How long would it take you to brute force the md5 hash? Given a fast hardware able to conduct around a million of tests per second, it would take you somewhere close to 1022 years to crack it. Of course we all know that md5 is vulnerable to a birthday attack and similar collision finding algorithms.
The point here is, that when you see a md5 you may not be able to find a collision. But if you get lucky, the hashed value will be something really stupid – like a dictionary word or a common phrase.
Theoretically, if you took a million monkeys, sat them in front of computers and then stored md5 hashes of everything they type, you could eventually index the whole key space. Note that due to many potential collisions, you only need to store one plaintext per hash. The speed of your md5 cracking algorithm is then determined by how fast you are able to look up a value in a sorted list. And searching sorted lists is something we code monkeys know how to do very well.
But where do you get a million monkeys?
That’s simple – on the internets! Internets are a series of tubes and as all senators know, tubes are the best place to find monkeys willing to type random shit into text boxes. All you have to do, is to set up a little md5 search engine website (you can even AJAX it out if you want). Then you sit back and wait, as the monkeys stroll in and start typing away. Each time you get a new hash, you store it into the database. Thus, over time, you will accumulate a very nice list of hashes and corresponding plaintexts.
Added bonus of this method is the fact that whatever the monkeys type into your search box is meaningful to them. So what you are collecting is a list of keywords and phrases that may likely show up as passwords, or paraphrases. If you collect statistics on which keys are looked up most frequently, you can really start building highly effective word lists.
It is unlikely that any of these databases will ever index the whole key space. Consequently, you will only be able to break the weaker passwords. But you should be able to do it faster, because your word list represents the collective wisdom of million of net surfers submitting random queries. It is a brilliant idea.
Of course this only reinforces the point about using strong passwords and all that jazz. But we already knew that.
I think what I wanted to say is that monkeys are awesome and this whole post is just an excuse to use the word monkeys as many times as possible.
Disclaimer: we are all big hairless monkeys, and creationists are retarded like a turnip.
[tags]monkeys, md5, cryptology, brute force, search[/tags]