Cryptohaze.com

GPUs and hashes to the max
http://www.cryptohaze.com/forum/

Ugh. People are idiots (NTLM/MD4/etc in "MD5" lists)

http://www.cryptohaze.com/forum/viewtopic.php?f=6&t=71

Page 1 of 1

Ugh. People are idiots (NTLM/MD4/etc in "MD5" lists)

PostPosted: Sat May 23, 2009 1:39 am
by Bitweasil
Interesting how I return plenty of sane MD4/NTLM hits in MD5 lists...

I think I'll run all hashes through all the brute forcers. And mock people hard via the web interface when they get results that are of the wrong hash type.

Re: Ugh. People are idiots (NTLM/MD4/etc in "MD5" lists)

PostPosted: Sat May 23, 2009 8:03 am
by the_drag0n
what did you expect ? :P
you should also remove hashes such as
00000000000000000000000000000000
since they're prolly just test stuff :P

Re: Ugh. People are idiots (NTLM/MD4/etc in "MD5" lists)

PostPosted: Sat May 23, 2009 10:49 am
by neinbrucke
the_drag0n wrote:you should also remove hashes such as
00000000000000000000000000000000
since they're prolly just test stuff :P


i'd love to know the plaintext of that :P

Re: Ugh. People are idiots (NTLM/MD4/etc in "MD5" lists)

PostPosted: Wed Jul 29, 2009 6:33 pm
by mastercracker
Hi. I just cracked (and upload password) > 56000 hashes from your MD5 list. Here's a couple of constructive comments for your hash database (some might be already implemented...):
1) Make sure it accepts only exactly 32 chars input without spaces or symbols. Maybe a function that trims spaces that could be present by mistake at start or the end of each line of input would be good too.
2) Put all the input in lowercase before checking/adding to the database. I have found about 8000 duplicates.
3) Some kind of algorithm cross-check would be good too (e.a. checking MD5 list as it was NTLM hash and vice versa). I will post several hash of different algorithm in the MD5 list.
4) Since your MD5 hashlist has grown so big, it would be a good idea to make a zipped .txt file that would be automatically updated every hour or so. Users could then more easily download the file rather than waiting for the whole list to show up on the screen.


P.S.: I would really appreciate LM algorithm for your CUDA multiforcer...

Re: Ugh. People are idiots (NTLM/MD4/etc in "MD5" lists)

PostPosted: Wed Jul 29, 2009 7:28 pm
by Bitweasil
Thanks for all those...

I'll see what I can do with checking for those better.

Re: Ugh. People are idiots (NTLM/MD4/etc in "MD5" lists)

PostPosted: Mon Aug 10, 2009 1:01 pm
by B0ff
Hi, is there a problem with the 'All Cracked MD5' Export Lists function? It takes forever to download (I know there are a lot of entries but it used to be much quicker) and the output appears to be corrupt, see attachment.

Re: Ugh. People are idiots (NTLM/MD4/etc in "MD5" lists)

PostPosted: Sat Oct 31, 2009 7:12 pm
by Reelix
Text: hello
MD2: a9046c73e00331af68917d3804f70655
MD4: 866437cb7a794bce2b727acc0362ee27
MD5: 5d41402abc4b2a76b9719d911017c592

All are 32 characters long.

It's possible that someone submitted the MD5 hash 866437cb7a794bce2b727acc0362ee27! Who KNOWS what the MD5 plain-text for that is? Maybe there WAS a plain-text that got MD5 hashed to that, and you're criticizing them since it's got a simple MD4 result?

What if one of the most dastardly 72 character plaintext strings, MD4 hash'd, turns out to be "lol" in MD5?

Will the criticism then be the other way around?

:roll:
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
http://www.phpbb.com/