NO

Author Topic: MD5Finder V2  (Read 2598 times)

Grincheux

  • Guest
MD5Finder V2
« on: January 12, 2021, 02:50:33 AM »
Many time ago I wrote this program.
It has been improve for reducing the loops, the size of datas and the speed.
It can be dowloaded at https://www.mediafire.com/file/ox9354b2sdjkg0o/MD5Finder.7z/file
Quote
This program generates, search and insert passwords into many databases.
It can import text files.
It is not an original idea.

The goal was to store the MD5 and retrieve it quickly.

You say to yourself that's easy. Just store the MD5 string or 2 INT64 for the 128 bits!
No, it is not easy. Storing the string takes a long time for the research.
Storing the MD5 as two INT64 takes place into the database.

I want to minimize the place occupied into the databases and that the research is fast.
An other reason is that SQLite has problems with INT64. All of them are SIGNED!
I need UNSIGNED INT64, so I can't use this solution.

Here is the solution.

I create the password and the MD5.
After I create the CRC64 from the MD5.

Q:Why to create the CRC64 from the MD5 rather than the password!
A:Because I wanted to keep the MD5 colisions.

Now I store the original password and the CRC64.

Q:That is the same problem as storing MD5 in the INT64 form!
A:Yes, you are right.

I decided to keep only the first 56 bits CRC64 AND 00FFFFFFFFFFFFFF
Like this no problem to uses the CRC64.

Q:Ok but bits 56 to 63 are missing, why?
A:These bits give me the table number into which the password is stored.

There are 256 tables from 00 to 255

When searching, I compute the MD5 then I get the CRC64.
I isolate the bits 0 to 55 into a variable V1.
I get the bits 56 to 63 into a variable V2
I open the table V2
I search using SELECT with variable V1
Very fast.

Q:Why are there three dlls (A1, A2 and A3)?
A:They are created for storing all the possibilities of passwords from 1 character to 16 characters.
A1 for passwords of one characters.
A2 for passwords of two characters.
A3 for passwords of three characters
Don't recreate them them, it takes a long long time.
Creating the A3.dll takes 2 days!
They exist for reducing the number of loops while creating the passwords.

16 = 3 + 3 + 3 + 3 + 3 + 1
For generating the 16 characters passwords, it only needs 6 loops
The table below indicates the number of loops used to create all the passwords for a given length.

16 | 3 + 3 + 3 + 3 + 3 + 1  | 6 | (5 * 3) + 1       | -10
15 | 3 + 3 + 3 + 3 + 3      | 5 | (5 * 3)           | -10
14 | 3 + 3 + 3 + 3 + 2      | 5 | (4 * 3) + (1 * 2) | -9
13 | 3 + 3 + 3 + 3 + 1      | 5 | (4 * 3) + (1 * 1) | -8
12 | 3 + 3 + 3 + 3          | 4 | (4 * 3)           | -8
11 | 3 + 3 + 3 + 2          | 4 | (3 * 3) + (1 * 2) | -7
10 | 3 + 3 + 3 + 1          | 4 | (3 * 3) + (1 * 1) | -6
 9 | 3 + 3 + 3              | 3 | (3 * 3)           | -6
 8 | 3 + 3 + 2              | 3 | (2 * 3) + (1 * 2) | -5
 7 | 3 + 3 + 1              | 3 | (2 * 3) + (1 * 1) | -4
 6 | 3 + 3                  | 2 | (2 * 3)           | -4
 5 | 3 + 2                  | 2 | (1 * 3) + (1 * 2) | -3
 4 | 3 + 1                  | 2 | (1 * 3) + (1 * 1) | -2
 3 | 3                      | 1 | (1 * 3)           | -2
 2 | 2                      | 1 | (1 * 2)           | -1
 1 | 1                      | 1 | (1 * 1)           | 0

A classic way to generate the passwords would use the number of loops indicated in column 1.
The program only needs the number of loops given in the last column

You don't understand? me too!

Imagine a 8 char password. I take one at random, example "Philippe"
It is composed as following : "Phi" "lip" "pe"
I will need "Phi" from A3.dll, "lip" from A3.dll and "pe" from A2.dll
If I have to generate all the 8 characters length passwords,
and for one dictionnary, makes a great number of loops

