… or “Using Google and Yahoo to Light-Force An (Almost) Infinite Dictionary”
I read an article recently about using Google to search for plaintext equivalents of MD5 hashes. Basically, you search for the hash (something like, “5f4dcc3b5aa765d61d8327deb882cf99″) and look through the results for the plaintext equivalent (in this case, “5f4dcc3b5aa765d61d8327deb882cf99″ is equal to “password”).
It got me thinking about when I wore the Grey Hat in the old days, and I would download dozens of wordlists to use for my brute-force attempts at cracking Windows NT passwords (for educational purposes only :). If you consider the *illions of pages in the internet, you can essentially utilize them as a massive wordlist, or “webtionary”, for cracking.
Using PHP, I whipped up a script that searches both Google and Yahoo for the MD5 hash, then takes the results, sorts them by frequency of word, and hashes each word to try to match to the original query.
There are sites that let you search their huge databases of MD5 hashes and their plaintext-equivalents, but that’s not the point here. The point is using search results and sifting through a few hundred words of search results–which is more efficient that searching a few million rows, though not as successful. But, I was surprised at how many times the script quickly deciphered a hash. Try it yourself, and send me any improvements that could be made to the code to make it even more efficient.
July 19th, 2008 at 11:04 am
[…] published in this quarter’s edition. The article is from one of my January blog posts, Cracking MD5 Hashes With The Webtionary. You can buy the magazine now at most major book […]