Cracking MD4 Password Hash

**loftrat** · 09-10-2007, 06:15 PM

Hey Guys,

Please could someone give me some pointers on the following:

I'm trying to crack the following MD4 hash:

Code:

eaea3687057c1a8365255279bfca9550

I've ascertained that the current B|T build of John the Ripper doesn't crack MD4, but that there is a module available that will enable this functionality. I can't work out how to install that module though, or even where I can find it.

I've also found a tool as part of the B|T install called mdcoll (which has md4coll and md5coll as part of the package), but I can't find any understandable usage instructions on the web.

I've tried searching the forums here. MD4 is too short a search term so the search facility won't return any results, I've also searched for *MD4* which does return results but nothing that is useful.

Am I on the right track with using md4coll to crack this? If so could someone give me some pointers as to the correct usage of this tool please? Failing that, if someone could point me in the direction of some sort of guide/tutorial for installing the MD4 module into JTR I would appreciate it.

Failing all of that.....has anybody got any other ideas on ways to crack MD4 hashes? I know that Cain can crack this hash, but that's Windows based and I'd prefer to use Back|Track for this

Thanks

**elazar** · 09-10-2007, 06:43 PM

md4coll is an MD4 collision generator. It will not find your password, what it will find is other words(plaintext) that will generate the same md4 hash. Google 'md4 collision', or better yet, take a look at the Wikipedia's entry for MD4. As for cracking MD4 hashes, I also have not seen an MD4 plugin for John, however there is a utility called MDCrack(also on the openwall site) however it only runs on Windows. There is another utility called Lepton's crack which can handle raw MD4 hashes and runs on Linux, however I have never tried it, nor do I know anything about it.

HTH,

E

**loftrat** · 09-10-2007, 06:44 PM

Ok, thanks for the help

**elazar** · 09-10-2007, 07:48 PM

loftrat,
Just a quick forum tip, don't post hashes that you are looking to crack, its a quick ticket to the idiot corner...

**Shippie** · 09-10-2007, 08:04 PM

Originally Posted by elazar

loftrat,
Just a quick forum tip, don't post hashes that you are looking to crack, its a quick ticket to the idiot corner...

unless the hash is of something like "hahan00b!uthawtIwouldactuallypostahashofsumthingi mportant?!"

**PrairieFire** · 09-10-2007, 08:09 PM

Originally Posted by elazar

loftrat,
Just a quick forum tip, don't post hashes that you are looking to crack, its a quick ticket to the idiot corner...

80e1187cbe4b59172a33bc770c6800f2

**elazar** · 09-10-2007, 08:13 PM

Just basing my tip on the number of "crack this" posts...

**thorin** · 09-10-2007, 08:33 PM

There are some online rainbow tables, dictionaries, and hash cracking tools that might be able to help you.

**loftrat** · 09-10-2007, 09:40 PM

Originally Posted by elazar

loftrat,
Just a quick forum tip, don't post hashes that you are looking to crack, its a quick ticket to the idiot corner...

Noted, but nobody else will have that particular hash, it won't help anybody else, and it definitely isn't for anything important/illegal

**loftrat** · 09-10-2007, 09:41 PM

Oh yeah, and even when it's decrypted it won't mean anything to anybody

BackTrack Linux - Penetration Testing Distribution

Thread: Cracking MD4 Password Hash

Thread Tools

Search Thread

Display

Cracking MD4 Password Hash

Posting Permissions