We know that MD5 encryption is irreversible, but it's easy to crack MD5 encryption.
There are also a lot of online hacks on the web. Since it is irreversible, how did those online hacks come about?
The reason is simple, is to use the poor lifting method to crack.
For example: We calculate the MD5 of the combination of all the characters on the keyboard, and the strings before and after the encryption are stored in the database respectively;
Then take your MD5 encrypted string to query for the string before encryption. This is the mystery of online cracking.
But this method of cracking also has limitations. Such as: I have a single string of multiple MD5 encryption, then we crack will be repeated to do the poor lifting.
If you do not know how many times the string has been MD5 encrypted, then try to repeat it several times. Of course the general Web site uses MD5 encrypted passwords that are not too complex.
We can use the method I'm talking about today to crack it.
1.
first we want to find out all the characters on the keyboard, in the array, as follows:
/** * All characters except function keys on the keyboard */static char[] buf = {' 1 ', ' 2 ', ' 3 ', ' 4 ', ' 5 ', ' 6 ', ' 7 ', ' 8 ', ' 9 ', ' 0 ', ' a ', ' B ', ' C ', ' d ', ' e ', ' f ', ' g ', ' H ' , ' I ', ' j ', ' K ', ' l ', ' m ', ' n ', ' o ', ' P ', ' Q ', ' R ', ' s ', ' t ', ' u ', ' V ', ' w ', ' x ', ' y ', ' z ', ' A ', ' B ', ' C ', ' D ', ' E ', ' F ', ' G ', ' H ', ' I ', ' J ', ' K ', ' L ', ' M ', ' N ', ' O ', ' P ', ' Q ', ' R ', ' S ', ' T ', ' U ', ' V ', ' W ', ' X ', ' Y ', ' Z ', ', ' ~ ', '! ', ' @ ', ' # ', ' $ ', '% ', ' ^ ', ' & ', ' * ', '? ', ' ' ', ' ' ' ', ': ', ' (', ') ', '; ', ', ', ', ', '/', ' < ', ' > ', ' ' ', ' | ', ' ', ', ' ', ' ' {', '} ';
2.
we want to implement the MD5 calculation method, as follows:
/** * Implement MD5 encryption * @author Herman.xiong * @date 2015-4-22 morning 10:19:05 * @param str * @return */static string MD5 (String str) {S Tringbuffer sb = new StringBuffer (+), try {messagedigest MD = messagedigest.getinstance ("MD5"); byte[] array = md.digest (s Tr.getbytes ("UTF-8")); for (int i = 0; i < Array.Length; i++) {Sb.append (integer.tohexstring (Array[i] & 0xFF) | 0x1 XX). toUpperCase (). substring (1, 3));}} catch (Exception e) {return null;} return sb.tostring ();}
3.
we want all the characters on the keyboard to be free to mix and repeat. The combination code is as follows:
/** * Recursive Combining characters * @author Herman.xiong * @date 2015-4-22 pm 03:35:41 */static void Select (String str,char [] data) {if (1 > data.length) return;for (int i = 0; i < data.length; i++) {String result=str+data[i]; SYSTEM.OUT.PRINTLN (Result),//SYSTEM.OUT.PRINTLN (MD5 (result)), if (Result.length () <data.length) {Select (Result, data);}}} public static void Main (string[] args) {for (int i = 0; i < buf.length; i++) {System.out.println (buf[i]);//SYSTEM.OUT.P RINTLN (MD5 (buf[i]+ ")), select (buf[i]+" ", BUF);}}
4.
array {"1", "2", "3"} combination effects are as follows:
1 11 111 112 113 12 121 122 123 13 131 132 133
2 21 211 212 213 22 221 222 223 23 231 232 233
3 31 311 312 313 32 321 322 323 33 331 332 333
5. put the calculated MD5 into the database, MD5 encryption, and then hack.
