Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Reverse salted MD5

Posted on 2016-10-13
10
Medium Priority
?
102 Views
Last Modified: 2016-11-09
Hey,
I have a hash, which was salted, but I know the salt. According to https://www.experts-exchange.com/questions/26216169/md5-with-salt.html I found that reversing is not possible, but is there a (semi-)efficient brute-force way to reverse this? The thread is six years old now, which is a lot in terms of computer science, so I thought I'd just ask again.

Also I know the length of the original string (8 chars) and that they are hexadecimal digits, if that helps.

So, is there any program which lets me reverse the hash given that info within some hours?
0
Comment
Question by:Patrick W.
  • 5
  • 4
10 Comments
 
LVL 65

Assisted Solution

by:btan
btan earned 1000 total points (awarded by participants)
ID: 41842937
Best effort even though salt is known. Pls see either online service or tool called hashcat which support salted md5 hash mode

     10 | md5($pass.$salt)                                 | Raw Hash, Salted and / or Iterated
     20 | md5($salt.$pass)                                 | Raw Hash, Salted and / or Iterated
     30 | md5(unicode($pass).$salt)                        | Raw Hash, Salted and / or Iterated
     40 | md5($salt.unicode($pass))                        | Raw Hash, Salted and / or Iterated
   3800 | md5($salt.$pass.$salt)                           | Raw Hash, Salted and / or Iterated
   3710 | md5($salt.md5($pass))                            | Raw Hash, Salted and / or Iterated
   2600 | md5(md5($pass))                                  | Raw Hash, Salted and / or Iterated
   4300 | md5(strtoupper(md5($pass)))                      | Raw Hash, Salted and / or Iterated
   4400 | md5(sha1($pass))                                 | Raw Hash, Salted and / or Iterated
http://www.dcode.fr/md5-hash
https://hashcat.net/wiki/doku.php?id=hashcat

Example
hashcat -n 2 -m 0 -a 3 --pw-min 9 hashfile.txt ?l?l?l?l?l?l?l?l?l?l

-n = 2 threads
-m 0 = md5
–pw-min 9 = minimal 9 characters
hashfile.txt = is txt file where the hash is located
?l?l?l?l?l?l?l?l?l?l = lowercase password

Do ensure the doing is legit and authorised of using the real hash.
0
 
LVL 30

Expert Comment

by:Dr. Klahn
ID: 41842946
So, is there any program which lets me reverse the hash given that info within some hours?

That depends on how generous the definition of "some" is.
0
 
LVL 27

Expert Comment

by:skullnobrains
ID: 41849991
I found that reversing is not possible, but is there a (semi-)efficient brute-force way to reverse this?

not quite : brute forcing will give you one string that will produce the same md5 with that same salt. there is no guarantee and actually little chances this string is the original one.

md5 will sqeeze all possible inputs into a finite number of possible outputs. each output can be produced by an infinite number of inputs.

then having one valid string might be enough for you needs. if you have hints about the strings, you should be able to complete the crack within hours on commodity hardware, and within about a month with no information. if you can use a cray for about 2 or 3 seconds, that should also do
0
Cyber Threats to Small Businesses (Part 1)

This past May, Webroot surveyed more than 600 IT decision-makers at medium-sized companies to see how these small businesses perceived new threats facing their organizations.  Read what Webroot CISO, Gary Hayslip, has to say about the survey in part 1 of this 2-part blog series.

 
LVL 65

Assisted Solution

by:btan
btan earned 1000 total points (awarded by participants)
ID: 41850327
other online "calculator" that does the reversing to best effort based on their existing store knowledge. it will be good to have prior knowing of the salt length or how it is "mixed" with the password show when the reverse does hit it, it is left with using salt to reverse to get the actual string. most time the salth is either appended (or padded) or XOR .. just my few cents
https://isc.sans.edu/tools/reversehash.html
https://hashtoolkit.com/reverse-md5-hash/
0
 
LVL 27

Assisted Solution

by:skullnobrains
skullnobrains earned 1000 total points (awarded by participants)
ID: 41851569
neither of those tools work :  they both answer "no solution found for the md5s or the empty string and "test"
d8e8fca2dc0f896fd7cb4cb0031ba249
d41d8cd98f00b204e9800998ecf8427e

and again expecting to reverse a hash is a misunderstanding of what a hash does. plenty of inputs will produce the same output and the md5 of en entire book if only a few bytes long so there is clearly no way to get the original string for sure.

btw if you know the salt and the password store was poorly designed you may get lucky and end up with something that is reversible indeed : for example if you interpolate the salt and the password ( pick one letter from each ) and take the base64 of the result before feeding it to md5sum, you end up with something that could be brute force broken since it is unlikely that many base64-encrypted strings with exactly x many letters corresponding to the salt appearing at proper locations will produce that same resulting hash...
0
 
LVL 65

Expert Comment

by:btan
ID: 41851814
The link stated pre compiled database for kniwn password, it is None the wiser to cover all combination to lookup for hit. I try the standard "password"  below. There is hit but really I also see it is not foolproof..

md5 hash 9e107d9d372bb6826bd81d3542a419d6 = The quick brown fox jumps over the lazy dog
0
 
LVL 27

Expert Comment

by:skullnobrains
ID: 41853787
This expert suggested creating a Gigs project.
i neglected part of the information

Also I know the length of the original string (8 chars) and that they are hexadecimal digits, if that helps.

with a tool like hashcat or possibly a big loop on a unix machine you can get quite easily the list of 8 character long hex strings that match this specific md5. the list should be small, most likely a single response, less than 5 i guess.

8 hex chars produce 2^4^8 = 2^32 = 4 billion possibilities which can be computed on commodity hardware ( at least a decent i5 or equivalent ) in about half a day. arm processors if the tools can use them efficiently can be even faster.
0
 
LVL 27

Expert Comment

by:skullnobrains
ID: 41853789
sorry about the gigs project, i checked the box accidentally and have no idea how to revert
0
 
LVL 27

Accepted Solution

by:
skullnobrains earned 1000 total points (awarded by participants)
ID: 41853823
here is a small demo code that will loop over the 10 first possibilities and print md5s which you can grep

seq 1 10 | while read line ; do printf '%08x ' $line ; printf '%08x\n' $line | md5sum  ; done

beware the hex numbers are spelled in lower case which might not be the same as your input string

also note that this code is poor for at least the following reasons
- it will not run multiple md5 in parallel
- it spawns md5sum commands at each loop which is most definitely slow
- it is not capable to start over where it stopped if it crashes

with this code, on my machine you'd need about 4-5 months  ( i tried 100k combinations in about 5 minutes ) but hashcat, johntheripper, or a proper code ( i'd use php or perl probably ) and the likes can do this in a few hours or possibly days at most depending on your hardware.
0
 
LVL 65

Expert Comment

by:btan
ID: 41880240
As suggested
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ransomware is a growing menace to anyone using a computer or mobile device. Here are answers to some common questions about this vicious new form of malware.
The conference as a whole was very interesting, although if one has to make a choice between this one and some others, you may want to check out the others.  This conference is aimed mainly at government agencies.  So it addresses the various compli…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses

877 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question