Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 10 Mar 2006 16:34:14 +0300
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: checking only first 5 characters of a md5 hash

On Thu, Mar 09, 2006 at 11:43:40AM +0100, Turko wrote:
> My problem is this: I have only the first 5 characters of a md5 hash.

Are those the first 5 characters of an ASCII encoding of an MD5 hash or
the first 5 bytes of an MD5 hash?

Is this a raw MD5 hash (typically encoded as a string of 32 hexadecimal
characters) or a FreeBSD-style MD5-based hash (typically encoded as a
string starting with the characters "$1$")?

How do you know it's MD5?

In fact, can you simply share those 5 characters with us?

> Is it possible telling John to check only them during the crack?

No.  John normally operates on internal representations of hashes, not
on ASCII encodings (the ASCII encodings are decoded at load time) - so
making it operate on only certain characters of the encoding is
non-trivial.

> I mean, is correct the idea that checking only the first 5 is better then
> all others ?

I don't understand this idea/question.

> Many keys can be encrypted and having the same first 5
> characters so it would be faster then cracking all 16 right?

Yes, you might find a password that produces the right first 5
characters or bytes quicker.  This won't necessarily be the original
password.  If the target system only checks those 5 characters or bytes,
then any password you can find in this way will be as good as the
original one.

On the other hand, if the target system checks the entire MD5 hash - of
which you only have the first 5 characters of an ASCII encoding or the
first 5 bytes - then many or most passwords you might find won't work to
login to the system.

With typical users' passwords, 5 characters of a hex-encoding (20 bits)
might not be enough to identify just the original password (and no other
realistic passwords producing the same 5 characters), whereas 5 bytes of
the hash itself (40 bits) will likely be enough.

> How can I tell John to get the substring of the hash and checking only its 5
> chars?

That would require a source code patch.

If you only need this done once, it might be quicker for you to write a
Perl script that would use Digest::MD5 and accept a stream of candidate
passwords on the standard input.  Then use "john ... --stdout" to feed
candidate passwords to this Perl script.

-- 
Alexander Peslyak <solar at openwall.com>
GPG key ID: B35D3598  fp: 6429 0D7E F130 C13E C929  6447 73C3 A290 B35D 3598
http://www.openwall.com - bringing security into open computing environments

Was I helpful?  Please give your feedback here: http://rate.affero.net/solar

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.