I was testing a website and found that my password is travelling as a md5 hash over the network and since it is my password is there any way I can find the key used to hash my password as I have the resulting hashed password and the input password used?
3 Answers
You are basically asking to revert an MD5 hash by knowing parts of the input. The way to do this is to brute force, i.e. try all possible inputs. If this is actually practical depends on the size of the missing input.
- 190,458
- 29
- 381
- 434
-
Say the input is 2222 and the hash that i found was **fed614f863be77a0acdf3ef303e81386**. So what I want to know is can i find the hash function used to so that i can use them to figure out other passwords that are travelling over the network. – User111222333 Jan 02 '23 at 13:17
-
1@User111222333: Again, you are asking for the input into a hash function where you only know parts of the input. The way to do this is to brute force the unknown rest. This unknown rest might be the key (as asked in your question) or even the specific hash function (as asked in your comment). Brute forcing means to try systematically try all possibilities. There is no shortcut. – Steffen Ullrich Jan 02 '23 at 13:28
If your question is "Is it possible to restore the password from MD5?", then the answer is yes. More precisely, there is no way to know what password exactly was used. But it is possible to find some text that produces the same MD5. This may be your password or may be not. In the described scenario this will be sufficient. See details here.
Should you worry? Probably yes:
- If they store this MD5 directly in their database, then it is a security risk, because MD5 can be brute-forced.
- Even if they don't store this MD5 directly, but let say wrap it into bcrypt or other algorithm, there is a risk of password shucking, see details here. If the same password is used for more than one web site, then despite resource intensive methods like bcrypt or Argon2 the password can be restored, because instead of brute-forcing only the leaked MD5 candidates would be tested.
- 10,256
- 5
- 28
- 44
If the MD5 doesn't match a straightforward md5($password)
then you might be able to find out what's being done to it by trying to brute-force the hash. But you're unlikely to succeed unless they're doing something very simple.
The much better solution is to investigate the client-side (JavaScript) code to see what happens to your password when you enter it and make the login request. You might be able to do this by statically analysing the code, or you might have to debug it (modern browsers have pretty powerful debugging tools) to see what's happening.
- 6,800
- 1
- 23
- 23