This is the OLD Rival Rebels forum (Locked). To go to the NEW Forum please click here.
This topic contains 21 replies, has 9 voices, and was last updated by 
Rodol 10 months ago.
-
I eat MD5 for breakfast
-
Rodol once told me that no one could crack his hashes, since he has one rod disk password that he gives out and one that he keeps secret, and people would always claim to have “cracked” the released password. That was three years ago, and I am unsure as to whether anyone has figured out how to crack MD5 since.
But I am here to tell you that I have successfully cracked all eight of Rodol’s rod disk password hashes.
How I did it (for nerds only):
MD5 is a pathetic hashing algorithm, since it has one key vulnerability: if MD5(x) == MD5(y), then MD5(x+k) == MD5(y+k). Most MD5 collision calculators use the principle of reduction: start with the set of all real 16-bit sequences, and eliminate sequences that do not contain the 1st, 2nd, 3rd, etc. bytes in the start sequence, until the end collision(s) are found.
After reading Wang and Yu’s article I discovered that reduction is not the only way to generate a collision for MD5. My algorithm uses construction — build a collision from the ground up. I simply exploited MD5’s crucial weakness by appending the starting byte of each hash to a chain, then adding a new byte to the sequence. I appended the constant k, a byte ranging from -128 to 128. If bytes [1] and [2] of the hash sequence do not match bytes [1] and [2] of the chain, the byte k is incremented. This is done until bytes [1] and [2] of both sequences match. Eventually, the program will construct a byte array where positions [1] through [16] match in both sequences. After this is done, the collision byte array is converted to a string, AKA the password. My algorithm is also quite fast; I was able to feed in 8 of Rodol’s hashes and get collisions in less than 30 seconds.
Obviously, I won’t release any of the cracked passwords without approval. But Rodol can contact me in private to verify that I have all eight of the rod disk passwords :)
Have a nice day!
-Orch
Orchface
The title is true…
My algorithm can crack almost any hash that belongs to an alphanumeric string less than 15 characters.
Waiting for Rodol to see this, because he doubted the efficacy of my cracking algorithm a few years back…
I want to see his reaction when I tell him all of his ‘secret’ passwords :)Please don’t snip.
Orchface
This is quickly diverging from the topic at hand. I wish to discuss MD5 hashes, not debate whether a two-letter abbreviation is profanity.
Orchface
I used Java to reverse that pesky getString() method, but I used C++ to perform the chain algorithm. I chose C++ for exactly the reason you said; Java doesn’t support unsigned bytes or integers. Basically, I had a Java program perform all of the basic logic to extract possible combinations of hashes, then I used a C program to attempt to crack the hashes.
<span style=”-webkit-tap-highlight-color: rgba(0, 0, 0, 0);”>The collisions I found were all lowercase alphabetic strings, except for one. I calculated 8 unique alphabetic strings that sound like passwords. However, I found that one of the hashes has a collision with a 512-character Hex block, but I doubt you would use that as a password.</span>
Good to see you too, Rodol!
Orchface
This monster of a block is what my algorithm calculated to be a collision to one of your hashes:
d131dd02c5e6eec4693d9a0698aff95c2fcab50712467eab4004583eb8fb7f8955ad340609f4b30283e4888325f1415a085125e8f7cdc99fd91dbd7280373c5bd8823e3156348f5bae6dacd436c919c6dd53e23487da03fd02396306d248cda0e99f33420f577ee8ce54b67080280d1ec69821bcb6a8839396f965ab6ff72a7007a27ff6b2569f6939388a6bcb12896ce1d08a08076b45ec8ee775f02433f99e0adc842d60369320df30ad784b2e35dd6c919c634dcad6eab5f8436513e3288db5c373082fdbd19df99cdc7f8e521580a514175238884e38203b4f906043da5598f7bf8be3854004bae76421785bacf2c59ffa8960a9d3964cee6e5c20dd131cNote that this is purely a hypothetical calculated value, and not a string (so even if MC’s text input allowed 512 characters, this raw block wouldn’t work).
Essentially, this block represents data, not characters. There is no way to get this block into a usable form to test in Java (hex to string will not work properly due to data loss conversions). But when put through your encrypt() method, the raw data represented by this block will result in a matching hash with one of the eight passwords.This block took several minutes to calculate, so there could theoretically be longer strings that collide with your passwords. For time purposes, my algorithm stops at collisions that are greater than 512 characters in length.
I just tested all 8 passwords in RR singleplayer and they work :)
(That representative disk makes a killer light show!)Orchface
I plan on taking computer science in the future and to learn these things as I progress. However, I’m trying to start off early. Does anyone have any suggestions on where I should actually begin? This would bring great pleasure to me, thanks!
Warning: SEIZURE ALERT -
I eat MD5 for breakfast
You must be logged in to reply to this topic.