Crack an MD5 Encrypted Hash

[..:: Devil_king ::..]

What is an MD5?

An MD5 hash is a cryptographic has function with a 128 bit hash value. It has become an internet standard for securing text and data.

FAQs

Can you go and decrypt an MD5? Why is it so hard?

Well, an MD5 is a non-decryptable hash and it is non-reversible. There is no way to get the original data from an MD5 value. All of the original data is gone once you encrypt an MD5 hash.

How do web servers check passwords if they cannot decrypt the hash from their database?

Suppose we had a server with some login entries. What a web server will do is first identify if the username exists and if so, it will hash the entered password and then compare that string. It may look something like this:

Code:

 

if(md5($_POST["password"]) == $encryptedPassFromDatabase) {

//Login successful 

} else {

//Login failed

}

Identifying an MD5

An MD5 hash will be 32 digits long. It will also only use the letters A - F as well as the numbers 1 - 9. An example hash may be: 40142802cd53acf0acb56719ddb4a3e1

Cracking an MD5

There are a few different ways that you can crack an MD5 hash but they all revolve around the same technique. Because the hash cannot be reversed, the only way to crack it is to encrypt text and then compare it against the hash. A couple examples would be:

- Dictionary Attack (Where the cracker has a set password list and they have a program encrypt and compare these hashed passwords).
- Brute Force Attack (Where the cracker will begin encrypting all possible text combinations in order to compare them against the hash. This will take around a few thousand years unless you have a super computer. The amount of possible passwords for a password up to ten digits is 35^10.