Jun. 23rd, 2007


Jun. 23rd, 2007 10:52 am
ibneko: (Default)
Instead of downloading a bigass rainbow table, now, maybe if this works, you can just google your MD5 hash.

(they should add SHA-1! maybe? o.O And the other ways of encrypting passwords...)

Although it'd be more interesting if they actually created a wordlist with configuration 6*. And put that online. Looks like they're just doing a wordlist.

*see: http://www.antsight.com/zsl/rainbowcrack/ (rainbow tables - 64 GB XD)

They do note that it would take several years for just one computer to calculate that entire table... but for the Google Hash site, they calculate the number on the fly... so they would only have to generate (and store?) the original keys... not too bad?

(Hmmm.. I wonder if there's some way to trick Google into calculating the MD5 hases for us...)

[edit] No, there's another way to do this. Essentially, provide a list of characters - clicking on a character will add that to the current string that we hash. So it's kinda recursive...

I'll build an example this afternoon, when I finish lunch. This should be interesting. The only limit now, is how deep Google will crawl? And if Google crawls depth-first or breadth-first? And how much data would Google be willing to store from a simple site?

Hashes I want to do: maybe we'll start with MD5 first. Then SHA? And the windows password hashing method?

And a final question: Is this unethical? Because technically, the only real use for the last one would be to crack passwords... And I can't really think of any reason why you might need the other ones. Although I must say, I'm rather fond of the idea of creating information and making it searchable. I am a creature of information. Hear me roar? o.O Mew.
ibneko: (Default)

About this:
The original concept that spawned this can be found at http://www.nth-dimension.org.uk/utils/ghash.php. I wrote this up to see if it would actually work... And it would be more convenient than having to download a 50+ GB rainbow table from here (or here).

Ideally, you'd be using this to recover a forgotten password. But it could also be used for less ethical/illegal purposes. Knowledge is power. With power comes responsibility. Use this tool wisely. What you do with knowledge is up to you; I take no responsibility for your actions.

The list of characters that I support: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*()-_+=~`[]{}|\:;"'><,.?/
(configuration 6 of the antsight.com rainbowcrack tables)

Here's the hash for password: http://darwin.servehttp.com/cgi-bin/hash.pl?show=md5&word=password (=> 5f4dcc3b5aa765d61d8327deb882cf99 =^.^=)

Now here's the question: How long will it take Google before they crawl the entire thing? :D Currently, it's set to 16 max characters, although I probably should have set it to 8. Here's to hoping Google doesn't crawl depth-first...

Other MD5 tools:
http://us.md5.crysm.net/ (MD5 reverse lookup: I think they run their own database...)

[edit] Here's the source code, for anyone who might be interested. It's licensed under GPL, although quote honestly, I don't think I fully grasp the concept of GPL. They need an easier-to-understand license XP Or provide a "common language" equivalent, similar to the nice Creative Commons license. But if you decide to run the code elsewhere, do drop me a line - I'd be interested.

[edit 2] Looks like here's another one with a similar idea. Except they hash all of the options and don't cover as many letters as I do. I wonder if it's more effective...?

Ah, it looks like while Google has crawled them, there's a limit to how much Google will crawl. Like the reverse.me.uk site only retrieves 49 search results. While a site like apple.com will retrieve 45K results.

Why is that? Does Google check for unique looking pages? o.O I wish I knew what algorithm Google was using, and how to maybe get past that. Maybe I should add random password generators at the bottom of the script, so Google will randomly jump to deeper hashes? Maybe? o.O

[edit 3] And here's another one. Again, Google doesn't find anything after the first few letters. Interesting..
ibneko: (Default)
Ah~ so cool. Brief overview of the series:

The internet/virtual information space has been merged with the real world, and can be interfaced through glasses that one wears. There also appears to be some physical interfacing, although it's not too clear how it works. But it's so cool~ ::squee:: I want to be surrounded by the internet, be able to program all sorts of spiffy things (heh, physical "firewalls", small assistant helper fuzzballs, virtual pets, etc.) and make them "show up" around me.

Would be feasible, I suppose, although it would be hard to generate a virtual->physical response, ie, touching a virtual dog. But that aside... the way I would imagine it working would be:
-A server controlling a chunk of physical space. The physical space would be replicated as the same virtual image as necessary.
-You, wearing your own set of glasses, would have a virtual image that could interact with other virtual objects. Ah, imagine the ease of changing virtual outfits~
-Objects you create in the virtual world can be shared, since it would just be passed up to the server, then handed to to whoever you're handing it to.
-Everything would be networked wirelessly~ yay!
-Recharging would have to be done sometime. But if they could last at least 20 hours, you may be good. Just recharge when you go to sleep.
-Glasses would require some sort of camera. This would feed to the server, 'causing the virtual space to update as the physical world changes.
-The camera would also double to recognize your hands, allowing you to use "gestures" to do things, including summoning a virtual keyboard to type away on. May get tiring after a while, but eh, not much anyone can do about it, right?
-Would be nice if brain interfaces worked too - code without hands!

Expand Cut Tags

No cut tags


ibneko: (Default)

Most Popular Tags

Style Credit

Page generated Oct. 19th, 2017 05:25 am
Powered by Dreamwidth Studios
November 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 2016