Guide to PHP SecurityQuicksearchCalendar
|
Monday, August 22. 2005MD5 Dictionary Attacks
While on my daily news crawl, I came across a site (http://gdataonline.com/seekhash.php) offering a free and very quick service designed to decode md5 hashes. The principal used here is a dictionary attack; the operators of the site build a reasonably large, 12 million & counting, database of hashes and their corresponding values. All you need to do is specify a hash and if they got it in their database in less a then a second you get to see its corresponding value. While compromising weak hashes via dictionary attacks was never that hard, it did require wasting some time and processing power in application such as John the Ripper (http://www.openwall.com/john/) trying to find the equivalent value. Now, you can do it quite effectively (I’ve tried) via this online tool in fractions of a second.
Given that many PHP applications (my own included) store passwords as hashes rather the clear-text, it now raises the needed to encourage users to be a bit more creative with their password strings. Use of high-ASCII characters, liberal use punctuation characters and a like are easy but affective tools at defeating dictionary attacks, which are based on a relatively limited data range. After all md5 is 2128, no one is going to offer the entire range of hashes, not to the general public anyhow  P.S. The hashing site is written in PHP 
Comments
Display comments as
(Linear | Threaded)
Just to mention that any application that stores md5s should benefit from the use of salts, i.e. md5('my_salt' . $pass . 'another_salt_again' . $pass), which makes things a little trickier, especially for dictionary attacks.
Yes, as Pavlos mentions, use of salt makes hashes immune from these rainbow-table attack (but not immune from John the Ripper). So, good passwords help, but using salted hashes is a very basic step that the programmer can take too. Personally I like using the crypt() method (which uses salted MD5 hashes on my systems) to store passwords.
Salting the password is an excellent approach in terms of adding another layer of security. It can by done directly via crypt(), on systems supporting md5 salt or via PEAR's Crypt_HMAC package.
I like the site that i started in april much more. i got only 1,915,920 md5 combinations right now ... but my site also supports XML and Plain Text mode and just looks better :p
the blog software ate my links ...
XML Mode: http://md5.rednoize.com/?q=06cf664ae1e21c4a6ba3ac9a2fa49ffa&xml plain text Mode: http://md5.rednoize.com/?q=06cf664ae1e21c4a6ba3ac9a2fa49ffa&p
http://xml.hashreverse.com/?hash=5f4dcc3b5aa765d61d8327deb882cf99
here is another good example.
I heard about your site (?), Sean Coates had mentioned it to me, but while it may look nicer the database is quite a bit smaller. I've tried a few combinations of words and numeric suffixes and the site I had mentioned was far more successful in decoding them.
One suggestion, assuming md5.rednoize is your site is to add word[1-10-] and word[1900-2032] for each text term. A lot of people use passwords in a form of dictionary word + number or year. This should add quite a few more entries to your DB an allow detection of many more passwords.
What I find interesting is that no one mentions that in order to attack a site with this database, you would first have to have a way to actually retrieve the md5 version of the passwords.
I'm a bit surprised at the 'oh my god all our sites are compromised now that this site exists' type of reactions all over the web. There have been md5 brute force scripts for a long time. So in my opinion, making sure your password hashes are not exposed is far more important than how easy an md5 is to decode.
The storage of passwords in a database is just one examples, md5 are used many places. I know plenty of applications that pass around md5 hashes of passwords via cookies.
Getting them out of a database, given the flurry of SQL injections being found in commonly used PHP apps is not a big challenge in many cases. The point I am trying to make it that weak md5 passwords are getting easier and easier to crack, without any investement of time or resources.
well the reason why you store the password md5'ed and not plain is because you are worried about people getting to your passwords. so if there is a way to circumvent this protection, then this is not the end of the world, but the end of this security precaution. unless you find ways to fix the situation.
Well, this hash seeking database have about 1/665 records then the world's largest search engine - google. But as it's server hardware is 10000+ times worse then google, how can it perform quite a fast search? As I know, Ilia, you are a PHP expert and you have mention that this search engine is written in PHP, can you suggest how they do so? And is there any special skill to speed up the looking up process?
Well, it does not take a lot of effort to make basic dictionary attack. Just use something like db4 to store hashes and their respective values and you can easily create a 100 million entry db under a gigabyte. Now put this db in ram disk and you can search through it pretty quick even on a very average system.
It is always about imagination and approach, I can easily imagine a simple function of your own modifying hash when you insert it into db (swap places etc.) so when you decode you'll get sth totally different. And unless you know what is the function you will never decode.
Doing something simple but unconventional can make things a little bit more tricky
|
My Flickr Stream
CategoriesSyndicate This BlogBlog Administration |
|||||||||||||||||||||||||||||||||||||||||||||||||
Comments