Help adjust hash guessing script

Hello!

 

I've always been taught that Java is much faster than PHP (or any other interpreted language), however it doesn't seem so in my case.

 

I've made a PHP script that tried to guess the password that was hashed into md5 and then hashed again with a salt. The script guesses with any integer between 0 and 100 million.

 

It looks like this:

 

$date1 = date('l jS \of F Y h:i:s A');

file_put_contents("result.txt", "Start! $date1", FILE_APPEND);

for($i=0; $i <= 100000000; $i++) {

if (md5(md5($i).'aaa') == "f6db929991d7f0df3d0e7d1a8bb8f823") {file_put_contents("result.txt", "\r\n"."Found match! '{$i}'", FILE_APPEND); break;}

}

$date2 = date('l jS \of F Y h:i:s A');

file_put_contents("result.txt", "\r\n"."End! $date2", FILE_APPEND);

 

For example, to guess the value of 59041986, PHP takes about 3min 52secs.

 

However, my Java counterpart 9min 19 secs. As you see, much longer.

 

Could you help me adjust my Java script so it is more efficient and faster? Thank you.

 

import java.security.*;
import java.math.*;
import java.util.Date;

class Hack {

public static void main(String[] args) throws Exception {

	Date now = new Date();
	System.out.println(now);

	for(int i = 0; i < 100000000; i++) {

		String hash = args[0];
		String salt = args[1];

		String te = Integer.toString(i);

	    MessageDigest m = MessageDigest.getInstance("MD5");
	    m.update(te.getBytes(),0,te.length());
	    String pre = new BigInteger(1,m.digest()).toString(16);

	    String mid = pre + salt;

	    MessageDigest d = MessageDigest.getInstance("MD5");
		d.update(mid.getBytes(),0,mid.length());
	    String finish = new BigInteger(1,d.digest()).toString(16);


		if(finish.compareTo(hash) == 0) {System.out.println("Found match! '" + i + "'"); break;}

	}

	now = new Date();
	System.out.println(now);

}

}

 

 

I very seriously doubt that this is being used for good purposes.

 

 

I have 2 suggestions, although I just glanced at the code:

 

-Don't keep regetting a MD5 instance.  Just initialize it somewhere outside of the loop and then use the reset() method after you're done using it in the loop.

 

-Compare things in byte arrays.  I don't know about in Java, but I would assume you can compare byte arrays some how (or at least make a custom method to do it).  That way you don't have to keep changing it to strings.  (This one could actually be borderline so if you do this one, might want to test both ways.)

 

 

 

Doing straight up MD5 hashes (6 byte message), Java does 1M in about a second and PHP does it in 2 x.x.

 

 

By the way, Java isn't the fastest solution for this.  C[++] would probably be faster, although I don't know by how much.

ok first its so much better to use a rainbow table now what i do though is put it in a mysql table and start a script to write more random ones in the run that while i sleep then i have a script to run all the yummy salts plus a script to remove all the repeats from table.

 

i would say php is a great way to handle writing random salts into mysql because it runs sql well might want to try that. have fun and i am sure your just using this info to recover lost passwords right lol

 

with a good pc/server you should be able to make over 3 salts a min with a clean script plus you could use 3 or 4 pcs to make the salts plus a one more pc to store them all on.

 

ps. most rainbow tables you will find have over 1,000,000 common passwords in it. the one i have came with 15,000,000 common/complex passwords and h have added about 500 random ones a day the table is starting to get hard to access plus will take hours to days running on one password

This thread is another good reason to use strong passwords (mix of alphanumeric characters, including at least one upper and one lower case letter), to validate that the entered password meets the same rules as when it was created, and to store and test the length of the password too, and not just that the hash of the entered password matches the hash of the original.

This thread is another good reason to use strong passwords (mix of alphanumeric characters, including at least one upper and one lower case letter), to validate that the entered password meets the same rules as when it was created, and to store and test the length of the password too, and not just that the hash of the entered password matches the hash of the original.

stronger is better but a good table will crack in matter of hours i would suggest also using users names that doesnt scream noob/jerk/asswhipe do a calm user name that people dont care/think about.

