In cryptography, encryption is the process of transforming information (referred to as plaintext) using an algorithm (called cipher) to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information (in cryptography, referred to as ciphertext). In many contexts, the word encryption also implicitly refers to the reverse process, decryption (e.g. “software for encryption” can typically also perform decryption), to make the encrypted information readable again (i.e. to make it unencrypted). Hashing is a one way encryption. That means that it is not possible to use a reverse algorithm in order to come back from the hash to the password. Any way people found a way to crack hashes by using a bruteforce or dictionary attacks. Because of this hashing was made even more secure. After reading the whole tutorial you will get the point.

2.Hashing Algorithms

Cracking any hash is not that simple like running a bruteforcer. Sometimes a bruteforcer or a dictionary attack will do the job but only in a very rare situations where the algorithm is a plain md5 and where the hash is without salt. Plain md5 algorithm ? What does that mean ? Nowadays people use more complicated algorithms in order to increase the security. For example a plain md5 is an algorithm like this:


What is this going to do ? This is going to make a md5 hash from the given pass. But what happens if you have something like this:


This makes first one md5 from the password and then another md5 hash from the new generated md5. So for example if the password is HI the results will be:

first one : md5("HI") = "bf8c144140b15befb8ce662632a7b76e"
second one: md5(md5"HI") = "ce8441edc9a85ed9839a849f99ed5ecc"

So as you can see for a same password we have two different MD5s. That is why when you are trying to crack a MD5 or any other hash ( the upper mentioned cases are the same for any other encryption out there ) it is very important to know the algorithm that was used to generate those hashes coz otherwise bruteforcing will have no sense and you will be stuck forever... There for always use a bruteforcer that allows you to enter the hash algorithm so that you can be sure that eventually you will find the password...


What is a Salt ? Why do people use Salts ? Hashing became even more secure way of encrypting passwords with the use of Salts. Salt is actually a random pass phrase that is added to the main password. How it is added depends from the algorithm that was used. Salts are being used coz bruteforcing a salted hash without knowing the Salt is impossible. For example imagine that you have a password HI. See what happens in the next cases if we take 1234567890 for a salt:

md5($pass) => md5("HI") = "bf8c144140b15befb8ce662632a7b76e"
md5($pass,$salt) => md5("HI1234567890") = "4f4d880dbc772fb6acba84a98bce6136"

That is why cracking a salted hash without knowing the hash is impossible... But what happens if we know that salt ? Then we need to specify in our bruteforcer like previous mentioned the algorithm in our case => md5($pass,$salt) and we need to specify the salt. Knowing this the bruteforcer will perform the attack like a normal bruteforce except it will add the salt to every combination he makes. On the paper it goes like this :


...and so on and so on. So basically every combination will end with 1234567890 and the only thing generated will be the thing before 1234567890. The use of Salts as you can see makes hashing even more secure.

4. Cracking

Cracking was mentioned during the whole tutorial but in here I will make a precise list of what you need to think before starting with decryption.

- First of all you need to figure out what type of hash do you have ( md5, sha1, mysql... )
- Then you need you need to see figure out if the hash is salted or not. If the hash is salted then you need the salt aswell
- Having the salt is not enough. You need to find the algorithm that was used. Only then you will be able to start with the decryption.
- If you came to all this things somehow you are ready to start with decryption.

Post a Comment