Many time ago I wrote this program.
It has been improve for reducing the loops, the size of datas and the s
peed.It can be dowloaded at https://www.mediafire.com/file/ox9354b2sdjkg0o/MD5Finder.7z/fileThis program generates, search and insert passwords into many databases.
It can import text files.
It is not an original idea.
The goal was to store the MD5 and retrieve it quickly.
You say to yourself that's easy. Just store the MD5 string or 2 INT64 for the 128 bits!
No, it is not easy. Storing the string takes a long time for the research.
Storing the MD5 as two INT64 takes place into the database.
I want to minimize the place occupied into the databases and that the research is fast.
An other reason is that SQLite has problems with INT64. All of them are SIGNED!
I need UNSIGNED INT64, so I can't use this solution.
Here is the solution.
I create the password and the MD5.
After I create the CRC64 from the MD5.
Q:Why to create the CRC64 from the MD5 rather than the password!
A:Because I wanted to keep the MD5 colisions.
Now I store the original password and the CRC64.
Q:That is the same problem as storing MD5 in the INT64 form!
A:Yes, you are right.
I decided to keep only the first 56 bits CRC64 AND 00FFFFFFFFFFFFFF
Like this no problem to uses the CRC64.
Q:Ok but bits 56 to 63 are missing, why?
A:These bits give me the table number into which the password is stored.
There are 256 tables from 00 to 255
When searching, I compute the MD5 then I get the CRC64.
I isolate the bits 0 to 55 into a variable V1.
I get the bits 56 to 63 into a variable V2
I open the table V2
I search using SELECT with variable V1
Very fast.
Q:Why are there three dlls (A1, A2 and A3)?
A:They are created for storing all the possibilities of passwords from 1 character to 16 characters.
A1 for passwords of one characters.
A2 for passwords of two characters.
A3 for passwords of three characters
Don't recreate them them, it takes a long long time.
Creating the A3.dll takes 2 days!
They exist for reducing the number of loops while creating the passwords.
16 = 3 + 3 + 3 + 3 + 3 + 1
For generating the 16 characters passwords, it only needs 6 loops
The table below indicates the number of loops used to create all the passwords for a given length.
16 | 3 + 3 + 3 + 3 + 3 + 1 | 6 | (5 * 3) + 1 | -10
15 | 3 + 3 + 3 + 3 + 3 | 5 | (5 * 3) | -10
14 | 3 + 3 + 3 + 3 + 2 | 5 | (4 * 3) + (1 * 2) | -9
13 | 3 + 3 + 3 + 3 + 1 | 5 | (4 * 3) + (1 * 1) | -8
12 | 3 + 3 + 3 + 3 | 4 | (4 * 3) | -8
11 | 3 + 3 + 3 + 2 | 4 | (3 * 3) + (1 * 2) | -7
10 | 3 + 3 + 3 + 1 | 4 | (3 * 3) + (1 * 1) | -6
9 | 3 + 3 + 3 | 3 | (3 * 3) | -6
8 | 3 + 3 + 2 | 3 | (2 * 3) + (1 * 2) | -5
7 | 3 + 3 + 1 | 3 | (2 * 3) + (1 * 1) | -4
6 | 3 + 3 | 2 | (2 * 3) | -4
5 | 3 + 2 | 2 | (1 * 3) + (1 * 2) | -3
4 | 3 + 1 | 2 | (1 * 3) + (1 * 1) | -2
3 | 3 | 1 | (1 * 3) | -2
2 | 2 | 1 | (1 * 2) | -1
1 | 1 | 1 | (1 * 1) | 0
A classic way to generate the passwords would use the number of loops indicated in column 1.
The program only needs the number of loops given in the last column
You don't understand? me too!
