Comments on: Google as a password cracker

By: michosn

michosn — Wed, 30 Apr 2008 11:52:39 +0000

i found many sites that give md5 coding and decoding like
http://www.joomlaaa.com/md5-coding-decoding
i do not know how they can decode md5
anyone know a script to decode md5

By: Johan Sundström

Johan Sundström — Sat, 01 Mar 2008 19:33:50 +0000

I just wrapped up a neat web page tool to query Google about MD5, SHA1 and (optionally) plaintext password versions live. Good fun!

By: adi

adi — Mon, 07 Jan 2008 12:36:30 +0000

its a good fun

By: pr00t

pr00t — Tue, 01 Jan 2008 18:46:37 +0000

My personnal project:
Online MD5 Reverser - Hash cracker !
http://ice.breaker.free.fr/

By: clic

clic — Sun, 30 Dec 2007 15:34:31 +0000

with google I have found this:
https://secure.sensepost.com/sp-hash/cigzg

what is?

By: anas

anas — Tue, 25 Dec 2007 22:37:59 +0000

ok i´ve got a little question , i am from germany btw =)
you are talking all the time about hash etc
do you mean , you coud crak apsses with this?and if yes then HOW ^^
greetz

By: Solomon Haile

Solomon Haile — Tue, 18 Dec 2007 21:15:34 +0000

very interesting what you can find on google search

By: jont

jont — Mon, 17 Dec 2007 10:54:46 +0000

Salt is useful since it forces the off-line password search to be repeated anew for each password you want to break, rather than the attacker being able to use a pre-computed database to attack many passwords in parallel. And yes, it should be unique per account (or better, per password–new password means new salt).

There’s another technique: make the hash algorithm SLOW. For a simple example, iterate the hash 10,000 times. The performance impact on your system is negligible, but the performance impact on the attacker is huge.

By: TC

TC — Mon, 17 Dec 2007 10:13:12 +0000

@102
We weren’t debating which terms we like best. We were debating what are the actual meanings of those terms.

If a person refered to html as a “procedural programming lanaguage”, would you tell him that he had that wrong? Or would you say, “Oh, that’s the term he prefers, it’s just a personal thing, I shouldn’t argue the point with him” ?

Anyway - I’m outta here!

By: SGBotsford

SGBotsford — Sun, 16 Dec 2007 07:37:00 +0000

@Mark:
Ok, why would unsalted vs salted be a divisor of logN

In terms of collisions: If MD5 is a random hash function (all outputs are equally likely) then adding a salt would not change the time required to get a collision. It’s just that a collision is far less likely to have useful information.

E.g. You may discover that S1:P1 has the same hash as S2:P2 I don’t see how this is a win.