Page 2 of 2
Posted: Thu Feb 23, 2006 12:35 am
by AGISB
Ambush Commander wrote:But it would take a long time to cycle through all possible combinations for 1GB files.
You don't need to do that. The size of the file does not matter when trying to find a collition. A 8 char word might have the same md5 than your GB file. In theory the collition can be found in 1 second if one gets very very very ............ very lucky
The problem is that md5 is no crypt. The collition would only be a danger if someone manages to create a virus or trojan that has the same hash than a downloaded prog.
The other use might be if a pw hash is found sniffing a network. The chance of finding a pw is kind of high as the brute force only has to check for the password. If the pw is insecure you might not even need to md5 it over the network. This however has nothing to do with cracking md5 but cracking the pw. Here it doesn't matter if you use md5 or even sha256 or higher. The only secure way is the above mentioned use of a salt.
Posted: Sat Feb 25, 2006 8:07 pm
by Ambush Commander
You don't need to do that. The size of the file does not matter when trying to find a collition. A 8 char word might have the same md5 than your GB file. In theory the collition can be found in 1 second if one gets very very very ............ very lucky
Since we're being really nitpicky here, you're right. On average, you'd have to cycle through half of them.
Posted: Sun Feb 26, 2006 12:30 am
by josh
AGISB wrote: if someone manages to create a virus or trojan that has the same hash than a downloaded prog.
In order to do this they would have to take the md5 hash and then do a brute force against it, finding all possible things that equal that hash.
Let's say the virus is a measly 3Kb, that would be like trying to crack a 3,072 character string. To make matters more difficult they would just have to *happen* to stumble across a string that just so happens to be binary that actually runs as an executable, to add onto this even if in the extremely remote chance they did it will likely not be a virus.
In short impossible.
Posted: Mon Feb 27, 2006 2:52 am
by Maugrim_The_Reaper
Some funky words of wisdom...
"Nothing is Impossible."
It be highly improbably...

Posted: Mon Feb 27, 2006 4:40 am
by patrikG
Posted: Mon Feb 27, 2006 8:01 am
by Roja
Great quote:
Be warned though, Rainbow tables can be defeated by salted hashes. Love it.

Salted hashes
Posted: Thu Apr 27, 2006 12:07 pm
by Martin2006
The problem with rainbow tables is, as Roja has just pointed out, that they are defeated by salted hashes. I recently wrote (in C#, not PHP I'm afraid - but still relevant since you are talking about breaking MD5) a dictionary based cracker for salted MD5 files and thought this might be of interest to you...
http://www.m-s-d.net/2006/04/md5-salt-cracking.html is the post and the cracker can be found at
http://www.m-s-d.net/files/Crack-bin.zip.
I'm just adding the final touches to a proper bruteforce mode and will let you know (if interested) when it is done. At the moment it takes about 4 days to crack a 6 character a-zA-Z1-9 pass.
Martin