Waraxe IT Security Portal
Login or Register
November 17, 2024
Menu
Home
Logout
Discussions
Forums
Members List
IRC chat
Tools
Base64 coder
MD5 hash
CRC32 checksum
ROT13 coder
SHA-1 hash
URL-decoder
Sql Char Encoder
Affiliates
y3dips ITsec
Md5 Cracker
User Manuals
AlbumNow
Content
Content
Sections
FAQ
Top
Info
Feedback
Recommend Us
Search
Journal
Your Account
User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144

People Online:
Visitors: 78
Members: 0
Total: 78
Full disclosure
SEC Consult SA-20241112-0 :: Multiple vulnerabilities in Siemens Energy Omnivise T3000 (CVE-2024-38876, CVE-2024-38877, CVE-2024-38878, CVE-2024-38879)
Security issue in the TX Text Control .NET Server for ASP.NET.
SEC Consult SA-20241107-0 :: Multiple Vulnerabilities in HASOMED Elefant and Elefant Software Updater
Unsafe eval() in TestRail CLI
4 vulnerabilities in ibmsecurity
32 vulnerabilities in IBM Security Verify Access
xlibre Xnest security advisory & bugfix releases
APPLE-SA-10-29-2024-1 Safari 18.1
SEC Consult SA-20241030-0 :: Query Filter Injection in Ping Identity PingIDM (formerly known as ForgeRock Identity Management) (CVE-2024-23600)
SEC Consult SA-20241023-0 :: Authenticated Remote Code Execution in Multiple Xerox printers (CVE-2024-6333)
APPLE-SA-10-28-2024-8 visionOS 2.1
APPLE-SA-10-28-2024-7 tvOS 18.1
APPLE-SA-10-28-2024-6 watchOS 11.1
APPLE-SA-10-28-2024-5 macOS Ventura 13.7.1
APPLE-SA-10-28-2024-4 macOS Sonoma 14.7.1
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> Hash related information -> MD5 idea
Post new topicReply to topic View previous topic :: View next topic
MD5 idea
PostPosted: Thu Jul 05, 2007 9:51 pm Reply with quote
agentsteal
Regular user
Regular user
Joined: Jun 09, 2007
Posts: 5




Right now, MD5s > 8 characters are impossible to brute force. Brute forcing 9 characters alphanumeric takes a year and 10 characters alphanumeric takes 25 years. And rainbow tables can only do up to 8 characters because of the disk space. Most passwords are 9-10 characters so if there was an online cracker that could do up to 10 character passwords, it could make MD5s very insecure.

What if we made an online cracker that runs rainbow tables up to 8 characters and then splits up the keyspace and sends it to 5000 volunteers' computers. By splitting up the keyspace over 5000 computers, we could test a 9-10 character password in a day instead of 26 years.
View user's profile Send private message
PostPosted: Thu Jul 05, 2007 10:19 pm Reply with quote
Sm0ke
Moderator
Moderator
Joined: Nov 25, 2006
Posts: 141
Location: Finland




8-9 charater password takes only 5-30 minutes whit rainbowtables

Look tables here http://freerainbowtables.com/
View user's profile Send private message
PostPosted: Fri Jul 06, 2007 3:26 am Reply with quote
agentsteal
Regular user
Regular user
Joined: Jun 09, 2007
Posts: 5




well 9 characters alpha is possible but 9 characters alphanumeric takes over a year... and 10 characters alphanumeric takes over 25 years... 11 characters alphanumeric takes over 800 years. milw0rm's cracker only goes up to 7 characters, and they have cracked less than half of their hashes.

But my point is that if we make a project that splits up the keyspace between volunteers' computers and get [the number of years the keyspace takes] * 365 volunteers, we could try the keyspace in a day, and potentially crack keyspaces like alphanumeric 9-11, which would totally make MD5 insecure.
View user's profile Send private message
PostPosted: Fri Jul 06, 2007 4:18 am Reply with quote
Sm0ke
Moderator
Moderator
Joined: Nov 25, 2006
Posts: 141
Location: Finland




9-9 loweralpha-numeric would take 25 years to make. If you get 5000 volunteers it will take only 2,94 day per person. But you will never get that mutch volunteers so forget it... Arrow
View user's profile Send private message
PostPosted: Fri Jul 06, 2007 8:39 am Reply with quote
drag
Active user
Active user
Joined: May 31, 2007
Posts: 25




Rainbow tables as the answer to 'cracking' passwords quickly, and how to imlement this, is always fun for me to think about. I'm more of a hardware engineer than software, and have always thought a fun project would be a hardware based rainbow table generator/cracker. I'm curious to know how well hardware could do the job. I'd bet that a rainbow table custom processor could be 1000x as fast. Would be a really fun project.. if only I had more time.
View user's profile Send private message
PostPosted: Fri Jul 06, 2007 2:05 pm Reply with quote
Chb
Valuable expert
Valuable expert
Joined: Jul 23, 2005
Posts: 206
Location: Germany




I would like to have some COPACOBANAs... Smile

_________________
www.der-chb.de
View user's profile Send private message Visit poster's website ICQ Number
MD5 idea
www.waraxe.us Forum Index -> Hash related information
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT
Page 1 of 1

Post new topicReply to topic


Powered by phpBB © 2001-2008 phpBB Group



Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.035 Seconds