Printable View
Noia:
MD* is 32 characters, 0-9 and a-f.
SHA1 is 40 characters, 0-9 and a-f.
Leave the caps out ;)
For clarification, I am trying to do what sirdice mentions in post #7.
My method for figuring this out was by generating a bunch of them in cryptomx and comparing, so may be incorrect.
I wasn't outlining cracking techniques, but brute-forcing an MD5 is a method of checking it's authenticity :) Not the best one, time-wise and whatnot, but still, if the brute-force process returns a string that when passed through MD5 would return the proper hash, that means the hash is valid.
Something you may find interesting, SHA0 has been broken, and its rumored that SHA1 and MD5 are next. :)
-Maestr0
http://slashdot.org/article.pl?sid=0...&tid=1&tid=218
This is all well and good but, how do you search for md5 strings in an evidence file. I think that was the question.????????????
1. As far as the Slashdot article goes it seems there have been collisions already found in MD5. But yes, with these 'bugs', many cryptographic systems would be at risk.
2. jinxy the way I got the initial question was: how can you make sure the hash you're looking at is in fact generated by the MD5 algorithm, instead of it being a completely random string?
Surely if there was a system for creating a check value then anyone could come along and make any old string (without a check value) then work out what the check value would be using the same equation thus making it pointless. Or have I once again missed something something important for example oxygen?
Hellforge-
Yes if there were a check value in MD5, that would be possible. CC# generators, key generators, serial generators all use an algorithm that fake a check value. But it seems in this case that the MD5 algorithm doesn't output any check values.
Jinxy- I know how to search for a string in a file with a few languages, it's just that when I just used the 32 character length as a filter, I got lots of results. I wanted to run those results through a second filter, and it turns out there are certain letters and numbers in the string. Although it still doesn't mean it's a legit MD5, I guess.