Here are the dictionnaries:

alignas(int)   char   szBin[]            =   "01" ;
alignas(int)   char   szBinMaj[]         =   "01ABCDEFGHIJKLMNOPQRSTUVWXYZ" ;
alignas(int)   char   szBinMin[]         =   "01abcdefghijklmnopqrstuvwxyz" ;
alignas(int)   char   szBinMinMaj[]      =   "01abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ" ;
alignas(int)   char   szMaj[]            =   "ABCDEFGHIJKLMNOPQRSTUVWXYZ" ;
alignas(int)   char   szMin[]            =   "abcdefghijklmnopqrstuvwxyz" ;
alignas(int)   char   szMinMaj[]         =   "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ" ;
alignas(int)   char   szNbr[]            =   "0123456789" ;
alignas(int)   char   szNbrMaj[]         =   "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ" ;
alignas(int)   char   szNbrMin[]         =   "0123456789abcdefghijklmnopqrstuvwxyz" ;
alignas(int)   char   szNbrMinMaj[]      =   "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ" ;
alignas(int)   char   szOpr[]            =   "!$*+-/=@" ;
alignas(int)   char   szOprBin[]         =   "!$*+-/=@01" ;
alignas(int)   char   szOprBinMaj[]      =   "!$*+-/=@01ABCDEFGHIJKLMNOPQRSTUVWXYZ" ;
alignas(int)   char   szOprBinMin[]      =   "!$*+-/=@01abcdefghijklmnopqrstuvwxyz" ;
alignas(int)   char   szOprBinMinMaj[]   =   "!$*+-/=@01abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ" ;
alignas(int)   char   szOprMaj[]         =   "!$*+-/=@ABCDEFGHIJKLMNOPQRSTUVWXYZ" ;
alignas(int)   char   szOprMin[]         =   "!$*+-/=@abcdefghijklmnopqrstuvwxyz" ;
alignas(int)   char   szOprMinMaj[]      =   "!$*+-/=@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ" ;
alignas(int)   char   szOprNbr[]         =   "!$*+-/=@0123456789" ;
alignas(int)   char   szOprNbrMaj[]      =   "!$*+-/=@0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ" ;
alignas(int)   char   szOprNbrMin[]      =   "!$*+-/=@0123456789abcdefghijklmnopqrstuvwxyz" ;
alignas(int)   char   szOprNbrMinMaj[]   =   "!$*+-/=@0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ" ;
alignas(int)   char   szSgn[]            =   " !\"#$%&'()*+,-/:;<=>?@[\\]_{}" ;
alignas(int)   char   szSgnBin[]         =   " !\"#$%&'()*+,-/:;<=>?@[\\]_{}01" ;
alignas(int)   char   szSgnBinMaj[]      =   " !\"#$%&'()*+,-/:;<=>?@[\\]_{}01ABCDEFGHIJKLMNOPQRSTUVWXYZ" ;
alignas(int)   char   szSgnBinMin[]      =   " !\"#$%&'()*+,-/:;<=>?@[\\]_{}01abcdefghijklmnopqrstuvwxyz" ;
alignas(int)   char   szSgnBinMinMaj[]   =   " !\"#$%&'()*+,-/:;<=>?@[\\]_{}01abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ" ;
alignas(int)   char   szSgnMaj[]         =   " !\"#$%&'()*+,-/:;<=>?@[\\]_{}ABCDEFGHIJKLMNOPQRSTUVWXYZ" ;
alignas(int)   char   szSgnMin[]         =   " !\"#$%&'()*+,-/:;<=>?@[\\]_{}abcdefghijklmnopqrstuvwxyz" ;
alignas(int)   char   szSgnMinMaj[]      =   " !\"#$%&'()*+,-/:;<=>?@[\\]_{}abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ" ;
alignas(int)   char   szSgnNbr[]         =   " !\"#$%&'()*+,-/:;<=>?@[\\]_{}0123456789" ;
alignas(int)   char   szSgnNbrMaj[]      =   " !\"#$%&'()*+,-/:;<=>?@[\\]_{}0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ" ;
alignas(int)   char   szSgnNbrMin[]      =   " !\"#$%&'()*+,-/:;<=>?@[\\]_{}0123456789abcdefghijklmnopqrstuvwxyz" ;
alignas(int)   char   szSgnNbrMinMaj[]   =   " !\"#$%&'()*+,-/:;<=>?@[\\]_{}0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ" ;

All the possibilities from all the dictionnaries are into A1, A2 and A3.dll

If gou on dedicated password forums you can finn a lot of MD5 hashes.
Take one and enter it in the "Search" dialogbox, you will see the password in its text form!
The only condition is to have created the tables before.

It's a kind of BRUTEFORCE program.
The crackers use "RAINBOW" tables rather than SQLite tables.

For example, I use Orange for accessing the internet.
Their passwords must have at least :
-One Number
-One upper case letter

The password cannot be less than 8 characters in length.
With that you know the dictionnary to use :

alignas(int)   char   szNbrMinMaj[]      =   "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ" ;
alignas(int)   char   szSgnNbrMinMaj[]   =   " !\"#$%&'()*+,-/:;<=>?@[\\]_{}0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ" ;
« Last Edit: April 19, 2021, 09:54:54 AM by Grincheux »

Offline John Z

  • Member
  • *
  • Posts: 860
Re: MD5Finder V2
« Reply #1 on: January 12, 2021, 04:49:33 PM »
Thumbs Up!


John Z