|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 77
Members: 0
Total: 77
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
MD5 Help? |
|
Posted: Thu Jul 20, 2006 3:13 am |
|
|
gbar |
Regular user |
|
|
Joined: Jan 20, 2006 |
Posts: 9 |
|
|
|
|
|
|
|
Hi folks,
I have no idea how to convert salted MD5's back to normal MD5's so I can decode them.
If anyone can convert them back to normal MD5's it would be appreciated.
Password: ae9f01362090ebe44fc534334dae7232 Salt: EYN
Password: 0c8b210f22535ae0810b045b7aa84232 Salt: IN5
Password: a30d454143b2268d4b51c9b4a2709656 Salt: } *
Password: 0a77b5645d0dd72eb204a9d11ac5f00c Salt: (*2
Password: d053106c09fa241b6fe365fd66d7b91a Salt: Mm.
Password: 83531790d2253ba8f33bae7dd4d63777 Salt: A*D
Password: e197ad5ee0c66da4f8dd7aa159b6f191 Salt: J1+
Password: acea1f8d65e90d753df8e54c24e68f35 Salt: *H
Your help is kindly appreciated. |
|
|
|
|
|
Re: MD5 Help? |
|
Posted: Thu Jul 20, 2006 10:47 am |
|
|
ToXiC |
Moderator |
|
|
Joined: Dec 01, 2004 |
Posts: 181 |
Location: Cyprus |
|
|
|
|
|
|
gbar wrote: | Hi folks,
I have no idea how to convert salted MD5's back to normal MD5's so I can decode them.
If anyone can convert them back to normal MD5's it would be appreciated.
Password: ae9f01362090ebe44fc534334dae7232 Salt: EYN
Password: 0c8b210f22535ae0810b045b7aa84232 Salt: IN5
Password: a30d454143b2268d4b51c9b4a2709656 Salt: } *
Password: 0a77b5645d0dd72eb204a9d11ac5f00c Salt: (*2
Password: d053106c09fa241b6fe365fd66d7b91a Salt: Mm.
Password: 83531790d2253ba8f33bae7dd4d63777 Salt: A*D
Password: e197ad5ee0c66da4f8dd7aa159b6f191 Salt: J1+
Password: acea1f8d65e90d753df8e54c24e68f35 Salt: *H
Your help is kindly appreciated. |
If you dont know what a salted hash is, well, it's much simpler than it sounds. You have a common string that you append to each password before you hash it.
For example, if the password you want to encrypt is "toxic", and your salt string is "foo", then you simply create a hash of "toxicfoo". Keep in mind that you must use the same salt string across your application, so you are able to validate the hash later. When you need to validate the hash, for example when a user logs in, simply add "foo" to the end of whatever he/she submits.
$password = "toxic";
$salt = "foo";
$hash = md5($password.$salt);
If is that the methodology used for the above hashes then all you have to do is to add the salted value at the end of every word in your wordlist .. pray and hope that the word is in your list.. but base on that methodology .. its very simple to change and modify it as you want ... for example ..
$password = "toxic";
$salt = "foo";
$hash = md5(md5($salt).md5($password));
so .. you dont only need the salted value .. you also need the method ..
..now.. taking the first value ae9f01362090ebe44fc534334dae7232 with Salt: EYN ... you will have to make a wordlist .. like
aEYN
bEYN
cEYN
.... .... .. ..
and so on ...
and try to brute force it ..
but as i mentioned on a different post .. salted md5 hashes .. are not always as secure as they look .. because of the collitions .. so .. arithmeticaly you may come up with a different plain text that leeds to the same salted hash ..
md5 hash method was developed mostly to avoid colllitions .. now with salted hashes .. Its like entering a vicious circle ...
ToXiC |
|
_________________ who|grep -i blonde|talk; cd~;wine;talk;touch;unzip;touch; strip;gasp;finger;gasp;mount; fsck; more; yes; gasp; umount; make clean; sleep;wakeup;goto http://www.md5this.com |
|
|
|
|
|
|
|
Posted: Sun Jul 23, 2006 7:19 am |
|
|
gbar |
Regular user |
|
|
Joined: Jan 20, 2006 |
Posts: 9 |
|
|
|
|
|
|
|
I still do NOT understand, is it possible for you people to try convert this for me? Any of them (all would be great )
I wont request any others.
