Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: Cracking MD4 Password Hash

  1. #1
    Member
    Join Date
    May 2007
    Posts
    202

    Default Cracking MD4 Password Hash

    Hey Guys,

    Please could someone give me some pointers on the following:

    I'm trying to crack the following MD4 hash:

    Code:
    eaea3687057c1a8365255279bfca9550
    I've ascertained that the current B|T build of John the Ripper doesn't crack MD4, but that there is a module available that will enable this functionality. I can't work out how to install that module though, or even where I can find it.

    I've also found a tool as part of the B|T install called mdcoll (which has md4coll and md5coll as part of the package), but I can't find any understandable usage instructions on the web.

    I've tried searching the forums here. MD4 is too short a search term so the search facility won't return any results, I've also searched for *MD4* which does return results but nothing that is useful.

    Am I on the right track with using md4coll to crack this? If so could someone give me some pointers as to the correct usage of this tool please? Failing that, if someone could point me in the direction of some sort of guide/tutorial for installing the MD4 module into JTR I would appreciate it.

    Failing all of that.....has anybody got any other ideas on ways to crack MD4 hashes? I know that Cain can crack this hash, but that's Windows based and I'd prefer to use Back|Track for this

    Thanks

  2. #2
    Member elazar's Avatar
    Join Date
    Sep 2007
    Posts
    217

    Default

    md4coll is an MD4 collision generator. It will not find your password, what it will find is other words(plaintext) that will generate the same md4 hash. Google 'md4 collision', or better yet, take a look at the Wikipedia's entry for MD4. As for cracking MD4 hashes, I also have not seen an MD4 plugin for John, however there is a utility called MDCrack(also on the openwall site) however it only runs on Windows. There is another utility called Lepton's crack which can handle raw MD4 hashes and runs on Linux, however I have never tried it, nor do I know anything about it.

    HTH,

    E

  3. #3
    Member
    Join Date
    May 2007
    Posts
    202

    Default

    Ok, thanks for the help

  4. #4
    Member elazar's Avatar
    Join Date
    Sep 2007
    Posts
    217

    Default

    loftrat,
    Just a quick forum tip, don't post hashes that you are looking to crack, its a quick ticket to the idiot corner...

  5. #5
    Just burned his ISO
    Join Date
    Sep 2007
    Posts
    7

    Default

    Quote Originally Posted by elazar View Post
    loftrat,
    Just a quick forum tip, don't post hashes that you are looking to crack, its a quick ticket to the idiot corner...
    unless the hash is of something like "hahan00b!uthawtIwouldactuallypostahashofsumthingi mportant?!"

  6. #6
    Senior Member PrairieFire's Avatar
    Join Date
    Apr 2007
    Posts
    705

    Default

    Quote Originally Posted by elazar View Post
    loftrat,
    Just a quick forum tip, don't post hashes that you are looking to crack, its a quick ticket to the idiot corner...
    80e1187cbe4b59172a33bc770c6800f2
    Μολὼν λαβέ - Great spirits encounter heavy opposition from mediocre minds.

  7. #7
    Member elazar's Avatar
    Join Date
    Sep 2007
    Posts
    217

    Default

    Just basing my tip on the number of "crack this" posts...

  8. #8
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    There are some online rainbow tables, dictionaries, and hash cracking tools that might be able to help you.

  9. #9
    Member
    Join Date
    May 2007
    Posts
    202

    Default

    Quote Originally Posted by elazar View Post
    loftrat,
    Just a quick forum tip, don't post hashes that you are looking to crack, its a quick ticket to the idiot corner...
    Noted, but nobody else will have that particular hash, it won't help anybody else, and it definitely isn't for anything important/illegal

  10. #10
    Member
    Join Date
    May 2007
    Posts
    202

    Default

    Oh yeah, and even when it's decrypted it won't mean anything to anybody

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •