• Welcome to Valhalla Legends Archive.
 

The death of MD5

Started by Skywing, November 14, 2005, 01:53 PM

Previous topic - Next topic
Print
|
Go Down Pages 1 2 3 4 5
User actions

AcidAngel

#60
January 23, 2006, 11:07 AM
http://thepiratebay.org/details.php?id=3408209

1-7 character alphanumeric table


yes i know this thread is oldnews

iago

#61
January 23, 2006, 11:55 AM
Quote from: AcidAngel on January 23, 2006, 11:02 AM
as i pointed out on the aim dev forum, md5 can be reversed simply using precomputed hash tables, you can squeeze a rather large alphanumeric table onto a dvd, or use some of the available tools to generate your own tables based on what characters you want. I know of a couple sites that store precomputed tables for very very large tables (alphanumeric + symbols + lots of chars) but they all charge you to perform a look up (you submit an md5 and it returns to you all matches to that md5). finding the same tables already generated probably isnt that hard with a lil looking around though. And performing a lookup on said table takes very little time.

just some 2 cents.

There are also free tables. 

But any programmer with half a brain for security adds a salt, which makes pre-computed tables effectively useless. 
This'll make an interesting test for broken AV:
QuoteX5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

AcidAngel

#62
January 23, 2006, 01:07 PM
any programmer with half a brain for security would not have used md5 as their authentication protection in the first place =)

iago

#63
January 23, 2006, 06:30 PM
Why not?  MD5 is still fine for passwords, and I still use it for passwords.  If there's some reason not to hash passwords with it, please tell me. 
This'll make an interesting test for broken AV:
QuoteX5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

Print
|
Go Up Pages 1 2 3 4 5
User actions