Hope to hear from you soon thankyou |
|
|
|
|
Posted: Thu Jul 27, 2006 12:58 pm |
|
|
716 |
Regular user |
|
|
Joined: Feb 11, 2006 |
Posts: 19 |
|
|
|
|
|
|
|
vbulletin uses the following method:
$hash = md5(md5($pass).$salt);
i would also like to ask for some help... i have a full DB backed up on my HDD and i would like to crack few passes... is there a brute-force tool where you can chose the algorythm to calculate hashes?
thanks a lot in advance |
|
|
|
|
|
|
|
|
Posted: Thu Jul 27, 2006 1:07 pm |
|
|
waraxe |
Site admin |
|
|
Joined: May 11, 2004 |
Posts: 2407 |
Location: Estonia, Tartu |
|
|
|
|
|
|
716 wrote: | vbulletin uses the following method:
$hash = md5(md5($pass).$salt);
i would also like to ask for some help... i have a full DB backed up on my HDD and i would like to crack few passes... is there a brute-force tool where you can chose the algorythm to calculate hashes?
thanks a lot in advance |
There is one tool, able to various salted hashes cracking:
http://www.insidepro.com/eng/passwordspro.shtml
Code: |
Hashes passwords recovery
The tool is designated to recover passwords for the following types of hashes:
MySQL
MySQL5
MD4
MD4 (Base64)
MD5
MD5 (Base64)
MD5 (Unix)
MD5 (APR)
SHA-1
SHA-1 (Base64)
as well as for hashes used by different PHP-programs:
md5(md5($pass))
md5(md5($pass).$salt)
md5(md5($salt).md5($pass))
|
It costs $40 though |
|
|
|
|
Posted: Thu Jul 27, 2006 8:00 pm |
|
|
716 |
Regular user |
|
|
Joined: Feb 11, 2006 |
Posts: 19 |
|
|
|
|
|
|
|
|
|
|
|
Posted: Tue Aug 01, 2006 9:11 pm |
|
|
Vixje |
Active user |
|
|
Joined: Mar 25, 2006 |
Posts: 35 |
|
|
|
|
|
|
|
i was able to recover 3rd and 7th password using a wordlist. Both are: microsoft |
|
|
|
|
Posted: Thu Aug 03, 2006 4:47 am |
|
|
gbar |
Regular user |
|
|
Joined: Jan 20, 2006 |
Posts: 9 |
|
|
|
|
|
|
|
they work thanks
the most important one for me would be the first one if anyone can help!!
many thx |
|
|
|
|
Posted: Sun Feb 14, 2010 12:11 pm |
|
|
davitz38 |
Beginner |
|
|
Joined: Feb 14, 2010 |
Posts: 4 |
|
|
|
|
|
|
|
Hi Guys,
I know this is an old post, but was wondering if you were able to crack these keys? just wanted to know before trying it
I use this Online Md5 Converter
David |
|
|
|
|
Posted: Sun Feb 14, 2010 12:39 pm |
|
|
vince213333 |
Advanced user |
|
|
Joined: Aug 03, 2009 |
Posts: 737 |
Location: Belgium |
|
|
|
|
|
|
83531790d2253ba8f33bae7dd4d63777:A*D Password: buddy6
a30d454143b2268d4b51c9b4a2709656:} * Password: microsoft
e197ad5ee0c66da4f8dd7aa159b6f191:J1+ Password: microsoft
0a77b5645d0dd72eb204a9d11ac5f00c:(*2 Password: simpsons
--------------------------------------------------------------------
Password: acea1f8d65e90d753df8e54c24e68f35 Salt: *H
This salt is missing a character |
|
|
|
|
|
how do i get the salt ? |
|
Posted: Mon Feb 15, 2010 3:59 pm |
|
|
Sibar |
Beginner |
|
|
Joined: Apr 14, 2009 |
Posts: 4 |
|
|
|
|
|
|
|
|
|
|
|
Posted: Sat Nov 20, 2010 2:21 pm |
|
|
delorean75 |
Regular user |
|
|
Joined: Nov 20, 2010 |
Posts: 5 |
|
|
|
|
|
|
|
good morning?
I need help to decrypt a file MD5:
4d0689a22b945aa6e9bb1188d19d3c87
I thank all who can help me,
thanks |
|
|
|
|
www.waraxe.us Forum Index -> All other hashes
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|