Solved

Reverse salted MD5

Posted on 2016-10-13
10
24 Views
Last Modified: 2016-11-09
Hey,
I have a hash, which was salted, but I know the salt. According to https://www.experts-exchange.com/questions/26216169/md5-with-salt.html I found that reversing is not possible, but is there a (semi-)efficient brute-force way to reverse this? The thread is six years old now, which is a lot in terms of computer science, so I thought I'd just ask again.

Also I know the length of the original string (8 chars) and that they are hexadecimal digits, if that helps.

So, is there any program which lets me reverse the hash given that info within some hours?
0
Comment
Question by:Patrick W.
  • 5
  • 4
10 Comments
 
LVL 61

Assisted Solution

by:btan
btan earned 250 total points (awarded by participants)
ID: 41842937
Best effort even though salt is known. Pls see either online service or tool called hashcat which support salted md5 hash mode

     10 | md5($pass.$salt)                                 | Raw Hash, Salted and / or Iterated
     20 | md5($salt.$pass)                                 | Raw Hash, Salted and / or Iterated
     30 | md5(unicode($pass).$salt)                        | Raw Hash, Salted and / or Iterated
     40 | md5($salt.unicode($pass))                        | Raw Hash, Salted and / or Iterated
   3800 | md5($salt.$pass.$salt)                           | Raw Hash, Salted and / or Iterated
   3710 | md5($salt.md5($pass))                            | Raw Hash, Salted and / or Iterated
   2600 | md5(md5($pass))                                  | Raw Hash, Salted and / or Iterated
   4300 | md5(strtoupper(md5($pass)))                      | Raw Hash, Salted and / or Iterated
   4400 | md5(sha1($pass))                                 | Raw Hash, Salted and / or Iterated
http://www.dcode.fr/md5-hash
https://hashcat.net/wiki/doku.php?id=hashcat

Example
hashcat -n 2 -m 0 -a 3 --pw-min 9 hashfile.txt ?l?l?l?l?l?l?l?l?l?l

-n = 2 threads
-m 0 = md5
–pw-min 9 = minimal 9 characters
hashfile.txt = is txt file where the hash is located
?l?l?l?l?l?l?l?l?l?l = lowercase password

Do ensure the doing is legit and authorised of using the real hash.
0
 
LVL 23

Expert Comment

by:Dr. Klahn
ID: 41842946
So, is there any program which lets me reverse the hash given that info within some hours?

That depends on how generous the definition of "some" is.
0
 
LVL 26

Expert Comment

by:skullnobrains
ID: 41849991
I found that reversing is not possible, but is there a (semi-)efficient brute-force way to reverse this?

not quite : brute forcing will give you one string that will produce the same md5 with that same salt. there is no guarantee and actually little chances this string is the original one.

md5 will sqeeze all possible inputs into a finite number of possible outputs. each output can be produced by an infinite number of inputs.

then having one valid string might be enough for you needs. if you have hints about the strings, you should be able to complete the crack within hours on commodity hardware, and within about a month with no information. if you can use a cray for about 2 or 3 seconds, that should also do
0
 
LVL 61

Assisted Solution

by:btan
btan earned 250 total points (awarded by participants)
ID: 41850327
other online "calculator" that does the reversing to best effort based on their existing store knowledge. it will be good to have prior knowing of the salt length or how it is "mixed" with the password show when the reverse does hit it, it is left with using salt to reverse to get the actual string. most time the salth is either appended (or padded) or XOR .. just my few cents
https://isc.sans.edu/tools/reversehash.html
https://hashtoolkit.com/reverse-md5-hash/
0
 
LVL 26

Assisted Solution

by:skullnobrains
skullnobrains earned 250 total points (awarded by participants)
ID: 41851569
neither of those tools work :  they both answer "no solution found for the md5s or the empty string and "test"
d8e8fca2dc0f896fd7cb4cb0031ba249
d41d8cd98f00b204e9800998ecf8427e

and again expecting to reverse a hash is a misunderstanding of what a hash does. plenty of inputs will produce the same output and the md5 of en entire book if only a few bytes long so there is clearly no way to get the original string for sure.

btw if you know the salt and the password store was poorly designed you may get lucky and end up with something that is reversible indeed : for example if you interpolate the salt and the password ( pick one letter from each ) and take the base64 of the result before feeding it to md5sum, you end up with something that could be brute force broken since it is unlikely that many base64-encrypted strings with exactly x many letters corresponding to the salt appearing at proper locations will produce that same resulting hash...
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 61

Expert Comment

by:btan
ID: 41851814
The link stated pre compiled database for kniwn password, it is None the wiser to cover all combination to lookup for hit. I try the standard "password"  below. There is hit but really I also see it is not foolproof..

md5 hash 9e107d9d372bb6826bd81d3542a419d6 = The quick brown fox jumps over the lazy dog
0
 
LVL 26

Expert Comment

by:skullnobrains
ID: 41853787
This expert suggested creating a Gigs project.
i neglected part of the information

Also I know the length of the original string (8 chars) and that they are hexadecimal digits, if that helps.

with a tool like hashcat or possibly a big loop on a unix machine you can get quite easily the list of 8 character long hex strings that match this specific md5. the list should be small, most likely a single response, less than 5 i guess.

8 hex chars produce 2^4^8 = 2^32 = 4 billion possibilities which can be computed on commodity hardware ( at least a decent i5 or equivalent ) in about half a day. arm processors if the tools can use them efficiently can be even faster.
0
 
LVL 26

Expert Comment

by:skullnobrains
ID: 41853789
sorry about the gigs project, i checked the box accidentally and have no idea how to revert
0
 
LVL 26

Accepted Solution

by:
skullnobrains earned 250 total points (awarded by participants)
ID: 41853823
here is a small demo code that will loop over the 10 first possibilities and print md5s which you can grep

seq 1 10 | while read line ; do printf '%08x ' $line ; printf '%08x\n' $line | md5sum  ; done

beware the hex numbers are spelled in lower case which might not be the same as your input string

also note that this code is poor for at least the following reasons
- it will not run multiple md5 in parallel
- it spawns md5sum commands at each loop which is most definitely slow
- it is not capable to start over where it stopped if it crashes

with this code, on my machine you'd need about 4-5 months  ( i tried 100k combinations in about 5 minutes ) but hashcat, johntheripper, or a proper code ( i'd use php or perl probably ) and the likes can do this in a few hours or possibly days at most depending on your hardware.
0
 
LVL 61

Expert Comment

by:btan
ID: 41880240
As suggested
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

By default, Carbonite Server Backup manages your encryption key for you using Advanced Encryption Standard (AES) 128-bit encryption. If you choose to manage your private encryption key, your backups will be encrypted using AES 256-bit encryption.
Explore the encryption capabilities built into Google Apps and how these features can help you meet privacy policy and regulatory compliance, but are not a full solution. Understand and compare the most popular email encryption services for Google A…
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now