Google as a Password Cracker? »

Posted By tdrapeau 1 year, 7 months ago in Science & Technology
Prop it 54 Drop it

While doing forensics, I thought it would be interesting to find out the account password. Wordpress stores raw MD5 hashes in the user database (despite my recommendation to use salting). As with any respectable hash function, it is believed to be computationally infeasible to discover the input of MD5 from an output.

Read Full Story at lightbluetouchpaper.org »

231 Views Share Story 3 Comments Report

Submitted By:
tdrapeau

Tom Drapeau is the Director of Propeller social news. Although it is the job he always dreamed he'd have, he's had a pretty ...

Who Also Submitted:
Other Related Articles:

Why not submit a story?

RSS Join the Discussion

+ Add Comment
Showing 4 of 14 Comments (view all)
  • 0%
    tdrapeau1 year, 7 months ago

    I just tried this with the MD5 for "test" - check out the results: http://farm3.static.flickr.com/2001/2050503101_...

    (comment_max_expanded_depth : 2) (depth : 1) (comment_max_render_depth : 3)
    Reply
    loading loading ...
    • 0%
      blainegarrett1 year, 7 months ago

      md5 was officially cracked not long ago.

      http://en.epochtimes.com/news/7-1-11/50336.html

      It is still an expensive process to reverse md5s. But there are sites like the below that have a waiting period...

      http://passcracking.com/

      eek

      (comment_max_expanded_depth : 2) (depth : 1) (comment_max_render_depth : 3)
      Reply
      loading loading ...
      • 0%
        tdrapeau1 year, 7 months ago

        @blainegarrett: From the article you linked to-

        Within four years, the U.S. government will cease to use SHA-1 (Secure Hash Algorithm) for digital signatures, and convert to a new and more advanced "hash" algorithm, according to the article "Security Cracked!" from New Scientist . The reason for this change is that associate professor Wang Xiaoyun of Beijing's Tsinghua University and Shandong University of Technology, and her associates, have already cracked SHA-1.

        Nice. Cracked today, US government will stop using it.... later.

        (comment_max_expanded_depth : 2) (depth : 1) (comment_max_render_depth : 3)
        Reply
        loading loading ...
        • 0%
          hlebzx1 year, 1 month ago

          The whole story started back in 1996, shaped as a research project, its parents being Larry Page and Sergey Brin, and the original search engine was nicknamed "BackRub", but that's history already. Before I return to my Google party here, there's one more interesting thing that needs to be known :p

          http://pricelistreview.org

          (comment_max_expanded_depth : 2) (depth : 1) (comment_max_render_depth : 3)
          Reply
          loading loading ...
          View All 14 Comments

          Add a Comment

          Sign In With Your Propeller Account

          Forgot your password?

          Please keep your comments relevant to this story.

          To create a live link, simply type the URL (including http://) or email address and we will make it a live link for you. You can put up to 3 URLs in your comments. Line breaks and paragraphs are automatically converted — no need to use <p> or <br /> tags.

          Submit a Story

          Today's Top Stories!

          Story Tags ?

          Hey! If you Sign In, you can add tags to this story!

          Also Dropping This Article

          No one has dropped this story.

          Groups Watching This

          No groups are watching this story. Why not share it with your groups?

          Also Submitted By

          No one else has submitted this story.

          Advertisement