Buzzly, thank u...
looks like i have to study english... grammar or vocabulary ?
for the VERY intelligent person... well, i dare not take it.
i know only little very little. anyway... goldbug just prove that i am silly... 🙂

Am I the only one that finds it extremely silly to create/run a brute-force style method using PHP (or any other "scripting" language)??

actually, the reason i use php is just to present the concept, if i gonna run for a long-long time, then i will fireup the VB or C, C++ and do some small app to make it runs.
and we are talking about the 1632 numbers... extremely huge
what i know is, we can't run all of them.

since, i believe there is some kinda relationship between each md5 checksum value (increment of 1h, 0x31 0 to 0x31 1), i am thinking a way to predict a range where possible 32 chars will generate the specified md5 checksum.

    looks like i have to study english... grammar or vocabulary ?

    personally from reading some of your posts, i think the grammar work is needed more often than not, since it sounds like you are literally translating, and more often that not, it makes you sound somewhat like Yoda

    Understand me, you do?

      Originally posted by stolzyboy
      Understand me, u do?

      Edited to match existing standards. 🙂

        maybe i should write a book,
        How to code in Jimson's Grammar... 🙂

        lukily ur guys point me out...

        stol, who is Yoda... <= is it creature? in the stars wars

          Originally posted by jimson
          WHO HAVE ALREADY FOUND THE FIRST CLASH VALUE.

          No one, yet. But there are fewer strings with fewer than 32 hex characters than there are strings with exactly 32 hex characters, so there is no guarantee there that a clash would be found in the first 31 characters.

          Of course, the strings being hashed ought to span the whole character set ASCII 0 - ASCII 255, not just 0-9a-f.

          How to code in Jimson's Grammar...

          See? He does know how to use capital letters!

            513,980 kb

            large.. but he is cool...
            anyway, i am 170+ cm...

              modercai... ur bot must be able to check grammar. especially my grammar...

              first person to produce 2 string that have same hash will be insert into Book of world record... 🙂 how about that..🙂

                i just read almost all the messages..
                this one worth visit : http://membres.lycos.fr/mdcrack/nsindex2.html

                MD5 is a one way hash algorithm providing a final 128 bits length hash whatever was the original text length. The resulting hash is often used to sign a document thus giving a way to certify that the original content wasn't altered neither by a software/hardware error nor by a third party.
                Today many applications (most of them are network oriented) use MD5 for authentication purpose avoiding any plain text password on the wire.
                In such a case, clients typically send a password hash over the network to the server wich in turn, make its own client password hash to compare the two hashes. If they match together, the server considere the client know the good password and the authentication process is ended althought the server may be totaly wrong! MD5 can not theoricaly be reversed that is to say nobody can guess the original text from its hash (even with little strings like passwords) but since the number of resulting hash is fixed (2128), many strings will give the same hash.
                Surveys about the predictibility of such collisions have never, till now, prooved that somebody could arbitrary choose another text giving the same MD5 signature.
                In the worse case, a third party may change the original text with something that has no signification at all and the well known birthday attack is easily defeated with some few precautions. Nevertheless if a random collision is not really a problem for a letter that needs to get sense, it may be a valuable threat for a MD5 based password authentication scheme.

                Now, imagine that an innocent user A authenticate himself sending his hash on the wire to the server B while being sniffed by an attacker X who easily catch the hash.
                X, in most cases, doesn't only want the hash but need an original plain text password.
                He doesn't actually need the same password but any collision that can be typed from the client (At least one char). If chances are few for A password to own a collision in the first hashes generation, the probability is not null and X will still be able to bruteforce the original password during hours/day/weeks.
                In some cases, B will first give A a "somewhat randomly" generated string to harden the hash generation but if this technic will protect against replay style attack, it won't change anything against bruteforce since randomize strings are clearly sent over the network. By the way, X will generate clear passwords accordingly with the right randomizing scheme.

                This password attack is the purpose of MDcrack, it will bring you back any found MD5 collision in the range previously defined (default is 1-8) giving you a good idea of your password hash strongness. Because MD5 will always give the same result for a given input, you can easily precompute every hashes of a fixed password length to do further effective collision searches.
                Dictionnary attack/clustering modes will give others possibly reliable way to crack passwords hashes. This matter is really serious since nowadays a lot of web based application are using this authentication protocol, exposing customers to a complete identity robbery.

