Brute-forcing...?

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

TS_Death_Angel
Forum Commoner
Posts: 31
Joined: Sat Dec 31, 2005 8:49 am

Brute-forcing...?

Post by TS_Death_Angel »

Hello.

I've been looking for a bit of code that will brute-force an MD5 hash. I try to make my own, and it only makes my head hurt, and I can't find anything on Google, which makes my head hurt even more! ^_^' So I'd appreciate it if someone could give me a small piece of code that will brute force a hash. Cheers.
nickvd
DevNet Resident
Posts: 1027
Joined: Thu Mar 10, 2005 5:27 pm
Location: Southern Ontario
Contact:

Post by nickvd »

Just out of morbid curiosity... you ARE aware of how long brute forcing a hash can take right?

I'm not talking days or weeks or years here either...
User avatar
Buddha443556
Forum Regular
Posts: 873
Joined: Fri Mar 19, 2004 1:51 pm

Post by Buddha443556 »

You sure your not looking for a collision generator?
TS_Death_Angel
Forum Commoner
Posts: 31
Joined: Sat Dec 31, 2005 8:49 am

Post by TS_Death_Angel »

@nickvd: I am well aware of how long it takes, but it is not my goal to crack one particular hash, but rather make a lookup table for ALL hashes.

@Buddha443556: Nope, I'm just looking for a snippet of code that will systematically try different values.
nickvd
DevNet Resident
Posts: 1027
Joined: Thu Mar 10, 2005 5:27 pm
Location: Southern Ontario
Contact:

Post by nickvd »

What are the possible values for the original? a-z, 0-9, special chars, etc...
What is the length of "password" that you are looking to generate?

If you want to generate the hashes for any and all possible values (aaaa, aaab, aaac, aaad, aaae, etc...) Your great, great, great, great, great, great, great grandchildren may still be alive to see the end results...
TS_Death_Angel
Forum Commoner
Posts: 31
Joined: Sat Dec 31, 2005 8:49 am

Post by TS_Death_Angel »

Didn't I just say I'm not looking for a specific result? :P I'm just looking for a snippet of code that will brute force a hash.

Oh, and I'll use letters and numbers.
User avatar
waradmin
Forum Contributor
Posts: 240
Joined: Fri Nov 04, 2005 2:57 pm

Post by waradmin »

Why not just generate a string of numbers and letters. If that string is not = to the MD5 hash, insert attempted string into the DB, and repeat.

Its a simple code, query database, get value (MD5), generate string, if string != MD5 insert string into DB.

However, this will likely crash your server.
TS_Death_Angel
Forum Commoner
Posts: 31
Joined: Sat Dec 31, 2005 8:49 am

Post by TS_Death_Angel »

And it will not know where to stop, be unorganised, and wasted processing power will go to checking if the string has already been generated. I've already tried this approach and realized that it was just completely futile :P
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

Could you post your code so we can suggest how to alter it to fit your goal?
User avatar
bokehman
Forum Regular
Posts: 509
Joined: Wed May 11, 2005 2:33 am
Location: Alicante (Spain)

Post by bokehman »

Code: Select all

<?php

$charset = 'abcdefghijklmnopqrstuvwxyz'; # alter to suit your ideology

$md5 = '348a448a51d1e0f0f5eee42337d12adc'; #md5 we want to "crack"

echo brute_force_md5($md5, $charset, 4); # crack it

function brute_force_md5($md5, $charset, $max_len)
{
	$charset = array_merge(array(null), str_split($charset));
	for($i = 0; $i < $max_len; ++$i)
	{
		@$part1 .= 'for($k'.$i.' = 0, $count = count($charset); $k'.$i.' < $count; ++$k'.$i.') ';
		@$part2 .= ($i?'.':'') . '$charset[$k'.$i.']';
	}
	return eval($part1.'if($md5 === md5($rtn = '.$part2.')) return $rtn; return false;');
}

?>
I wrote one that uses a dictionary here. Much more efficient. It runs about 150,000 english words in just over one second.
Last edited by bokehman on Sat Sep 30, 2006 4:57 am, edited 2 times in total.
User avatar
bokehman
Forum Regular
Posts: 509
Joined: Wed May 11, 2005 2:33 am
Location: Alicante (Spain)

Post by bokehman »

TS_Death_Angel wrote:@nickvd: I am well aware of how long it takes, but it is not my goal to crack one particular hash, but rather make a lookup table for ALL hashes.
Such a statement assumes each hash only has one possible source where in fact there are an infinite number of source combinations for each hash hence the term collision, not decrypt.
TS_Death_Angel
Forum Commoner
Posts: 31
Joined: Sat Dec 31, 2005 8:49 am

Post by TS_Death_Angel »

Yes, I know there will be collisions, but I will sort out all of these problems (as well as batch writing rather than writing a hash every time it's calculated) once I complete the script.

Thanks for that snippet :)

Edit: Your dictionary script is very nice ^^'
User avatar
bokehman
Forum Regular
Posts: 509
Joined: Wed May 11, 2005 2:33 am
Location: Alicante (Spain)

Post by bokehman »

TS_Death_Angel wrote:Yes, I know there will be collisions, but I will sort out all of these problems (as well as batch writing rather than writing a hash every time it's calculated) once I complete the script.

Thanks for that snippet :)
The idea of having a look up table is ridiculous,. Have you got any idea how many cominabions there are.
Three point four hundred billion billion billion billion. And each of those has an infine number of sources that can create it.
TS_Death_Angel
Forum Commoner
Posts: 31
Joined: Sat Dec 31, 2005 8:49 am

Post by TS_Death_Angel »

I know it's rediculous. However, it will also help me work on my PHP skills, which I've been looking to do ;P
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

copying code does not improve skills ;)
Post Reply