Sometimes you just need the password

MD5 Hash Cracking / Pop that Hash


Why not MD5 Decrypted?

Technically speaking MD5 password hashes are not cracked or decrypted . They are reversed or matched using a list of possible passwords. The list of passwords is computed into a list of MD5 hashes and the one that matches the target hash corresponds with that known password.

Passwords stored as an MD5 Hash are usually represented as a 32 character hexadecimal number. Modern computing power (GPU based) and known weakness makes MD5 a password storage function that is no longer secure.

An example MD5 hash of the string password is 5f4dcc3b5aa765d61d8327deb882cf99.

Try to match the example in our online MD5 password hash tool below.

MD5 Hash Command Line Examples


MD5 hash of a string using Bash

Using bash on any Linux command line you can get the MD5 hash of a string simply by echoing the string to the md5sum utility. Using echo -n ensures the line break is not included in the hash generation.

        
    user@host:~$ echo -n password | md5sum -
    5f4dcc3b5aa765d61d8327deb882cf99  -
    

MD5 hash of a file using Bash

In this example we use bash and the md5sum utility to generate an MD5 hash of a file. It is interesting to note that a simple text file with the "password" string matches the hash of the string password. As long as there is no line breaks in the file the hash will match. Of course getting the MD5 sum of a file is often used to confirm a files integrity - that two files from different locations or that have been downloaded match. The hash function can be performed against any file type not only simple text.


    user@host:~$ echo -n password > test.txt
    user@host:~$ md5sum test.txt
    5f4dcc3b5aa765d61d8327deb882cf99  test.txt
  

MD5 hash of a string using Python 3.x

Using python from the command line we can generate the MD5 hash of a string using the hashlib library. Note the use of this library in Python 3.x requires that the string be in byte string format (encoded).


    user@host:~$ python3
    Python 3.8.10 (default, Sep 28 2021, 16:10:42) 
    [GCC 9.3.0] on linux
    Type "help", "copyright", "credits" or "license" for more information.
    >>> import hashlib
    >>> output = hashlib.md5(b'password')
    >>> print(output)
    <md5 HASH object @ 0x7ff7a3557f10>
    >>> print(output.hexdigest())
    5f4dcc3b5aa765d61d8327deb882cf99
  

MD5 hash of a file using Windows

Since Windows 2003 there is tool that can be used to calculate MD5 hashes of a file. The CertUtil is able to perform this function as shown below. Note that files generated under Windows will be encoded differently to those generated under Linux or OSX.


    C:\Users\vagrant\> CertUtil -hashfile test.txt md5
    MD5 hash of test.txt
    5f4dcc3b5aa765d61d8327deb882cf99
  
If you see a different hash in Windows compared to Linux you may find that the two files are actually different. Even though they both might contain exactly the same text; there can be differences in the encoding or line breaks. To test try running the Linux file command on the Windows generated file. If the result is test.txt: Little-endian UTF-16 Unicode text, with no line terminators then this will account for the difference. You could also run hexdump on the two different files to see the differences in the raw bytes of the files.

MD5 hash of a file using Powershell

Using Powershell we can also generate an MD5 using the Get-File-Hash cmdlet. Note that even plain text files generated under Windows may be encoded differently to those generated under Linux or OSX. See note above.


    PS C:\Users\vagrant> Get-FileHash -Algorithm MD5 linux.txt

    Algorithm       Hash                                                                   Path
    ---------       ----                                                                   ----
    MD5             5F4DCC3B5AA765D61D8327DEB882CF99                                       C:\Users\vagrant\test.txt
  

MD5 hash of a string using PHP

A simple MD5 function within PHP allows the hash to be generated in this example. The string being hashed could also of course be a variable or a binary blob.


    user@test:~$ echo "<?php print(md5('password')) ?>" > test.php
    user@test:~$ php test.php
    5f4dcc3b5aa765d61d8327deb882cf99
  

Brief History of MD5


First developed in 1991 the MD5 algorithm is now over 30 years old. As previously mentioned the increase in computing power has allowed brute calculations of MD5 into the billions per second with common consumer hardware.

In addition to raw brute force with CPU and GPU's; attacks known as Collision Attacks were discovered back in 2004.

In simple terms a collision attack is one where the same MD5 hash value can be reproduced using different inputs (the whole idea is that the inputs must be identical). While not common practical, applications of collision attacks do occur.

In 2012 it was discovered that the Flame Malware was using an MD5 collision attack to forge Microsoft Digital Signatures (used to verify a legitimate binary). The use of a somewhat sophisticated attack in this malware is not surprising when you consider that the Flame Malware has been attributed to the Equation Group by Kaspersky.