which we know.

Example: we have a hash of 0575c8d592fb7b088226750aceec2b4e, we need to know its initial value, also we have the word tutorial hash of which is 0575c8d592fb7b088226750aceec2b4e, so we take our hash 0575c8d592fb7b088226750aceec2b4e and try to find the same, whose initial value is known, coincidentally we get the answer that there is such a hash and that this hash corresponds to the value tutorial.

Keep in mind that the longer the symbol for the initial value, the longer (except for the dictionary search), you (or rather the program) will have to spend on finding it.

Methods of "decoding":

Selection of the dictionary.

Selection of rainbow tables
(http://en.wikipedia.org/wiki/%D0%A0%D0%B0%D0%B4%D1%83%D0%B6%D0%BD%D0%B0%D1%8F_% D1% 82% D0% B0% D0% B1% D0% BB% D0% B8% D1% 86% D0% B0).

Brutus
(http://en.wikipedia.org/wiki/%D0%9C%D0%B5%D1%82%D0%BE%D0%B4_%D0%B3%D1%80%D1%83% D0% B1% D0% BE% D0% B9_% D1% 81% D0% B8% D0% BB% D1% 8B).

What we need to "decrypt":

Site to check for a possible match.

Program for checking matches, dictionary, rainbow tables, brutus. Not necessarily one program, you will understand why.

Dictionary, rainbow table.

Sites:

http://crackfor.me/ It's true that there are no simple passwords on other services, but simple passwords can be found out very quickly, this will be discussed later.

So, for example, we go to this service and enter our hash 0575c8d592fb7b088226750aceec2b4e in the hash field, click search and get the answer: the password tutorial is found in our database!

A match was found in the database and the initial value of the hash was deduced. 0575c8d592fb7b088226750aceec2b4e = tutorial.

Programs:

It is with the help of programs that you can get the initial value of the hash in 3 ways.

Method one, a selection of iridescent tables

Iridescent tables and a program that awakens to check and compare them to get the initial value that we need.

So, as for the tables, we either download them or generate them.

Find where you can go to google.

I use the program in the package which also includes the generator. It's called Cain & Abel and you can download it from here http://www.oxid.it/cain.html

Downloaded, installed (when installing, asks whether to install winpcap, select yes).

In the main program folder there is a subfolder with the name Winrtgen, there is a table generator, run it. Click Add Table, here we need to configure which tables we will have.

At the time of this writing, I generated 4-7 character tables, here are my settings, play around, there are all the data (I described in the picture) about your future table, they change with different settings.

So click OK, and again, ok, the generation has gone. By the way, you can stop and continue it whenever you want. Look like that's it.

Let's go to the find, launch the program, go to the Cracker tab and select MD5 Hashes on the left. We see an empty list, click on it with the right mouse button and select Add to list. In the opened window we enter our hash, click OK, the hash appeared in the list. Press the right button on our appeared hash and select Cryptanalysis Attack via Rainbow Tables. In the opened window click Add Table and add our tables. Click start, wait, if the table wakes up the desired value, we get the answer.

The second way, a dictionary compilation

The same program will come down, only dictionaries are needed, they can be taken from here http://www.passwords.ru/dic.php http://www.passwords.ru/dic.php

Some dictionaries with the extension .dic, change to .txt

Just like in 1 method, only instead of Cryptanalysis Attack via Rainbow Tables we select Dictionary Attack, in the opened window we see an empty list, we press the right button on it and Add to list.

We choose our dictionaries. We press start, also before the start we can play with the check marks, they are described in the examples. If a match is found, we get the answer that interests us.

The last method, BROUT

You can also use Cain & Abel for brute, but it's slow. I'm using barswf, so far the fastest MD5 brute I've ever seen is brutting with millions of hashes per second.

Download can be here http://3.14.by/en/md5

We use it through CMD.

Example: C: \> barswf.exe -h 0575c8d592fb7b088226750aceec2b4e -ca

The program will start to brute for the hash 0575c8d592fb7b088226750aceec2b4e only small letters to see what parameters can be specified with a description, type C: \> barswf.exe

I advise you to immediately check for numbers, and then for numbers and letters.

For practical classes, try to encrypt something here and then try to find out all the ways.