                The problem is not at all in the MD5 algorithm in itself but in the manner application are using it. MD5 was not defined for authentication purpose and give no real security against data compromision.

                  md5 crack analysis

                  total md5 checksum hash = 1632 = 3.4028236692093846346337460743177e+38
                  from the statement, 4,560,830 md5 brute force attempts per second on a 1.2Ghz athlon
                  (God forbid they actually have a 2.4)....
                  so, (1632)/4560830 = 74609745796475304596613907431711 seconds to run all md5 checksum
                  74609745796475304596613907431711 / 60 seconds
                  = 1243495763274588409943565123862 minutes / 60
                  = 20724929387909806832392752065 hours / 24
                  = 863538724496241951349698003 days / 365
                  = 2365859519167786168081365 years. // still a big years... 🙁 only God knows where am i by then...

                  so, one day, the cracker can run
                  1 minute = 273649800
                  1 hour = 16418988000
                  1 day = 394055712000

                  x
                  --- * (1632) = 394055712000
                  100

                  = 1.1580256584131357235533153747888e-25 %
                  or
                  = 0.0000000000000000000000001158025658413135723553315374888 %
                  oh God... only God knows.

                  but...
                  if we can target the possible range of the resulted hash.. then maybe we can work faster.
                  well, i need coffee... and cigarettes..

                    i think i found a way to (*crack?) an MD5 hash... 🙂

                    my concept of proof, i havent try it, but maybe/should works..

                    let say,
                    md5('jimsonchang') = 67c356a7e59cda2160d0b86c389264c0

                    so, my goal is to know, what other strings that have the same hash like 67c356a7e59cda2160d0b86c389264c0.

                    if u read this thread properly, i already said that, one of the possible string that able to generate the same hash is one of the number in 1632 which is
                    from 00000000000000000000000000000000
                    to FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF

                    ok, if we run this function,

                    function a() {
    static $result = '67c356a7e59cda2160d0b86c389264c0';
    for($i=0; $i<32^16; $i++) {
         $result = md5($result);
    }
}
a();

                    in the last day of 2365859519167786168081365 years,
                    we will know the 32hex chars that generated the same hash, if i am not wrong, every MD5 values is a never ending LOOP.
                    the last MD5 values(<- which means when $i=FFFF...E in the 2365859519167786168081365 years) will hash back to the first hash of md5 32hex chars (<- which is 67c356a7e59cda2160d0b86c389264c0 ).

                    so this mean, we can quickly know what 32hex that hash back to md5('jimsonchang') if we know the $result when $i = somewhere very near to FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF, so we only spend maybe few hours to know the 32hex that hash back to md5('jimsonchang').

                    so, this come to a problem, how to know the 32hex of the $i where $result somewhere near (F)*32 ?

                    and we understand that md5 will hash a totally different 32hex for the string we inserted.
                    The string we give it to hash is a 1632 hex character string.
                    so, we dont expect to see
                    md5('d41d8cd98f00b204e9800998ecf8427e')
                    = d41d8cd98f00b204e9800998ecf8427f

                    i found a way to guess (since the result will be completely different with the string we give in to hash) so
                    maybe if we
                    start guessing by using (F)32 minus the md5('jimsonchang') hex
                    FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
                    - 67c356a7e59cda2160d0b86c389264c0
                    = 983CA9581A6325DE9F2F4793C76D9B3F
                    i think
                    983CA9581A6325DE9F2F4793C76D9B3F
                    is the $result that very near to $i = (F)                    32

                    any guys who know more, please try this approach... 🙂
                    i see MD5 values like a circle....

                      Originally posted by jimson
                      so, my goal is to know, what other strings that have the same hash like 67c356a7e59cda2160d0b86c389264c0.

                      if u read this thread properly, i already said that, one of the possible string that able to generate the same hash is one of the number in 1632 which is
                      from 00000000000000000000000000000000
                      to FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF

                      A statement for which no justification (let alone proof) has been given. No-one (except you) has said that this must be the case.

                      But even if it was true (that there exists an MD5 hash which, when written in base 16 using the ASCII character set, hashes to 67c356a7e59cda2160d0b86c389264c0 (or any other given MD5 hash)) ... so what? How significant would such a result be?

                        my justification is
                        i believe that the md5 values is a 1632 loop (circle).
                        if we get a hash and continue hash the result for 1632 times, we will eventually hash back to the first hash.

                        Weed, i wish to know what is your justificatin that make u believe that this must not be the case, so that i can learn ur knowledge.

                        if my belief is correct,
                        then first,
                        we dont have to use guess strings to (crack ?) the md5 hash.
                        then,
                        we will concentrate on finding the $result for $i=somewhere near the end of 1632 so we just start hashing from there.
                        second,
                        we can skip the 2365859519167786168081365 years in order to find the answer.

