Using Google To Crack MD5 Passwords

stern writes "A security researcher at Cambridge was trying to figure out the password used by somebody who had hacked his Web site. He tried running a dictionary through the encryption hash function; no dice. Then he pasted the hacker's encrypted password into Google, and voila — there was his answer. Conclusion? Use no password that any other human being has ever used, or is ever likely to use, for any purpose. I think."

Salt

[porneL (674499)]

No, the conclusion is you should always use salted hashes.

Re:Salt

[eln (21727)]

I agree. Also, fry them in bacon fat and add pepper.

Re:Salt

[eldavojohn (898314)]

And blackjack ... and hookers. In fact, forget the hashes!

Re:RTFA

[eln (21727)]

You're correct. You have totally invalidated the points I brought up in my post. Good show.

Re:Salt

[Sangui5 (12317)]

Rainbow tables? Salting breaks it.
Precomupted dictionaries? Salting breaks it.
Brute force and compare against the whole pw list? Salting breaks it.

Salting is your friend. Long salts don't cost much, but make many attacks completely infeasible. Unix has been using salted passwords since forever. Yet nthash *still* doesn't include a salt.

Re:Salt

[by Anonymous Coward]

Ice building up on your sidewalk? Salting breaks it.

Re:Salt

[Jarjarthejedi (996957)]

Pretzels missing that unique flail? Salting solves it!
Need something else to put on those fries? Salt it!
Need to make your friend's drink taste awful? Salt is the way to go.

(Somewhere along the line we left the analogy department :P)

Re:Salt

[maxwell demon (590494)]

This is slashdot, we need a bad car analogy too. :P

Your car rusting too slowly? Salt solves that! :-)

Re:Salt

[Em Adespoton (792954)]

agree, but this isn't something the user can do. I can't register for a site and say, "I need to remember to use salt!" The site has to implement it and implement it correctly.

The guy posting was posting from the perspective of the user, not the author of the system. The conclusion from the summary is still accurate since you can't make the assumption that salt is always used. The next best defense is a crazy fucking password.

This is why my passwords are themselves salted hashes. The likelihood of someone else using my passwords is the same as a regular hash collision, I get to use a separate password for each place one is required, and the hashing mechanism and salt are simple enough for me to keep in my head. End result: infinite number of easily generatable and retrievable passwords that look just like a hashed password when decoded.

MD5 Lookup Site & Names

[eldavojohn (898314)]

For those of you who missed it in the article, the has was:

20f1aeb7819d7858684c898d1e98c1bb

And sure enough, if you read the comments to the blog, there is a site called http://md5.rednoize.com/ [rednoize.com] that reveals that the hash is "Anthony." So although Google helped, there appears to be resources online for it (if you don't have your own Rainbow Table mega database).

He could have discovered this if he had used a database complete with names, something I don't think would have been too difficult for him.

This Google search idea is kind of moot if the user uses some very basic password construction such as what I've commented on before [slashdot.org]. Also, as the blog mentions, this discussion is worthless if WordPress used salting [wikipedia.org] which is related to nonces used in security engineering [wikipedia.org]. I think that stuff has been around for, what about five years now? Wake up WordPress!

5 years?

[Junta (36770)]

Try decades! The good old days of Unix even had salts (even if they were just two bytes)

Re:MD5 Lookup Site & Names

[joNDoty (774185)]

Crap. From their "about" page:

Additionaly everytime when you enter a non-md5 hash string into the search field, the md5 result for that search strings gets stored in our database for future use.

Thanks for warning me. I tested to see if my password was in there... it is now!!!

Re:MD5 Lookup Site & Names

[Cairnarvon (901868)]

He didn't write the WordPress software, and presumably doesn't have the time to audit every bit of code it uses.
I doubt Bruce Schneier himself audited the entire Movable Type codebase, which he uses for his blog. Does that make Schneier "not much of a security researcher"?

Obligatory

[by Anonymous Coward]

In Soviet Amerika, MD5 passwords crack you.

Re:Obligatory

[CrazyJim1 (809850)]

What about the flip side: Using Crack to Google MD5 passwords?

I wouldn't be too alarmed.

[morgan_greywolf (835522)]

Most MD5 password hashes, such as those used in *nix, are salted [wikipedia.org], and hence secure from this sort of vulnerability. That Wordpress uses unsalted MD5 sums to store passwords boggles my mind. It shows that the developers know even less about cryptography than I do. That's scary.

Re:I wouldn't be too alarmed.

[SevenDigitUID (1104081)]

That is totally unfair to the wordpress developers. Just because they don't care doesn't mean they don't understand.

Re:I wouldn't be too alarmed.

[cstdenis (1118589)]

You do realize that most businesses (and therefore most websites you have accounts on) just store passwords plain text because it's easier to do tech support that way. Salted hashes are better than unsalted hashes, but most don't bother hashing at all.

Re:I wouldn't be too alarmed.

[nuzak (959558)]

That Wordpress uses unsalted MD5 sums to store passwords boggles my mind. It shows that the developers know even less about cryptography than I do. That's scary.

Oh it's even better than that. It stores your md5 password in a plain text cookie, and if it receives such a cookie, sets an $already_md5 flag to true that's then passed to wp_login() which then just compares it literally against the unsalted md5 entry.

<guinness>Brilliant!</guinness>

Dark Helmet

[Nate Fox (1271)]

So the combination is 827ccb0eea8a706c4c34a16891f84e7b. (lifts mask) That's the stupidest combination I've ever heard in my life. That's the kinda thing an idiot would have on his luggage.

Let me guess

[GroeFaZ (850443)]

The password was hunter2? [bash.org]

Re:Let me guess

[omnipresentbob (858376)]

What's with all the stars in your post?

In itself nothing new

[owlstead (636356)]

But if I ever need to run a hash against a password database, I'll remember this lesson and first perform a Google search. Saves a lot of time and CPU cycles.

I am already doing this for telephone calls I cannot place. If it's an institution or a person that is calling because of profession, the chances that the telephone is listed somewhere on a (search engine) accessible web page is *very* large.

on a related note...

[sootman (158191)]

... I wish Google would collect/show/use checksums of files in search results. It would be a great way to find identical files.* Thousands of uses:

• I found this file on my computer and I forgot where it came from.
  
• I downloaded this file but I forget where I got it. It's too big to email so I would like to send a friend a link to the original file.
• I want to see if anyone has taken this pic from my site and posted it elsewhere.
• This download is taking FOREVER. Is anyone else hosting this exact file?

and many, many more. I had this idea years ago and sent it in to them but haven't heard anything since. I don't want any credit**, just implement it and let me know when it's up and running! And the funny thing is, I'm sure Google is already checksumming every file as part of how they do all their magic. All they have to do is post the data!

* and, since collisions are possible, it would provide a nice corpus to study collisions, etc. in the real world.

** this isn't an entirely original idea. Linux distros have been posting checksums for years as a way to let users verify that their downloads were not corrupted; as a bonus, I (and I'm sure some others) have done searches of those values to find sites hosting that particular release.

Man, I need to change my password NOW.

[fo0bar (261207)]

Results 1 - 10 of about 101,000 for d41d8cd98f00b204e9800998ecf8427e. (0.04 seconds)