The instance code is as follows:
Package Com.herman.test;import java.security.messagedigest;/** * We know MD5 encryption is irreversible, but it's easy to crack MD5 encryption. * Online also has a lot of hack. Since it is irreversible, how did those online hacks come about? * The reason is very simple, is to use the poor lifting method to crack. * For example: We calculate the MD5 of the combination of all the characters on the keyboard, the string before and after the encryption into the database; * Then take your MD5 encrypted string to query the string before encryption. This is the mystery of online cracking. * But this method of cracking also has limitations. Such as: I have a single string of multiple MD5 encryption, then we crack will be repeated to do the poor lifting. * If you don't know how many times a string has been MD5 encrypted, try repeating it a few more times. Of course the general Web site uses MD5 encrypted passwords that are not too complex. * We can use the method I'm talking about today to crack it. * 1. First we want to find out all the characters on the keyboard, in the array, as follows: * 2. We want to implement the MD5 calculation method, as follows: * 3. We want all the characters on the keyboard to be free to mix and repeat. The combination code is as follows: * 4. Array {"1", "2", "3"} combination effects are as follows: 1 11 111 112 113 12 121 122 123 13 131 132 1332 21 211 212 213 22 221 222 223 23 231 232 2333 31 311 312 313 32 321 322 323 33 331 332 333 5. Put the calculated MD5 into the database, arbitrarily MD5 encryption, and then hack. * @author Herman.xiong * @date 2015-4-22 a.m. 10:18:19 * @version V3.0 * @since JDK 1.6,tomcat 6.0 */public class Test {/** * All characters except function keys on the keyboard */static char[] buf = {' 1 ', ' 2 ', ' 3 ', ' 4 ', ' 5 ', ' 6 ', ' 7 ', ' 8 ', ' 9 ', ' 0 ', ' a ', ' B ', ' C ', ' d ', ' e ', ' f ', ' g ', ' h ', ' I ', ' J ', ' K ', ' l ', ' m ', ' n ', ' o ', ' P ', ' Q ', ' R ', ' s ', ' t ', ' u ', ' V ', ' w ', ' x ', ' y ', ' z ', ' A ', ' B ', ' C ', 'D ', ' E ', ' F ', ' G ', ' H ', ' I ', ' J ', ' K ', ' L ', ' M ', ' N ', ' O ', ' P ', ' Q ', ' R ', ' S ', ' T ', ' U ', ' V ', ' W ', ' X ', ' Y ', ' Z ', ', ' ~ ', '! ', ' @ ', ' # ', ' $ ', '% ', ' ^ ', ' & ', ' * ', '? ', ' ', ' ', ': ', ' (', ') ', ', ', ', ', '. ', '/', ' < ', ' > ', ' ' ', ' ', ' ', ' ', ' ', ' ', ' ' {', '} '};/** * Implement MD5 encryption * @author Herman.xiong * @date 2015-4-22 morning 10:19:05 * @param str * @return */static string MD5 (String str) {STRINGB Uffer sb = new StringBuffer (+), try {messagedigest MD = messagedigest.getinstance ("MD5"); byte[] array = md.digest (str.get Bytes ("UTF-8")); for (int i = 0; i < Array.Length; i++) {Sb.append (integer.tohexstring (Array[i] & 0xFF) | 0x100). To Uppercase (). SUBSTRING (1, 3));}} catch (Exception e) {return null;} return sb.tostring ();} /** * Recursive Combining characters * @author Herman.xiong * @date 2015-4-22 pm 03:35:41 */static void Select (String str,char [] data) {if (1 > data.length) return;for (int i = 0; i < data.length; i++) {String result=str+data[i]; SYSTEM.OUT.PRINTLN (result);//system.out.println (MD5 (result)), if (Result.length () <data.length) {Select (Result, data);}}} public static void Main (string[] args) {for (int i = 0; i < buf.length; i++) {System.out.println (buf[i]);//SYSTEM.OUT.P RINTLN (MD5 (buf[i]+ ")), select (buf[i]+" ", BUF);}}}
The effect of the operation for encryption is as follows:
welcome everyone to follow my blog! If in doubt, please add QQ Group: 135430763 Study together!
How to crack MD5 encryption