If you're sure it's MD5 then of course it is. MD5 is MD5 is MD5, welcome to the wonderful world of standards.
SIPcrack md5 rainbow tables
I'm curious, is it possible to lookup the hashes captured by SIPdump using an online/offline rainbow table?
If you're sure it's MD5 then of course it is. MD5 is MD5 is MD5, welcome to the wonderful world of standards.
I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.
I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.
The problem is that I think there are multiple steps during the computation of the final MD5, ie if I lookup the MD5, it will give me an interim value if you see what I mean.
No I don't see what you mean. MD5 is a one way hash. Either you have an actual MD5 related to a string or some data or you don't. The only way to find that original data from the hash value is do compile a dictionary of hashes for known strings/data and then compare the end results and hope you get lucky.
I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.
I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.
Ok, I'm probably just wording what I mean badly
What I mean is that once I've got the plaintext of the MD5, it won't actually be the password, there will be more reverse steps necessary.
So you're saying you have the MD5 hash and you want to convert it the actual plaintext passphrase?Originally Posted by darkip
Ok, I'm probably just wording what I mean badly
What I mean is that once I've got the plaintext of the MD5, it won't actually be the password, there will be more reverse steps necessary.
A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.
Well the SIPcrack tool takes a network capture and allows you to do a wordlist attack against it but i've compared the hash it produces to one I generate using md5 and it's different therefore meaning that looking up the captured hash in a rainbow table is not going to give me the plaintext of the password because something else is done to produce the final one in SIPcrack.
Posting Permissions
