Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Online MD5 Hash Database

Posted by ScuttleMonkey on from the handy-tools-that-want-to-get-slashdotted dept.

Gravix writes with a shameless plug for his new site "Sporting over 12 million entries, project GDataOnline is one of the largest non-RainbowTable based MD5 crackers on the internet. The database spans over 7 languages, 35 topics, and contains common mutations to words that include numbers and capitalization. Average crack time for 5 hashes: .04 seconds. No more waiting weeks for your results!" Shameless plug aside, the site still seems worth a closer look.

5 of 295 comments (clear)

  1. Hmmm... by mg2 · · Score: 5, Insightful
    Seems like using salted MD5 hashes would render this kind of stuff totally useless.

    ...You all use salted md5 hashing in your applications, don't you?

  2. Doesn't seem very useful by VeryProfessional · · Score: 5, Insightful

    Apart from the fact that this site is somewhat morally questionable, it doesn't seem to work very well. I inserted a number of hashes for common first names and dictionary words, and none of them returned a hit. If the database doesn't even cover common stuff such as this, what is it really good for? Really, 12 million hashes out of a space of 2^128 is truly miniscule.

    1. Re:Doesn't seem very useful by kasperd · · Score: 5, Insightful

      I inserted a number of hashes for common first names and dictionary words, and none of them returned a hit.

      You wouldn't by any chance be using the md5sum command line utility and typing a newline after the word? I just tried my own name, which turned out to be in the database. Could you give just a few examples of the hash values you submitted, and the word you expected it to return?

      --

      Do you care about the security of your wireless mouse?
  3. Re:Linux by rhizome · · Score: 4, Insightful

    More often then not people are dumb and easily scared. Every time you do something they don't expect you to do, they might treat you as a criminal, no matter what your intentions.

    This is why it's not a good idea to humiliate people who have more power than you if you have something to lose.

    --
    When I was a kid, we only had one Darth.
  4. Re:Downloadable database form? by pAnkRat · · Score: 4, Insightful

    Just out of interrest, why would you store the password for a user as (pseudo code follows)

    md5(pw);

    and not

    md5(username + pw);

    Salting the the hash with a variable (here: username) helps preventing wide scale probing with rainbow lists in the event the DB gets "stolen".

    --
    we need an "-1 Plain wrong" moderation option!