Imagine a 8 char password. I take one at random, example "Philippe"
It is composed as following : "Phi" "lip" "pe"
I will need "Phi" from A3.dll, "lip" from A3.dll and "pe" from A2.dll
If I have to generate all the 8 characters length passwords,
and for one dictionnary, makes a great number of loops
Here are the dictionnaries:
alignas(int) char szBin[] = "01" ;
alignas(int) char szBinMaj[] = "01ABCDEFGHIJKLMNOPQRSTUVWXYZ" ;
alignas(int) char szBinMin[] = "01abcdefghijklmnopqrstuvwxyz" ;
alignas(int) char szBinMinMaj[] = "01abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ" ;
alignas(int) char szMaj[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" ;
alignas(int) char szMin[] = "abcdefghijklmnopqrstuvwxyz" ;
alignas(int) char szMinMaj[] = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ" ;
alignas(int) char szNbr[] = "0123456789" ;
alignas(int) char szNbrMaj[] = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ" ;
alignas(int) char szNbrMin[] = "0123456789abcdefghijklmnopqrstuvwxyz" ;
alignas(int) char szNbrMinMaj[] = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ" ;
alignas(int) char szOpr[] = "!$*+-/=@" ;
alignas(int) char szOprBin[] = "!$*+-/=@01" ;
alignas(int) char szOprBinMaj[] = "!$*+-/=@01ABCDEFGHIJKLMNOPQRSTUVWXYZ" ;
alignas(int) char szOprBinMin[] = "!$*+-/=@01abcdefghijklmnopqrstuvwxyz" ;
alignas(int) char szOprBinMinMaj[] = "!$*+-/=@01abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ" ;
alignas(int) char szOprMaj[] = "!$*+-/=@ABCDEFGHIJKLMNOPQRSTUVWXYZ" ;
alignas(int) char szOprMin[] = "!$*+-/=@abcdefghijklmnopqrstuvwxyz" ;
alignas(int) char szOprMinMaj[] = "!$*+-/=@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ" ;
alignas(int) char szOprNbr[] = "!$*+-/=@0123456789" ;
alignas(int) char szOprNbrMaj[] = "!$*+-/=@0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ" ;
alignas(int) char szOprNbrMin[] = "!$*+-/=@0123456789abcdefghijklmnopqrstuvwxyz" ;
alignas(int) char szOprNbrMinMaj[] = "!$*+-/=@0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ" ;
alignas(int) char szSgn[] = " !\"#$%&'()*+,-/:;<=>?@[\\]_{}" ;
alignas(int) char szSgnBin[] = " !\"#$%&'()*+,-/:;<=>?@[\\]_{}01" ;
alignas(int) char szSgnBinMaj[] = " !\"#$%&'()*+,-/:;<=>?@[\\]_{}01ABCDEFGHIJKLMNOPQRSTUVWXYZ" ;
alignas(int) char szSgnBinMin[] = " !\"#$%&'()*+,-/:;<=>?@[\\]_{}01abcdefghijklmnopqrstuvwxyz" ;
alignas(int) char szSgnBinMinMaj[] = " !\"#$%&'()*+,-/:;<=>?@[\\]_{}01abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ" ;
alignas(int) char szSgnMaj[] = " !\"#$%&'()*+,-/:;<=>?@[\\]_{}ABCDEFGHIJKLMNOPQRSTUVWXYZ" ;
alignas(int) char szSgnMin[] = " !\"#$%&'()*+,-/:;<=>?@[\\]_{}abcdefghijklmnopqrstuvwxyz" ;
alignas(int) char szSgnMinMaj[] = " !\"#$%&'()*+,-/:;<=>?@[\\]_{}abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ" ;
alignas(int) char szSgnNbr[] = " !\"#$%&'()*+,-/:;<=>?@[\\]_{}0123456789" ;
alignas(int) char szSgnNbrMaj[] = " !\"#$%&'()*+,-/:;<=>?@[\\]_{}0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ" ;
alignas(int) char szSgnNbrMin[] = " !\"#$%&'()*+,-/:;<=>?@[\\]_{}0123456789abcdefghijklmnopqrstuvwxyz" ;
alignas(int) char szSgnNbrMinMaj[] = " !\"#$%&'()*+,-/:;<=>?@[\\]_{}0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ" ;
All the possibilities from all the dictionnaries are into A1, A2 and A3.dll
If gou on dedicated password forums you can finn a lot of MD5 hashes.
Take one and enter it in the "Search" dialogbox, you will see the password in its text form!
The only condition is to have created the tables before.
It's a kind of BRUTEFORCE program.
The crackers use "RAINBOW" tables rather than SQLite tables.
For example, I use Orange for accessing the internet.
Their passwords must have at least :
-One Number
-One upper case letter
The password cannot be less than 8 characters in length.
With that you know the dictionnary to use :
alignas(int) char szNbrMinMaj[] = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ" ;
alignas(int) char szSgnNbrMinMaj[] = " !\"#$%&'()*+,-/:;<=>?@[\\]_{}0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ" ;