Reverse salted MD5

Hey,
I have a hash, which was salted, but I know the salt. According to https://www.experts-exchange.com/questions/26216169/md5-with-salt.html I found that reversing is not possible, but is there a (semi-)efficient brute-force way to reverse this? The thread is six years old now, which is a lot in terms of computer science, so I thought I'd just ask again.

Also I know the length of the original string (8 chars) and that they are hexadecimal digits, if that helps.

So, is there any program which lets me reverse the hash given that info within some hours?
Patrick W.Asked:
Who is Participating?
 
skullnobrainsConnect With a Mentor Commented:
here is a small demo code that will loop over the 10 first possibilities and print md5s which you can grep

seq 1 10 | while read line ; do printf '%08x ' $line ; printf '%08x\n' $line | md5sum  ; done

beware the hex numbers are spelled in lower case which might not be the same as your input string

also note that this code is poor for at least the following reasons
- it will not run multiple md5 in parallel
- it spawns md5sum commands at each loop which is most definitely slow
- it is not capable to start over where it stopped if it crashes

with this code, on my machine you'd need about 4-5 months  ( i tried 100k combinations in about 5 minutes ) but hashcat, johntheripper, or a proper code ( i'd use php or perl probably ) and the likes can do this in a few hours or possibly days at most depending on your hardware.
0
 
btanConnect With a Mentor Exec ConsultantCommented:
Best effort even though salt is known. Pls see either online service or tool called hashcat which support salted md5 hash mode

     10 | md5($pass.$salt)                                 | Raw Hash, Salted and / or Iterated
     20 | md5($salt.$pass)                                 | Raw Hash, Salted and / or Iterated
     30 | md5(unicode($pass).$salt)                        | Raw Hash, Salted and / or Iterated
     40 | md5($salt.unicode($pass))                        | Raw Hash, Salted and / or Iterated
   3800 | md5($salt.$pass.$salt)                           | Raw Hash, Salted and / or Iterated
   3710 | md5($salt.md5($pass))                            | Raw Hash, Salted and / or Iterated
   2600 | md5(md5($pass))                                  | Raw Hash, Salted and / or Iterated
   4300 | md5(strtoupper(md5($pass)))                      | Raw Hash, Salted and / or Iterated
   4400 | md5(sha1($pass))                                 | Raw Hash, Salted and / or Iterated
http://www.dcode.fr/md5-hash
https://hashcat.net/wiki/doku.php?id=hashcat

Example
hashcat -n 2 -m 0 -a 3 --pw-min 9 hashfile.txt ?l?l?l?l?l?l?l?l?l?l

-n = 2 threads
-m 0 = md5
–pw-min 9 = minimal 9 characters
hashfile.txt = is txt file where the hash is located
?l?l?l?l?l?l?l?l?l?l = lowercase password

Do ensure the doing is legit and authorised of using the real hash.
0
 
Dr. KlahnPrincipal Software EngineerCommented:
So, is there any program which lets me reverse the hash given that info within some hours?

That depends on how generous the definition of "some" is.
0
Cloud Class® Course: MCSA MCSE Windows Server 2012

This course teaches how to install and configure Windows Server 2012 R2.  It is the first step on your path to becoming a Microsoft Certified Solutions Expert (MCSE).

 
skullnobrainsCommented:
I found that reversing is not possible, but is there a (semi-)efficient brute-force way to reverse this?

not quite : brute forcing will give you one string that will produce the same md5 with that same salt. there is no guarantee and actually little chances this string is the original one.

md5 will sqeeze all possible inputs into a finite number of possible outputs. each output can be produced by an infinite number of inputs.

then having one valid string might be enough for you needs. if you have hints about the strings, you should be able to complete the crack within hours on commodity hardware, and within about a month with no information. if you can use a cray for about 2 or 3 seconds, that should also do
0
 
btanConnect With a Mentor Exec ConsultantCommented:
other online "calculator" that does the reversing to best effort based on their existing store knowledge. it will be good to have prior knowing of the salt length or how it is "mixed" with the password show when the reverse does hit it, it is left with using salt to reverse to get the actual string. most time the salth is either appended (or padded) or XOR .. just my few cents
https://isc.sans.edu/tools/reversehash.html
https://hashtoolkit.com/reverse-md5-hash/
0
 
skullnobrainsConnect With a Mentor Commented:
neither of those tools work :  they both answer "no solution found for the md5s or the empty string and "test"
d8e8fca2dc0f896fd7cb4cb0031ba249
d41d8cd98f00b204e9800998ecf8427e

and again expecting to reverse a hash is a misunderstanding of what a hash does. plenty of inputs will produce the same output and the md5 of en entire book if only a few bytes long so there is clearly no way to get the original string for sure.

btw if you know the salt and the password store was poorly designed you may get lucky and end up with something that is reversible indeed : for example if you interpolate the salt and the password ( pick one letter from each ) and take the base64 of the result before feeding it to md5sum, you end up with something that could be brute force broken since it is unlikely that many base64-encrypted strings with exactly x many letters corresponding to the salt appearing at proper locations will produce that same resulting hash...
0
 
btanExec ConsultantCommented:
The link stated pre compiled database for kniwn password, it is None the wiser to cover all combination to lookup for hit. I try the standard "password"  below. There is hit but really I also see it is not foolproof..

md5 hash 9e107d9d372bb6826bd81d3542a419d6 = The quick brown fox jumps over the lazy dog
0
 
skullnobrainsCommented:
This expert suggested creating a Gigs project.
i neglected part of the information

Also I know the length of the original string (8 chars) and that they are hexadecimal digits, if that helps.

with a tool like hashcat or possibly a big loop on a unix machine you can get quite easily the list of 8 character long hex strings that match this specific md5. the list should be small, most likely a single response, less than 5 i guess.

8 hex chars produce 2^4^8 = 2^32 = 4 billion possibilities which can be computed on commodity hardware ( at least a decent i5 or equivalent ) in about half a day. arm processors if the tools can use them efficiently can be even faster.
0
 
skullnobrainsCommented:
sorry about the gigs project, i checked the box accidentally and have no idea how to revert
0
 
btanExec ConsultantCommented:
As suggested
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.