Google as a Password Cracker? »

Posted by: tdrapeau 8 months, 1 week ago

4 CommentsReflectReport this Story

1.0

Scale of 1 to 10

Read: 0

Propped: 54

Comments: 4

Click Prop It to Raise Score
 Prop it

While doing forensics, I thought it would be interesting to find out the account password. Wordpress stores raw MD5 hashes in the user database (despite my recommendation to use salting). As with any respectable hash function, it is believed to be computationally infeasible to discover the input of MD5 from an output.

Read Full Story at lightbluetouchpaper.org

Join the Discussion

+ Add Comment
Comments So Far: 4
  • Avg rating: (+0/-0 0)

    tdrapeau
    tdrapeau
    Nov. 20, 2007, 5:22 p.m.

    I just tried this with the MD5 for "test" - check out the results: http://farm3.static.flickr.com/2001/2050503101_...

    Reply | Report!

    • Avg rating: (+0/-0 0)

      blainegarrett
      blainegarrett
      Nov. 20, 2007, 5:54 p.m.

      md5 was officially cracked not long ago.

      http://en.epochtimes.com/news/7-1-11/50336.html

      It is still an expensive process to reverse md5s. But there are sites like the below that have a waiting period...

      http://passcracking.com/

      eek

      Reply | Report!

      • Avg rating: (+0/-0 0)

        tdrapeau
        tdrapeau
        Nov. 21, 2007, 9 a.m.

        @blainegarrett: From the article you linked to-

        Within four years, the U.S. government will cease to use SHA-1 (Secure Hash Algorithm) for digital signatures, and convert to a new and more advanced "hash" algorithm, according to the article "Security Cracked!" from New Scientist . The reason for this change is that associate professor Wang Xiaoyun of Beijing's Tsinghua University and Shandong University of Technology, and her associates, have already cracked SHA-1.

        Nice. Cracked today, US government will stop using it.... later.

        Reply | Report!

        • Avg rating: (+0/-0 0)

          hlebzx
          hlebzx
          May 21, 2008, 3:49 p.m.

          The whole story started back in 1996, shaped as a research project, its parents being Larry Page and Sergey Brin, and the original search engine was nicknamed "BackRub", but that's history already. Before I return to my Google party here, there's one more interesting thing that needs to be known :p

          http://pricelistreview.org

          Reply | Report!

          Next 25 comments

          You must sign in to post a comment.

          Submitted By:
          tdrapeau

          Tom Drapeau is the Director of Propeller social news. Although it is the job he always dreamed he'd have, he's had a pretty ...

          Also submitted:

          Related Articles:

          Why not submit a story?

          Also Propping This Article

          view all »

          Groups Watching This

          No groups are watching this story. Why not share it with your group?

          Got a Story?

          Advertisement

          Got feedback on the new design? We're Listening! Send us Feedback