Since MD5 is a method of encryption and is publicly available, it is possible to create a hash collision by using common methods of cracking hashes. This in turn "cracks" the hash and returns to you the value of the string before it had been put through the MD5 process. This is achieved most commonly by a "dictionary" attack. This consists of running a list of words through the MD5 encoding process and checking whether any of them are a match against the MD5 hash you are trying to crack. This works because MD5 hashes are always the same if the same word is hashed.
To start cracking the MD5 hashes, we need to load a file containing a list of words that will be encrypted in MD5. This will allow us to loop through the hashes and check whether we have a match:
import hashlib target = raw_input("Please enter your hash here: ") dictionary = raw_input("Please enter the file name of your dictionary: ") def main(): with open(dictionary) as fileobj: for line in fileobj: line = line.strip() if hashlib.md5(line).hexdigest() == target: print "Hash was successfully cracked %s: The value is %s" % (target, line) return "" print "Failed to crack the file." if __name__ == "__main__": main()
We first start by loading the module into Python as normal:
import hashlib
We need user input for both the hash we would like to crack and also the name of the dictionary we are going to load to crack against:
target = raw_input("Please enter your hash here: ") dictionary = raw_input("Please enter the file name of your dictionary: ")
Once we have the hash we would like to crack and the dictionary, we can continue with the encoding. We need to open the dictionary
file and encode each string, one by one. We can then check to see whether any of the hashes match the original one we are aiming to crack. If there is a match, our script will then inform us and give us the value:
def main(): with open(dictionary) as fileobj: for line in fileobj: line = line.strip() if hashlib.md5(line).hexdigest() == target: print "Hash was successfully cracked %s: The value is %s" % (target, line) return "" print "Failed to crack the file."
Now all that's left to do is run the program:
if __name__ == "__main__": main()
Now let's have a look at the script in action:
Please enter your hash here: 5f4dcc3b5aa765d61d8327deb882cf99 Please enter the file name of your dictionary: dict.txt Hash was successfully cracked 5f4dcc3b5aa765d61d8327deb882cf99: The value is password