Comments on: crack.pl – SHA1 & MD5 Hash Cracking Tool http://www.darknet.org.uk/2009/07/crack-pl-sha1-md5-hash-cracking-tool/ Ethical Hacking, Penetration Testing & Computer Security Tue, 14 Feb 2012 00:17:07 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Darknet http://www.darknet.org.uk/2009/07/crack-pl-sha1-md5-hash-cracking-tool/#comment-158429 Darknet Thu, 30 Jul 2009 07:52:58 +0000 http://www.darknet.org.uk/?p=1962#comment-158429 <strong>GZero:</strong> Well I'm not endorsing it or saying it's the best way, but I appreciate when someone tries their hand at writing something and is willing to share the code with the rest of the world. There are better methods to programmatically crack hashes, but then with the masses of CPU power available now (quad core 2Ghz+ in a home PC?) they aren't so relevant. I just thought this was worth sharing that's all. GZero: Well I’m not endorsing it or saying it’s the best way, but I appreciate when someone tries their hand at writing something and is willing to share the code with the rest of the world. There are better methods to programmatically crack hashes, but then with the masses of CPU power available now (quad core 2Ghz+ in a home PC?) they aren’t so relevant. I just thought this was worth sharing that’s all.

]]> By: Alan http://www.darknet.org.uk/2009/07/crack-pl-sha1-md5-hash-cracking-tool/#comment-158423 Alan Wed, 29 Jul 2009 14:21:57 +0000 http://www.darknet.org.uk/?p=1962#comment-158423 I'm pretty sure that they are referring to rainbow tables and not dictionaries. I’m pretty sure that they are referring to rainbow tables and not dictionaries.

]]> By: GZero http://www.darknet.org.uk/2009/07/crack-pl-sha1-md5-hash-cracking-tool/#comment-158422 GZero Wed, 29 Jul 2009 13:47:45 +0000 http://www.darknet.org.uk/?p=1962#comment-158422 Didn't expect to see this sort of thing on Darknet... If you're looking to crack MD5/SHA1, salted or not, this is NOT the way to approach it. Crypt::PasswdMD5 is a pure perl implementation of the MD5 algorithm. It is an order of magnitude slower than, say, the OpenSSL implementation, and just will not cut it where speed is an issue. If you're in any doubt, hashing algorithms should be implemented using efficient, low level languages. Scripting languages are just not built to do fast floating point operations. I'm not even going to mention the total lack of cracking specific optimization. Byte swapping techniques are public domain and make such a big difference that they're a must have. "You can use a dictionary file or bruteforce and it can be used to generate tables itself." What tables are these? Do you mean dictionary files? I see no collision finding code in the 270 line crack_beta.pl, so I'm guessing it's a dictionary file. My 2p... Didn’t expect to see this sort of thing on Darknet…

If you’re looking to crack MD5/SHA1, salted or not, this is NOT the way to approach it.

Crypt::PasswdMD5 is a pure perl implementation of the MD5 algorithm. It is an order of magnitude slower than, say, the OpenSSL implementation, and just will not cut it where speed is an issue.

If you’re in any doubt, hashing algorithms should be implemented using efficient, low level languages. Scripting languages are just not built to do fast floating point operations.

I’m not even going to mention the total lack of cracking specific optimization. Byte swapping techniques are public domain and make such a big difference that they’re a must have.

“You can use a dictionary file or bruteforce and it can be used to generate tables itself.”

What tables are these? Do you mean dictionary files? I see no collision finding code in the 270 line crack_beta.pl, so I’m guessing it’s a dictionary file.

My 2p…

]]>