MD4 Hash Collision Finder in Perl -- Timblog

MD4 Hash Collision Finder in Perl

I’m trying currently my skills at Hack This Site, and found that I am supposed to crack an MD4 hash. I wrote the following Perl script to do it for me:

use Digest::MD4 md4_hex;
 
my $goal = '3184342944a094dd5dbe6fccaeb8dc96'; # hash to find
my @chars = ( a..z, 0..9 ); # characters to use
my $minlen = 1; # minimum length of string
my $maxlen = 8; # maximum length of string
 
for ( $minlen..$maxlen ) {
	print 'Length: ', $_, "\n";
	&checkStrings($_);
}
 
sub checkStrings {
	my ( $n, $s ) = ( (shift) - 1, shift );
	for ( @chars ) {
		if ( $n ) {
			checkStrings($n, $s . $_ );
		} else {
			print $s, $_, "\n" if md4_hex( $s . $_ ) eq $goal;
		}
	}
}

&checkStrings is a recursive function that checks all strings built from @chars of a certain number of characters. The script can easily be changed to cater for other message digest or hashing algorithms; simply change the function in line 19 from md4_hex() to whatever function you want. It could even be something like reverse(), although I hope that you’ve got a better way for finding such a string.

The output of the above configuration is:

Length: 1
Length: 2
Length: 3
Length: 4
Length: 5
c6a18
Length: 6
Length: 7
Length: 8

Note that the script keeps going after a successful collision–there could be several hits.

Maybe Related?

Posted July 18, 2007 in Perl » Programming.

41 Comments »

Nice recursion, weird func parameters though… :/

Comment by alpha — July 18, 2007 @ 9:44 pm

Alpha, I suppose there are several options. Perhaps I should’ve described my choices in the comments.

Comment by Tim — July 19, 2007 @ 9:01 am

I am totally new to programming. Do I save this on notepad or do I have to download perl?

Comment by The Exploiter — July 21, 2007 @ 3:17 pm

The Exploiter, depends on what opperation system you have. If you have windows, download active state perl. Then save this as a notepad, and run it through command.

Comment by perl — July 23, 2007 @ 8:19 pm

I am unsure whether this is working. How long does a program like this usually take to find the password?

Comment by The Exploiter — July 24, 2007 @ 10:45 am

The Exploiter: I suppose that the solution is never longer than six characters. If it’s above that, something is probably wrong. Try changing line 4 to add A-Z, in case it isn’t lower-case. Also, make sure that you got the whole hash. It should be 32 characters long.

Comment by Tim — July 24, 2007 @ 3:27 pm

Sorry Tim but I don’t have perl and I carn’t et it it isn’t working. I have also tryed brute forceing my hash and most reverse look up dictionarys work on words not random set passwords. Also tryed downloading some brute force programs which have failed. So i was wondering if you could run my hash sorry but this is my last resort mine is 53151d77acfb498854aec16f016278c3 if you have any spare time please help me. Thanks

Comment by Need_help — July 26, 2007 @ 11:01 am

Using the above script, I found Need_help’s hash to be:
53151d77acfb498854aec16f016278c3 = md5( 01664 )
And Larry’s to be:
421f3705c2eb171c8b78696948390312 = md5( 353bf )

Comment by Tim — August 7, 2007 @ 12:01 pm

Here is mine f64542c058a62e7bf913ac25ae3e3133 can you please crack it for me?

Comment by friedchicken — August 11, 2007 @ 8:47 pm

another way to do this is use Cain and Able

Comment by friedchicken — August 11, 2007 @ 10:29 pm

Lol guys :) Cracking up to 8 symbols long alphanumeric md5 takes zero time on a powerful pc. Everything longer than 8 isn’t worth bruteforcing. You should either go for various dictionary-based attacks, or resort to rainbow tables (they’re kinda affordable if you live in USA).

Comment by alpha — August 19, 2007 @ 12:30 pm

hey peeps,
this is bugging me, i cant get perl working. could sum1 plz crack my hash 4 me
f93382b34c15805309d6cbc66ee763b4
would b much apreachated :)

Comment by DF — August 20, 2007 @ 10:42 pm

Friedchicken and DF: If you aren’t capable of installing Perl, you really shouldn’t do this mission.

Alpha, suppose that’s why HTS only have a string length of 5 :)

Comment by Tim — September 15, 2007 @ 8:06 am

I am also finding it difficult to download perl , can you decrypt my hash for me?
f6962128d33ff6524f1e4a59dd94aed8

Comment by mumin — September 16, 2007 @ 3:00 pm

don’t worry about the above comment , i decrypted it myself using crain and abel :)

Comment by mumin — September 16, 2007 @ 3:10 pm

hey how to save and run a perl script?

Comment by arghhelpplease? — October 6, 2007 @ 8:20 am

hey guys, sorry can you give me an official website to download cain and able as the one i used is not working (corrupt installation each time) i think it was like: http://www.oxidit or sumting like tht. kk ty

Comment by Chazzmundo — October 9, 2007 @ 6:28 pm

7291cdf315c30d01cba4b34bd131c0d2 i cant get the perl to work can someone crack this for me?

