Lost Password?

Go Back   CodeCall Programming Forum > Software Development > General Programming > Programming Theory
Reload this Page md5 brute forcer?
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

Programming Theory Discuss programming theory, algorithm efficiency, logic, and other any other category where math and computer science overlap.

Reply
Page 1 of 3 1 23 >
 
LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 12-21-2007, 08:08 AM
TcM's Avatar   
TcM TcM is offline
Terminator - I'll be back
  
Join Date: Aug 2006
Location: In a technologic world :p
Posts: 5,748
Rep Power: 47
TcM is a jewel in the roughTcM is a jewel in the roughTcM is a jewel in the rough
Default md5 brute forcer?
If we make an md5 for a file and then brute force that md5 what string will the brute forcer generate?
__________________
CodeCall Blog | CodeCall Wiki | Shareware | Linux Forum
Chat with other CodeCall members on IRC; connect to irc.codecall.net and join #codecall


Business Directory | Technology Blog | Windows Help
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote

Sponsored Links
  #2 (permalink)  
Old 12-21-2007, 11:17 AM
WingedPanther's Avatar   
WingedPanther WingedPanther is offline
Super Mod
  
Join Date: Jul 2006
Age: 35
Posts: 1,758
Last Blog:
Game software (GURPS)
Rep Power: 24
WingedPanther is a name known to allWingedPanther is a name known to allWingedPanther is a name known to allWingedPanther is a name known to allWingedPanther is a name known to allWingedPanther is a name known to all
Default
Brute forcing an md5 is finding another string that produces the same md5 hash. It could produce any of the infinitely many strings that have the common md5 hash.
__________________
CodeCall Blog | CodeCall Wiki | Shareware | Linux Forum
Chat with other CodeCall members on IRC; connect to irc.codecall.net and join #codecall
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #3 (permalink)  
Old 12-21-2007, 12:16 PM
TcM's Avatar   
TcM TcM is offline
Terminator - I'll be back
  
Join Date: Aug 2006
Location: In a technologic world :p
Posts: 5,748
Rep Power: 47
TcM is a jewel in the roughTcM is a jewel in the roughTcM is a jewel in the rough
Default
So a file and a string can have the same md5?
__________________
CodeCall Blog | CodeCall Wiki | Shareware | Linux Forum
Chat with other CodeCall members on IRC; connect to irc.codecall.net and join #codecall


Business Directory | Technology Blog | Windows Help
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #4 (permalink)  
Old 12-26-2007, 11:22 AM
WingedPanther's Avatar   
WingedPanther WingedPanther is offline
Super Mod
  
Join Date: Jul 2006
Age: 35
Posts: 1,758
Last Blog:
Game software (GURPS)
Rep Power: 24
WingedPanther is a name known to allWingedPanther is a name known to allWingedPanther is a name known to allWingedPanther is a name known to allWingedPanther is a name known to allWingedPanther is a name known to all
Default
Yes.
__________________
CodeCall Blog | CodeCall Wiki | Shareware | Linux Forum
Chat with other CodeCall members on IRC; connect to irc.codecall.net and join #codecall
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #5 (permalink)  
Old 12-29-2007, 05:41 PM
TcM's Avatar   
TcM TcM is offline
Terminator - I'll be back
  
Join Date: Aug 2006
Location: In a technologic world :p
Posts: 5,748
Rep Power: 47
TcM is a jewel in the roughTcM is a jewel in the roughTcM is a jewel in the rough
Default
I thought that md5 was unique for every string/file. So the string generated can be just a random string.. has nothing to do with the file name?
__________________
CodeCall Blog | CodeCall Wiki | Shareware | Linux Forum
Chat with other CodeCall members on IRC; connect to irc.codecall.net and join #codecall


Business Directory | Technology Blog | Windows Help
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote

Sponsored Links
  #6 (permalink)  
Old 12-30-2007, 01:33 AM
John's Avatar   
John John is offline
Co-Administrator
  
Join Date: Jul 2006
Age: 19
Posts: 2,364
Last Blog:
PHPUnit
Rep Power: 50
John is a glorious beacon of lightJohn is a glorious beacon of lightJohn is a glorious beacon of lightJohn is a glorious beacon of lightJohn is a glorious beacon of light
Send a message via AIM to John
Default
md5 is a 128-bit hash, which is generally represented as a 32-character hexadecimal string. I've read numerous documents on how the md5 algorithm works, and I still can't understand it, but the md5 hash is dependent on the entire file. However, there are only a certain amount of 32-character combinations / permutations that can be created, so there is a possibility [around 1 x 10^-100] that two files will have the same exact md5 hash [which is called an md5 collision].