                        i am still thinking is there a way to guess the $result for $i=somewhere near end of 1632.
                        i am thinking of using the circle algorithm to calculate. :?

                        becoz if my belief is true,
                        two of them(the inserted hash and the generated hash) have relationship.
                        relationship for inserted hash = plus 1 hex.
                        relationship for generated hash = will hash back to the inserted hash (in the end)

                        i am still having problem to know the end hash of a hash...
                        i will get some time to think... 🙂
                        if ur guys have any ideas,different belief, just post in this thread, maybe can inspire me... 🙂

                        thanks weed for spending ur time on me.... thanks.

                          Weed, i wish to know what is your justificatin that make u believe that this must not be the case, so that i can learn ur knowledge.

                          Nope. This is science not religion. Jimson, you are the one making the assertion therefore it's up to you to provide the proof.

                            jimson said,
                            if u read this thread properly, i already said that, one of the possible string that able to generate the same hash is one of the number in 1632 which is

                            ok, how should i explain... to proof it :?
                            if i am wrong, it means, the total md5 hash values is less than 1632. <- can u get this.
                            If it hash back before $i=1632 <- not necessary to $i=1(my first hash values)
                            let say it hash back to $i=4000 <- obviously it will just loop forever in this 4000 to before 1632 <- it will hash back.
                            so total possible generated md5 is smaller than 3216

                            if the md5 don't hash back, it will be unlimitted hash values where theoritical, there can be only 1632 hash values.

                            why i said, there could be one of the number in 1632 that able to generate the same hash like md5('jimsonchang');

                            becoz, each of the 1632 is unique ( and i presume each of them will generate different hash). and 1632 is the limit for md5 hash.

                            ....

                            if i am wrong, please guide me... 🙂 i am not perfect.

                              just suppose that md5() returned a number between 0 and F.

                              In this example:

                              md(0) = A
                              md(A) = 3
                              md(3) = 4
                              md(4) = E
                              md(E) = 0

                              uh... whoops. Now... we know that the hex numbers 1,2,5,6,7,8,9,B,C,D, and F exist. There is just no guarantee that this "loop" you are creating by hashing previous hashes is going to be one long, continuous loop.

                              I still fail to see the point of your theoretical exercise. I say theoretical, because there is no way you will ever complete this. MD5 is simply a way of verifying data -- consider it a very complex checksum. It's really not meant to be used for anything else, so I ask you -- what is your point?

                                i see your example, u are assuming md5 will generate only one character.

                                and i assure u, if md5 gonna generate only one char hash, then md5(F) will hash back to the hash of md5(0);

                                i understand md5 is a way of verifying data.
                                but u see, peeps use it for other purpose... 🙂

                                my point is... to be able to find the first clash hash.... 🙂 and i believe there is at least one out there....

                                  Originally posted by jimson
                                  i see your example, u are assuming md5 will generate only one character.

                                  No, I'm not assuming any such thing (how did you get that idea?). You appear to be assuming that two strings have the same MD5, one of them must be an MD5 hash written in hexadecimal notation, using the ASCII character set (and that the other one is "jimsonchang").

                                  And even if that was true, I don't see what relevance it would have to how "peeps" (I presume you mean "people", not "peepers") use it.

                                    no, the i see ur example, u are assuming md5 will generate ... bla bla bla is said to Buzzly.. coz he/she shows
                                    md(0) = A
                                    ....

                                    Weed, i know u don't asssume such thing... that is for buzz.

                                    weeeeeeed, u mention an important point, about the ascii character for md5... i use the string becoz according to the manual,

                                    string md5 ( string str [, bool raw_output])

                                    i thought md5 only accept string that must be enquote with ' or "
                                    now, i wish to know any of the php developer here.. can tell me

                                    does md5('12345')
                                    and md5(12345)
                                    the same ?

                                    i just try it - the result

                                    md5('12345') = 827ccb0eea8a706c4c34a16891f84e7b
                                    md5(12345) = 827ccb0eea8a706c4c34a16891f84e7b

                                    IS THE SAME.... WOW... but this

                                    md5('1000A');
                                    md5(1000A);

                                    will generate error
                                    PHP Parse error: parse error, unexpected T_STRING
                                    so... can anyone tell me how to get the real hash of an hex values? or is there one... ?

                                    if we are able to find a hash for a string... then it i don't think we don't have ways to use it... 🙂 u know what i mean lah... 🙂