Comment by Cyber — October 13, 2007 @ 4:52 am

Perl.com

Comment by Deejay — October 14, 2007 @ 1:17 am

Umm, well, I downloaded ActivePerl from activestate.com…

i installed it, all good.

but how do I actually run the perl programming? I saved it in notepad, like you said, but how do u run it?

Comment by Hackz4lyfe — October 14, 2007 @ 5:21 pm

nevermind. got it.

for those who dont know, you copy and paste the coding Tim wrote up, substitute his hash value with the one you want to decode, then save it in notepad. BUT, instead of it being a txt file, save it with a “pl” extension (example: stuff.PL). then, just run this, and if your PC is compatible with perl, it will run!!

Comment by Hackz4lyfe — October 14, 2007 @ 5:27 pm

cant locate Digest/MD4.pm in @ INC
any ideas?

Comment by halle — October 21, 2007 @ 7:26 pm

can you crack my hash for me plz? its 9c8c3796fdecfcc2427cc6fee196ca5d

Comment by IMERIX — November 24, 2007 @ 1:39 am

Programming Tutorials…

I couldn’t understand some parts of this article, but it sounds interesting…

Trackback by Programming Tutorials — December 3, 2007 @ 3:10 am

IMERIX, i have cracker your hash and the pass is: 03d7a

Comment by Lars — January 2, 2008 @ 10:11 am

9158e37397cc14a99904be7c7a280ce4

MD5

need cracked plz

Comment by DE — January 5, 2008 @ 2:26 am

1854c47fdc5661cfae2e48630d74aa05 cannot crack it, need help xD

Comment by Ahahah — January 5, 2008 @ 7:42 pm

Have tried making my perl script, but its seems incompatible, so plz can u do mine?

092039ce1879d1539c7afeeb2f16ef18

and ‘DE’ its MD4 (check the hash in XVI32)

cheers man

Comment by Goz — January 6, 2008 @ 1:14 am

Hello there, I’ve been trying everything to crack this MD 4 hash, and its really frustrating me.
-I’ve tried googling md4 reverse lookups, there are none, there is only md5’s and they don’t work for md4.
-I’ve tried getting cain and abel, but that didn’t work.
-I’ve tried downloading perl, but I cant figure out how to run it
-I’ve tried other various MD Cracking softwares, but they are working out either

..so please, if someone could crack my hash, I would be eternally grateful.

Here it is: 409c1fea85f3e63f8ca994251dc9eafb

Thank you in advance for your time and effort.

Comment by Dante — January 6, 2008 @ 4:02 am

..so please, if someone could crack my hash, I would be eternally grateful.

Here it is: 409c1fea85f3e63f8ca994251dc9eafb

Thank you in advance for your time and effort..

Comment by Dante — January 6, 2008 @ 4:03 am

*sigh* MD4 hashes giving me problems…
Can’t install Perl on my Windows (anybody mind giving me a link?)
If there’s a code that I can simply save as .exe
Point me to it please :D

Comment by Patriot — January 7, 2008 @ 5:05 pm

I copies the code into notepade and saved it a a .pl file now what do i do? ANd also they talk about looking in directories in the blog for the mission, how do i do that?

Comment by dude — January 23, 2008 @ 4:16 am

Waw. really great thankx .

Comment by Googleccd — March 12, 2008 @ 7:11 pm

‘

Comment by ' — March 14, 2008 @ 5:09 pm

Hey,

All you have got to do is download Cain & Abel. Your virus scanner probably will say it is a virus. Ignore these pop ups.
When you have installed Cain & Abel, open it and press on cracker. On the left you will see a list of hashes, click MD4 hashes, then click somewhere on the grid.
The + sign will turn blue, press this sign and fill in your code. Your code is now shown in the grid (with a red cross in front of it).
All you have got to do now is right-mouse-click it and select brute-force attack. Press start and there you go!

Greetings JesseP

Comment by JesseP — March 26, 2008 @ 11:23 pm

Dante’s code is ffb4e
Goz’code is 4b6b9
Ahahah’s code is 40e23
And now it is time to sleep :)

Comment by JesseP — March 26, 2008 @ 11:28 pm

look there has to be a way without using Perl. I once found this site that showed how to find it out manually- (don’t bother with google- can’t be found) but I lost it… Does any one know how?????

Comment by Don't_need_help — April 8, 2008 @ 9:27 am

hey tim!.. help me unlock this hash code.. i tried many MANY programs!.. but failed to.. or even ill be happy if you post on How to get the output of the Perl code? im using windows. my hash code is… a4f467d45ec6804b4532308767f9a5bb… Thanks a lot!!

Comment by hackKing — April 12, 2008 @ 12:14 pm

thx a lot for this script
it helped me to find the solution
i found everything i needed but didn’t know how to do it.
now i know
thx

Comment by schwarz — April 25, 2008 @ 7:23 am

Thx for the script. I’ve learned about perl and how to install mods to perl on my Mac, access sudo, make packages and installs and learned Perl. It took a few hours, but a what a sense of accomplishment when I got the script to work with my own hash. Next step: make my own script for hashes.

Comment by ELC — July 17, 2008 @ 5:09 am

ELC: Good luck :)

Comment by Tim — July 17, 2008 @ 8:59 am