Transformation of MD5 to crack the program

Suitable for readers: cracking enthusiasts and webmasters
Prerequisites: None
Transformation of MD5 to crack the program
 
Suitable for readers: cracking enthusiasts and webmasters

Prerequisites: None

Transformation of MD5 to crack the program

Wen/Tu An meihong (anmeihong@sina.com)

You may be familiar with MD5, but do you really know it? Although the average person does not need to go to root-root to ask the question like this, when using it, he can directly download the programs compiled by others, but a good hacker like me always wants to catch something different-have you ever thought about modifying MD5 by yourself? What makes the MD5 cracking tool available on the internet useless? If you are interested, let's take a look!

Now let's take a look at how to modify the source code of the website management program to make the modified MD5 a weapon that cannot be cracked. I will describe it with the famous Chinese online forum DVBBS7.0.

We all know that the data and password of Forum users and the questions or answers to the questions are stored in MD5 hash. Generally, attackers download the database for cracking and obtain the Administrator's password, by default, it is placed in this path:

Bbsdatadvbbs7.mdb

In general, we use modifying the Database Name and modifying the relevant settings in Conn. asp to implement security protection. Now our method is to find in1_5.asp. This page is the Program for hash processing. If we modify it here, we will generate our own new MD5 hash algorithm. Open it in notepad and find the place. 1:

 

 

Figure 1

See it? The values a, B, c, and d are the key values we talked about earlier. You can change them as you like! I suggest you change one digit. For example, you can change a = 0x67452301 to a = 0x67452300, so that you can use a different MD5 algorithm, even if your database is downloaded, you can use it with peace of mind and let them crack the MD5 tool!

 

 

Icefire: people who know about the MD5 process may ask, will this change affect the operation? It is believed that experts engaged in pure mathematical research may be difficult to prove it, let alone our outsourcers. On the other hand, MD5 collects all the information, and the above changes are only used by thousands or tens of thousands of users on a website. In terms of NLP, there should be no major problems, if you don't believe it, try it. The possibility of conflict is very small.