 

also people please use other hashing methods other than MD5 because it has the most/largest rainbow tables. you can also change how its stored like change it all +1 or something or even encrypt the hash if your really warred about hackers (altho this will only slow down not stop a good hacker but it will stop and average cracker)

just be smart and you can stop joeshmo the cracker and be creative and smart to stop hackers and keep your systems uptodate and change your methods around so your weakness isn't the same every time. but also if you get some account hacked id say only 5% are desalted is usly just a simple key logger on you pc emailing away all your key hits because they are easy to write/mod so even if your logger is found by antimal wear you can change one little factor and now its not found but if you are smart you are less likey to get a keyloggers and i dont know of any key loggers that work on linux that can be put on and run remotely (but if you have access to the pc you can put one on easy) but any jackass that knows how to use google can make a keylogger in vb, vc, python, java, c you name it i bet you can find one on google php/asp/cfm and other server sides cant but they can handle the incoming strokes sent by some client(like javascript).  sorry i got off topic but just trying to help people out here.

 

 

also people please use other hashing methods other than MD5 because it has the most/largest rainbow tables. you can also change how its stored like change it all +1 or something or even encrypt the hash if your really warred about hackers (altho this will only slow down not stop a good hacker but it will stop and average cracker)

just be smart and you can stop joeshmo the cracker and be creative and smart to stop hackers and keep your systems uptodate and change your methods around so your weakness isn't the same every time. but also if you get some account hacked id say only 5% are desalted is usly just a simple key logger on you pc emailing away all your key hits because they are easy to write/mod so even if your logger is found by antimal wear you can change one little factor and now its not found but if you are smart you are less likey to get a keyloggers and i dont know of any key loggers that work on linux that can be put on and run remotely (but if you have access to the pc you can put one on easy) but any jackass that knows how to use google can make a keylogger in vb, vc, python, java, c you name it i bet you can find one on google php/asp/cfm and other server sides cant but they can handle the incoming strokes sent by some client(like javascript).  sorry i got off topic but just trying to help people out here.

 

Sorry, but that didn't make any sense at all to me. Ever heard of using capital letters to start sentences? Punctuation? Paragraphs? Sorry, I don't mean to be the language police (god knows I'm not the best myself) but really, your post is just a blur of text to me.

Hehe, I understand your concern about this not being used for good purposes, but it is for education/training only.

 

About the code adjustments, I'll try them out tonight and report back with the times.

 

And about using rainbow tables. I understand that they're much faster, but don't they depend on having a single salt? Most forums, guestbooks and etc. use different salts. So won't rainbow tables be kind of useless? Unless you're talking about rainbow tables that use salts (which I haven't found any yet). I know www.freerainbowtables.com, but they don't have support for salts.

 

Haha, I just realized there is a big flaw in my script. It doesn't check for a password that is like "0000001". Any suggestions?

Padding?

 

 

But uhmmm serverman, 500 hashes a day?  Did you mean 500 million?  500 can be generated in like .001 seconds.  Maybe less time.

 

 

Edit:  Also, what about beasts of a salt?  How would a rainbow table handle a 64 character salt?  ;p

        You can make 500mil a day but i only make 500 a day to add to table because its almost imposable to handle that many salts the way i set up my table. You could not make 500mil new ones because first makes a random salt then has to scan this huge list of known salts then add it to list  you would need many servers to handle that many. Crackstations (ps3 linux build) can make a 8bit salt/hash in .0001 sec(if i am not mistaken on that number)

 

and 64bit would be a bitch for a table (mine is only 16bit at longest) and 64 bit would be a bitch for an active server to handle.

 

PS. my database is held on an 5 year old pc and the salt/hash gen is on an 3year old laptop. Hate we cant go back and edit older posts i would fix some typos for you i was typing the first one at school didn't  have time to check it and other one i just had alot to say and didnt read what i typed afterwords so sorry for bad "language".

 

And about using rainbow tables. I understand that they're much faster, but don't they depend on having a single salt? Most forums, guestbooks and etc. use different salts. So won't rainbow tables be kind of useless? Unless you're talking about rainbow tables that use salts (which I haven't found any yet). I know www.freerainbowtables.com, but they don't have support for salts.

 

 

freerainbowtables.com  is not salt/hash tables its just a hash dictionary try darkc0de.com  they have an md5cracker you can use and i am sure someone can help you find a magical rainbow table that can help you with what ever you are trying to do.

