Re: reversing hash ?

From: mrpolitics.mrkane (mrpolitics_at_cinci.rr.com)
Date: 05/11/03 

Date: Sun, 11 May 2003 18:25:37 GMT

Well I didn't take a look at the code but, for future reference...

If Say I took password A and encrypted it with some sort of MD5 Hash, you
not going to reverse the MD5, what you can do insted is try to guestimate
how many possible characters where used to create the password, and try
brute forcing it (see if the hashes match up). Basicly you want to limit
yourself with the searching... another thing, say the hash is "7462443859",
and lets say because your really lucky that the password is the same length,
break your code into pieces for creating the password. Say the password is
"9583442647", insted of generating strings of 10 bytes, generate two strings
of random characters of 5 bytes each and combine them later. For some
reason in languages like VB this gives a performence boost. I don't use
java, but figured I'd throw out the idea for you.

Good luck!

"Spamhater" <spam_them@yahoo.com> wrote in message
news:3ebe5ebd$0$26703$ba620e4c@reader1.news.skynet.be...
> Looking for a solution to crack a javascript hash coded string !
> I'm not active in informatics professionally but I do some programming in
my
> spare time.. I've set up a delphi program that I guess does some Brute
force
> attack on the code but it already runs 2 days and is only 10% completed I
> think (2,4 Ghz machine)...!
> Could anyone tell me how I could crack this code ? I've included the
source
> herafter....
>
> The password file gives this:
>
> m[m.length]=new Array("425","894203311","vzkBg","onvmtj.ixm");
>
> I've already come up with the username (425), the string "fps" gives the
> same hash value of 425... The second is the password (894203311) and it is
> used to decrypt the destination...
>
>
> Hopefully you can help me ?
>
> thank you very much in advance...
>
> Sniper
>
> m=new Array();
> var
>
alpha="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefg
> hij";
>
> function box(part,c,r)
> { prms=new Array(r,c); typ=new Array("rowspan=","colspan=");
> bx=new Array("<tr>","</tr>","</tr><tr>","</table>");
> clr=new Array("808080","c0c0c0","ffffff","000000");
> img='<img src="blank.gif" width=1 height=1>'; txt="";
> bx[bx.length]='<table border=0 cellpadding=0 cellspacing=0>';
> for(bi=0;bi<4;bi++)
> { for(bj=0;bj<2;bj++)
> bx[bx.length]='<td '+typ[bj]+(2*bi+prms[bj]);
> bx[bx.length]=' bgcolor="#'+clr[bi]+'">'+img+'</td>'; };
> ord=new Array();
> ord[0]=new
> Array(4,0,14,16,12,16,14,16,2,11,13,9,13,11,7,2,8,10,6,10,8,10,1);
> ord[1]=new Array(0,6,10,2,9,7,2,12,16,1,3);
> for(bi=0;bi<ord[part].length;bi++)
> txt+=bx[ord[part][bi]]+"\n";
> return txt; };
>
> function check(frm)
> { var ary=new Array(0,1,1,7,9,8); f=new Array();
> for(i=0;i<3;i++)
> ary[i]=makehash(frm.elements[ary[i]].value,ary[i+3]);
> for(i=0;i<m.length;i++)
> if(m[i][0]==ary[0]) f[f.length]=i;
> if(f.length==0) { alert("Member Not Found"); return; };
> for(i=0;i<f.length;i++)
> if(m[f[i]][1]==ary[1])
> { ary[2]+=" ";
> for(j=2;j<m[f[i]].length;j++)
> { t=""; cnt=0;
> for(k=0;k<m[f[i]][j].length;k++)
> { c=m[f[i]][j].substring(k,k+1);
> a=alpha.indexOf(c,9);
> if(a>-1)
> { b=a-(ary[2].substring(cnt,cnt+1)*1);
> c=alpha.substring(b,b+1);
> cnt=(cnt+1)%(ary[2].length-1); };
> t+=c; };
> m[f[i]][j]=t; };
> if(m[f[i]].length>4)
> { wt='<html><body
> bgcolor="#bfbfbf"><center><form>'+box(0,1,1)+'<tr><td
> align="center">Destination<br>';
> wt+='<select size=5
>
onchange="window.opener.window.opener.location=this.options[this.selectedInd
> ex].value; window.opener.close(); window.close();">';
> for(j=2;j<m[f[i]].length;j=j+2)
> wt+='<option value="'+m[f[i]][j+1]+'">'+m[f[i]][j];
> wt+='</select></td></tr>'+box(1,1,1)+'</form></body></html>';
> w=window.open("","ls","width=150,height=150");
> w.document.write(wt); w.document.close(); }
> else { window.opener.location=m[f[i]][3]; window.close(); };
> return; };
> alert("Incorrect Password!");
> };
>
> function makehash(str,mult)
> { hash=0;
> for (j=0;j<str.length;j++)
> hash=hash*mult+alpha.indexOf(str.substring(j,j+1),0)+1;
> return hash; };
>
>

Relevant Pages

  • md5 with small strings
    ... 16-byte hash for strings that could by anywhere from 20 to 200 bytes ... I understand that md5 is very good at avoiding collisions, ... use this hash if the odds are good that there wouldn't be any. ...
    (comp.security.misc)
  • The certification password of Internet Explorer 7 and operation of auto complete
    ... About the certification password of Internet Explorer and operation ... By remembering the strings that are input in the following text ... In this registry, there are values whose name is a string of 42 bytes ... We cannot guess the original strings from the hash value, ...
    (Bugtraq)
  • Re: Maximum String size in Java?
    ... > for long strings, so on average, SFH bakes it in the performance ... >> distribution over the hash table size. ... > you need to be concerned about Unicode strings. ... construct a hash function that does appreciably better than the one ...
    (comp.programming)
  • Re: Rand generator (MD5)
    ... My micro cannot handle anything more than 32 bits! ... YOu do not have MD5. ... It does not sound to me like your hash implimentation is very ... void byteReverse(unsigned char *buf, unsigned longs); ...
    (sci.crypt)
  • Re: Rand generator (MD5)
    ... My micro cannot handle anything more than 32 bits! ... YOu do not have MD5. ... It does not sound to me like your hash implimentation is very ... void byteReverse(unsigned char *buf, unsigned longs); ...
    (sci.crypt)