There was an Asian professor [Wang I believe] who "cracked" the md5 and created an algorithm to create md5 collisions, about 10 years ago. I was doing some reading the other day, and I read that there is an algorithm to create a collision as fast as 31 seconds.
__________________
CodeCall Blog | CodeCall Wiki | Shareware | Linux Forum | My Blog
Chat with other CodeCall members on IRC; connect to irc.codecall.net and join #codecall
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #7 (permalink)  
Old 12-30-2007, 06:25 AM
TcM's Avatar   
TcM TcM is offline
Terminator - I'll be back
  
Join Date: Aug 2006
Location: In a technologic world :p
Posts: 5,748
Rep Power: 47
TcM is a jewel in the roughTcM is a jewel in the roughTcM is a jewel in the rough
Default
But what is the aim to create md5 collisions?
__________________
CodeCall Blog | CodeCall Wiki | Shareware | Linux Forum
Chat with other CodeCall members on IRC; connect to irc.codecall.net and join #codecall


Business Directory | Technology Blog | Windows Help
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #8 (permalink)  
Old 12-30-2007, 06:28 AM
Maurice_Z Maurice_Z is offline
Learning Programmer
  
Join Date: Nov 2007
Location: Poland
Posts: 35
Rep Power: 3
Maurice_Z is on a distinguished road
Send a message via ICQ to Maurice_Z Send a message via AIM to Maurice_Z Send a message via MSN to Maurice_Z Send a message via Yahoo to Maurice_Z
Default
Prove that there is still a room for something better than md5 I guess. To get a better knowledge on security, to improve security. Something around this things I guess, since md5 is really widely used in passwords encrypting (Is this the proper word?).
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #9 (permalink)  
Old 12-30-2007, 12:56 PM
John's Avatar   
John John is offline
Co-Administrator
  
Join Date: Jul 2006
Age: 19
Posts: 2,364
Last Blog:
PHPUnit
Rep Power: 50
John is a glorious beacon of lightJohn is a glorious beacon of lightJohn is a glorious beacon of lightJohn is a glorious beacon of lightJohn is a glorious beacon of light
Send a message via AIM to John
Default
Quote:
Originally Posted by TheComputerMaster View Post
But what is the aim to create md5 collisions?
I can only think of malicious reasons to create collisions. If you know a password hash, and can create a collision, you "cracked" the password. Also many applications use md5 to verify a files integrity, creating a collision, could allow you to pack a virus with an exe and keep the exe's same checksum, potentially going undetected by anti-virus software.
__________________
CodeCall Blog | CodeCall Wiki | Shareware | Linux Forum | My Blog
Chat with other CodeCall members on IRC; connect to irc.codecall.net and join #codecall
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #10 (permalink)  
Old 12-30-2007, 01:08 PM
TcM's Avatar   
TcM TcM is offline
Terminator - I'll be back
  
Join Date: Aug 2006
Location: In a technologic world :p
Posts: 5,748
Rep Power: 47
TcM is a jewel in the roughTcM is a jewel in the roughTcM is a jewel in the rough
Default
So the file will force the Md5 checkers to generate an md5 that the malicious file wants.. right?
__________________
CodeCall Blog | CodeCall Wiki | Shareware | Linux Forum
Chat with other CodeCall members on IRC; connect to irc.codecall.net and join #codecall


Business Directory | Technology Blog | Windows Help
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote

Sponsored Links
Reply
Page 1 of 3 1 23 >

« Previous Thread | Next Thread »


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

Similar Threads
Thread Thread Starter Forum Replies Last Post
Brute Force Password Heuristics Temujin_12 General Programming 4 12-06-2007 10:24 AM


All times are GMT -5. The time now is 01:07 AM.

Contact Us - Programming Forum - Archive - Top

CodeCall

Contest Stats

dargueta ........ 93.00000
John ........ 87.50000
Xav ........ 70.00000
MeTh0Dz ........ 20.00000
gaylo565 ........ 18.00000
Johnnyboy ........ 3.00000

Contest Rules

Sponsors

Linux Forums
Electronic Music

Ads