is there a way to solve md5 passwords?

cain and aden can do this, as well as an md5 cracker see CMD tools by comsec I believe in the file downloads section.

Well... JTR (John the Ripper) always did his job fine for that..


You may find it here...


But like very often the Solution is also here at the Board.... A quick Search would have helped

to my knowledge MD5 is pretty secure, md5 is a hash- this is basicallya one way encryption method used only to verify data!

The Best programs are:

The fastest public MD5 crack is MDCrack 1.2 -- RAW HASH cracking
http://www.checksum.org/download/MD5Crack/

But there is another one that Maybe faster, because it using a different way to crack MD5 passwords:

RainbowCrack v1.2:
http://www.antsight.com/zsl/rainbowcrack/

Also, I learn that Cain & Abel v2.5 beta47 for NT/2000/XP released
Now supports MD5, by using RainbowCrack v1.2
http://www.oxid.it/cain.html

there is some more info about cracking programs, i cbf posting it cause its on my site already (sig)

MDcrack si teh best and thre is progrma that can help u woth it if u r not good with command line software

yea rainbow cracking is good very easy once you make the tables but takes up a shit load of space :/

mdcrack is the best, but it takes a lot of cpu load. So i prefer John the Ripper...

I use Cain/Abel I think it works pretty good but not so fast. But MD5 is a good coding thing offcourse. But you guys are talking about tables to make who take a lot of space on your computer. I searched a bit but couldn't find a good answer. What are these tables and what are the advantages of these tables? Cuz when I fire a bruteforce I always get the password after some time.

there is more info on my site and in other posts in this forum

but basically you generate the tables with rainbowcrack, they are big files that take a while to generate. once you are done you look up your hash in the tables, this does not take long.
therefore if u have many hashes it would be a good idea to generate some rainbow tables
however, if you only have a couple hashes mdcrack (and maybe the frontend) would definitelybe the fastest way

Nulladd thanks m8 . I understand now what the advantages of tables are.

So far I've used KMD5 and John The Ripper and I had good success Dictionary or incremental. Won't believe how many users only use 6 char passwords.

KMD5 is really good for windows, on my laptop it screams thru incremental. Using JTR you can generate a huge dictionary using the rules settings. Then you can feed this dictionary to KMD5 and it will match the hashes to crack the MD5.

JTR won't work on some MD5's (like forum pass hashes), cause it doesn't handle the 32 character hash. KMD5 works with those exclusively. That's why I use them together. KMD5 readme shows an example of feeding JTR stdout into the stdin of KMD5 if you want JTR to do the incremental. If you're doing dictionary attack I would just run JTR with some custom rules on a big language text file, and pipe the stdout to a new file (AllWords.txt). Then you load this into KMD5 like so:

KMD5 -w <wordlistfilename> : <passwordfilenametocrack>

The password file is just a text file with the hash in it.

-niko

yeah i agree
also ive noticed that using kmd5 with 2 wordlists, that is a large dictionary and a small list of numbers up to 99 gets very good results

eg: passwords such as "bigword12", "computer7", etc are pretty common are can be brute forced very quickly

Yea I modded the JTR rules file to generate all words including words with a numbers 1 thru 99 tacked on the end. , so my FullText.txt is about 53megs right now, a good start. I've cracked about 3 passes easily with it, and several others with KMD5 incremental. Only about 3 or so that I never got to crack in a resonable time (like 2 hours I gave up for now)

-niko

Could you share your 53 Meg File with use? Would be gr8!

lol ya if there was somewhere to host that I might,

but seriously all I did was find the list of wordlists (it's a thread somewhere in the GSO forums), and then I patched all the files together if I remember,....

man, it was too long ago, I don't remember what I did anymore

-niko