 

plus i am going say now that i think about it random salts might be better then tabled salts because with newer systems you can write them so much faster than you can store them so i guess my i have no common since  sorry. i really never thought about because I don't use the table myself i just make it for a friend and it was his idea not mine. we thought we were so smart but i guess it was stupid. It works good just take hours to crack if a salt is really used but just hashed is easy takes like minutes at most .

 

if the user you are de hashing pc as accessible and the site you are trying to take password from stores salts in a cookie you can always try to steal it that way.

 

 

Just to make sure. I do not need any cracking utilities, methods on hacking or anything. Just wanna learn what I did wrong with my script (I'm just beginning with Java).

 

I'm rebuilding the Java script, will report back shortly.

Sorry, can't edit post.

 

I managed to lower it to 8min 32sec.

 

import java.security.*;
import java.math.*;
import java.util.Date;

class Hack {

public static void main(String[] args) throws Exception {

	Date now = new Date();
	System.out.println(now);

	String te;
	String hash;

	MessageDigest m = MessageDigest.getInstance("MD5");

	for(int i = 0; i < 100000000; i++) {

		te = Integer.toString(i);

	    m.update(te.getBytes(),0,te.length());
	    hash = new BigInteger(1,m.digest()).toString(16);

	    hash = hash + args[1];

		m.update(hash.getBytes(),0,hash.length());
	    hash = new BigInteger(1,m.digest()).toString(16);

		if(hash.compareTo(args[0]) == 0) {System.out.println("Found match! '" + i + "'"); break;}

	}

	now = new Date();
	System.out.println(now);

}

}

6min 8sec.

 

import java.security.*;
import java.math.*;
import java.util.Date;

class Hack {

public static void main(String[] args) throws Exception {

	Date now = new Date();
	System.out.println(now);

	Md5Util md5 = new Md5Util();

	for(int i = 0; i < 100000000; i++) {

		if(md5.encodeMd5(md5.encodeMd5(Integer.toString(i)) + args[1]).equals(args[0])) {

			System.out.println("Found match! '" + i + "'"); break;

		}

	}

	now = new Date();
	System.out.println(now);

}

}

 

I got a Md5Util class from another user.

Edit:  Hrmmm....  It would seem that in the time I sat here and benchmarked you entirely changed your script.  About to do homework, but after that I'm going to try to figure out what's going on timewise with each part.  You could do it too.  I used the getTime() method of the Date object to get MS since unix epoch then just subtracted the two longs.

 

 

I just did some benchmarking, and on my machine, converting the 16 byte-byte arrays to BigInts and then Strings is takign 9/11 of the time (18/22 actually).

 

The second conversion and then the compareTo call aren't really necessary if you convert the hash fed into the class to a byte array (each hex char would be half of a byte*).

 

*32 char string representing an 128 bit hash....  Each hex char represents a value up to 16 which is 2^4, or 4 bits, which means each hex char is half of a byte ;p.  This would get a bit weird since you would have to bitshift the first half-byte and then add the second half.  Assume you had:

 

91

 

The binary would be

1001 for 9

0001 for 1

 

So obviously, they would fit together like 10010001.

 

(9 << 4) + 1

 

 

I'm sure there's a method of some numeric type class you could use though if you wanted to just do 2 hex chars at a time.

I just tried my Java code on a quad-core machine (2.4GHz). 4min 4sec.

 

I guess Java is faster, just the CPU is your bottleneck. Unlike PHP, the interpreter itself may be the bottleneck.

 

Edit: never mind. I just tried my PHP script on my online host, they use an 8-core CPU. 2min 6sec.

 

I don't know what to do anymore... XD

I just tried my Java code on a quad-core machine (2.4GHz). 4min 4sec.

 

I guess Java is faster, just the CPU is your bottleneck. Unlike PHP, the interpreter itself may be the bottleneck.

 

Edit: never mind. I just tried my PHP script on my online host, they use an 8-core CPU. 2min 6sec.

 

I don't know what to do anymore... XD

 

 

The PHP interpreter is still bound by the CPU.  Also, once the PHP code is 'compiled,' it's bound by the CPU.

 

 

Edit:  Oh...  Ignore this post.  I think I misread yours earlier.