[CLUE-Tech] Re: [CLUE-TechDSL (Cisco Modem) - passwords
Jeremiah Stanley
miah at miah.org
Sun Jan 6 18:30:26 MST 2002
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> From some research I did last night it seems MD5 is a one way
> encryption. I had to started to write a program to try and reverse
> the algorythm. I have code for doing MD5 so I thought I would try and
> go the other way. No such luck :^( .
Just for a reference to "crack" MD5 you would need to have all of the
worlds computers working on this 24/7/365, take into account Moore's Law
in this too. Now ignore the storage requirements for this with the ratio
of 1 silicon atom to 1 bit of storage, which puts the storage requirement
for this project at about twice the estimated amount of silicon in the
universe. It would still take you 2^212 years, by that time I'm sure the
sun will have supernova'd us all the component atoms wasting all those
cycles we could have used to play solitaire and cure cancer. You may
have better luck throwing in some differential calc and working against
linear equations and all but it still hasn't been proven that MD5 is
weak to anything but brute force. ;)
- ----- Newbie Reference Here -----
MD5 is a hashing algorithm, it really isn't intended to be used the
encrypt data. It is a way of taking an arbitrary sized piece of data (like
a debian ISO) and turn that into a 128bit number. If you run md5sum on a
file and I run md5sum on the same file, we should get the same number out
of the program. But, if I change just one bit of the file, the number (in
binary) should have a difference of at least 50% in the number returned.
So that way when I download the ISO I can tell if my download was janky.
- ----- End Newbie Reference -----
> At 07:28 PM 1/4/02 -0500, you wrote:
> > >
> > > Anyone know how to reverse MD5 encryption? :^)
> > >
> >I left my PIII 500 going at it for a LONG time using john the ripper. For
> >fun, I found the previous sysAdmin's password, so I tried to crack it. No
> >such luck. It was "fun" though, letting my system work all the time.
If you let ol John run long enough. He will "brute force" guess the
password correctly. My personal root password at home here took my Duron
700 about 126 hours to crack. While most dictionary words will be done in
a matter of seconds.
John works by MD5'ing strings in his dictionary and seeing if they match
what is pulled out of /etc/shadow. Once he is done with his dictionary he
will work on small permutations of those words (like S=$, etc) and then
good ol John will start trying 16-128 bit strings sequentially until he
eventually cracks your password. This is why changing your passwords every
few weeks is a Good Thing(tm). John The Ripper is a wonderful tool for
this type of work.
For anybody who runs systems with lots of users that can set their own
passwords I suggest using PAM's cracklib support and regularly checking
/etc/shadow for 'weak' passwords. By weak I mean words found in a
dictionary.
If you are interested in knowing more about cryptography and cryptanalysis
I suggest reading Bruce Schneier's 'Applied Cryptography'. It is a little
old (1996), but all the core stuff you'll need to know is in there. You'll
need to have a decent grounding in C to understand most of what goes on
under the hood, but the writing style is light and quick so it's easy to
stay entertained.
Hope this helps, and didn't confuse!
Jeremiah Stanley
- --
Give a man a match, and he'll be warm for a minute, but set him on fire, and
he'll be warm for the rest of his life.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE8OPo1Ad8Nj1SHkdcRAgBzAKCECk2cq2sAwNPU+zqqgSAlcGk+0QCfYnJJ
XBssMxJqxNDXGb7c71oTyb4=
=U8Jj
-----END PGP SIGNATURE-----
More information about the clue-tech
mailing list