Benjamin Juang (ibneko) wrote,
Benjamin Juang

  • Mood:

Hash generator of sorts...

About this:
The original concept that spawned this can be found at I wrote this up to see if it would actually work... And it would be more convenient than having to download a 50+ GB rainbow table from here (or here).

Ideally, you'd be using this to recover a forgotten password. But it could also be used for less ethical/illegal purposes. Knowledge is power. With power comes responsibility. Use this tool wisely. What you do with knowledge is up to you; I take no responsibility for your actions.

The list of characters that I support: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*()-_+=~`[]{}|\:;"'><,.?/
(configuration 6 of the rainbowcrack tables)

Here's the hash for password: (=> 5f4dcc3b5aa765d61d8327deb882cf99 =^.^=)

Now here's the question: How long will it take Google before they crawl the entire thing? :D Currently, it's set to 16 max characters, although I probably should have set it to 8. Here's to hoping Google doesn't crawl depth-first...

Other MD5 tools: (MD5 reverse lookup: I think they run their own database...)

[edit] Here's the source code, for anyone who might be interested. It's licensed under GPL, although quote honestly, I don't think I fully grasp the concept of GPL. They need an easier-to-understand license XP Or provide a "common language" equivalent, similar to the nice Creative Commons license. But if you decide to run the code elsewhere, do drop me a line - I'd be interested.

[edit 2] Looks like here's another one with a similar idea. Except they hash all of the options and don't cover as many letters as I do. I wonder if it's more effective...?

Ah, it looks like while Google has crawled them, there's a limit to how much Google will crawl. Like the site only retrieves 49 search results. While a site like will retrieve 45K results.

Why is that? Does Google check for unique looking pages? o.O I wish I knew what algorithm Google was using, and how to maybe get past that. Maybe I should add random password generators at the bottom of the script, so Google will randomly jump to deeper hashes? Maybe? o.O

[edit 3] And here's another one. Again, Google doesn't find anything after the first few letters. Interesting..
Tags: hacking, security

  • Post a new comment


    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded