Page 1 of 1

php crypt brute force...

Posted: Sat Oct 24, 2009 5:39 pm
by zurich
Hi guys,

A guy at work gave me a challenge: simple task.

I have a php crypt() hash, example: 1j3c5JNdu4gxU
I know the salt which was used: 1jtest

I need to reverse the crypt function to find the original password.
I know crypt is not reversible, and hence therefore need to brute force. I know that crypt() only uses max. 8 characters.

So:
1-8 characters. Salt known.

I have tried to write a for(for(for(xxxxx))) to generate the different hashes, but its too hard for my PC to handle..
Do you guys have any suggestions on how to optimize the process? is there any weaknesses in php crypt() that can be used? or do I just need a supercomputer to do the math for me??

Thanks in avance.

Re: php crypt brute force...

Posted: Sat Oct 24, 2009 5:47 pm
by Mark Baker
Are you sure this isn't a rigged challenge. I'm not aware of any hash algorithm that returns a 13-character hash value

Re: php crypt brute force...

Posted: Sat Oct 24, 2009 5:53 pm
by zurich
hmmm, seems quite right in my mind, example:

Code: Select all

 
$var = crypt("devnetwo", "1jtest");
echo "var: ".$var."<br><br>";
 
returns:

Code: Select all

 
var: 1jM4aEf1ozZdQ
 
which is 13 characters....

Re: php crypt brute force...

Posted: Sat Oct 24, 2009 6:17 pm
by requinix
crypt() can generate 13 character hashes.

There is no reverse-crypt() function. Doesn't exist. Can't exist. All you can do is brute-force it: guess a string, crypt() it, and compare the hashes.

There are weaknesses to every encryption and hashing function, but for a "simple task" it'll take you a lot of work.

A suggestion: if you manage to break crypt(), publish the results. You'll become famous.

Re: php crypt brute force...

Posted: Sat Oct 24, 2009 6:27 pm
by zurich
he he... ;-)

I know its irreversible, hence no easy solution.. but I just thought that someone knew how to break down the problem into minor bits so that the cpu workload would be greatly reduced. But guess I should search for a way to borrow time on a supercomputer somewhere and then produce the function to create all posible text-combinations; crypt() them one at a time and do a comparison...

these guys talk about doing it recursively: http://stackoverflow.com/questions/361/ ... f-a-string

could be an approch, my original idea was to do it in 8 nested for() loops... however no matter what I need to enforce some kind of way to monitor the progress as it could take days (haven't calculated on the amount of different values yet).