Can MD5 be cracked?

**CeleronXT** · Sat 3 Jul '04, 11:04am

Apparently it can, but probably not for vB3's passwords. Unless you run it through multiple times, and strip out the salt the second time. Hrm. *ponders*

**Zachery** · Sat 3 Jul '04, 11:06am

This only applys, at least i think, to a plain MD5

md5(test)

not

the crazyness vBulletin 3 uses to store its hashed passwords.

**Wayne Luke** · Sat 3 Jul '04, 11:09am

It is still a brute force tool. Just stores hashes of its dictionary terms and compares them for similarity.

**filburt1** · Sat 3 Jul '04, 12:16pm

MD5 is a hashing algorithm, not an encryption algorithm. This means, among other things, that data is lost in the process of generating the MD5 hash. There is no way to revert back to the original string (or at least a string that matches one of the 18,446,744,073,709,551,616 MD5 hashes that are 16 hex chars in length) besides a brute force algorithm.

**orca** · Sat 3 Jul '04, 1:01pm

Well, to answer that question in a general manner: Nothing's 100% secure.

**Shining Arcanine** · Sat 3 Jul '04, 3:30pm

Mathematically (and logically) speaking, you'd have to take into account the salt, which unless you have it cannot be eliminated from the equation. Therefore the ballpark range of the amount of time required to hack an MD5 hash using vBulletin's variable length salt would be the amount of time it would take to crack an MD5... squared. With the cookie hash, you'd need to crack an additional md5 which would cube the amount of time it takes to crack the password. Or in other words, it isn't happening any time soon.

Edit: The triple hash has so many complications due to the fact that the data is lost in hashing that I doubt that it can be accelerated by caching. While I'm sure that something would be found for the first hash, I doubt that it would be the result of md5(md5(password).salt)+license. The only way to get a password out of a triple hash that with my knowledge I can think of would be a brute force which already has the license key and salt (which would reduce the complexity down to a single hash). If it doesn't, it would be easier to brute force the login screen.

**LeeCHeSSS** · Sat 3 Jul '04, 4:06pm

I'm not wellversed in this topic, but isn't it *possible* for 2 DIFFERENT strings that are md5-hashed both result in the same hash?

**Floris** · Sat 3 Jul '04, 4:14pm

No, you can't crack it.

**Icheb** · Sat 3 Jul '04, 4:27pm

Originally posted by LeeCHeSSS

I'm not wellversed in this topic, but isn't it *possible* for 2 DIFFERENT strings that are md5-hashed both result in the same hash?

Sure. Hash a 700 mb file and you'll get a 16 character-string. So either it's the best compression algorithm of the world or there's bound to be some strings that overlap.

Originally posted by Floris

No, you can't crack it.

Well, it depends on what you call "crack it". Reverse it / Extract the original? No. Bruteforce it? Sure. You can bruteforce just about everything.

**Xenon** · Sat 3 Jul '04, 4:40pm

Originally posted by LeeCHeSSS

I'm not wellversed in this topic, but isn't it *possible* for 2 DIFFERENT strings that are md5-hashed both result in the same hash?

As Icheb said already, yes, two different strings can have the same md5 hashcode, so therfore you can find out synonyms for passwords.

It's mathmatically not possible to reconstruct the original password, as two different words can have the same hash, but it's possible to generate a synonym, so actually yes it can be cracked, but it's not an easy task to do

**Shining Arcanine** · Sat 3 Jul '04, 5:51pm

Originally posted by Floris

No, you can't crack it.

Yes you can if you have enough time (only God knows how much time enough time is).

Originally posted by Xenon

As Icheb said already, yes, two different strings can have the same md5 hashcode, so therfore you can find out synonyms for passwords.

It's mathmatically not possible to reconstruct the original password, as two different words can have the same hash, but it's possible to generate a synonym, so actually yes it can be cracked, but it's not an easy task to do

If you keep going long enough it is, you won't know which one is the orignal through.

**Icheb** · Sat 3 Jul '04, 6:01pm

You don't have to. You just need one valid version.

**Shining Arcanine** · Sat 3 Jul '04, 6:04pm

I was pointing out that it can be done because Xenon said that it is not possible to reconstruct the orignal password. I didn't say that you had to.

**Kier** · Sun 4 Jul '04, 8:17am

Originally posted by LeeCHeSSS

I'm not wellversed in this topic, but isn't it *possible* for 2 DIFFERENT strings that are md5-hashed both result in the same hash?

Yes, that's correct.

Also, don't forget that the MD5 hash of 'bla' and of a 4GB file will both be a 32 character string.

Although it is possible to test the MD5 hash of all three letter combinations and eventually work out that what you have is the MD5 hash of 'bla', it is impossible to reverse the MD5 process - you could never recover the 4GB file from its 32 character MD5 hash.

Can MD5 be cracked?

Can MD5 be cracked?

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment