Hash Functions & Brute Force Attacks

One of the fundamental properties of cryptographic hash functions like MD5 is that they produce a fixed-size output regardless of the input size. Whether you hash a single character or an entire novel, the MD5 hash will always be exactly 128 bits (32 hexadecimal characters) long.

This fixed-size property is crucial for many applications, including password storage and data integrity verification. It means that comparing hashes is always a constant-time operation, and the storage requirement for hashes is predictable.

No, there are no visible correlations between the input string and its hash output. This is due to the "avalanche effect" - a critical property of cryptographic hash functions where even a tiny change in the input produces a dramatically different hash.

For example, hashing "password" versus "Password" (just changing the case of one letter) produces completely different hashes with no visible pattern or relationship. This property is essential for security, as it prevents attackers from making educated guesses about the original input by examining the hash.

• Similar inputs produce completely different hashes
• No pattern can be observed between sequential inputs and their hashes
• Hash values appear random and uniformly distributed
• Single bit change in input changes approximately 50% of output bits
• Impossible to predict hash output without computing it

MD5 is considered cryptographically broken and unsuitable for further use in security-critical applications. The algorithm has several significant vulnerabilities that have been discovered and exploited over the years:

• Collision Attacks: Researchers can generate two different inputs that produce the same MD5 hash in a matter of seconds using modern hardware. This breaks the collision resistance property.
• Preimage Attacks: While theoretically difficult, advances in computing power have made finding an input that produces a specific hash more feasible than originally intended.
• Rainbow Tables: Pre-computed tables of hashes for common passwords make it trivial to reverse MD5 hashes of weak passwords.
• Speed is a Weakness: MD5 was designed to be fast, which actually makes it vulnerable to brute-force attacks. Modern GPUs can compute billions of MD5 hashes per second.
• No Salt Support: MD5 itself doesn't include salting, making identical passwords have identical hashes across different systems.

Despite these vulnerabilities, MD5 is still used in non-security contexts such as checksums for file integrity verification. However, for password storage, digital signatures, and other security-critical applications, modern alternatives like bcrypt, Argon2, or SHA-256 should be used instead.

In this lab, we explore these weaknesses hands-on by implementing brute force attacks, generating rainbow tables, and demonstrating how proper salting can mitigate some (but not all) of MD5's security issues.

Brute force attacks on MD5 hashes involve systematically trying every possible input until finding one that produces the target hash. Due to MD5's speed and the absence of built-in protection mechanisms, this approach is surprisingly effective for short passwords.

The attack strategy depends on the expected password length and character set. For a 5-character password using lowercase letters and digits (36 possible characters), there are 36^5 = 60,466,176 possible combinations. While this sounds like a lot, modern computers can compute MD5 hashes at millions per second, making this entirely feasible.

• Character Set Definition: Determine the possible characters (lowercase, uppercase, digits, symbols)
• Combination Generation: Use itertools.product to generate all possible strings of target length
• Hash Computation: Calculate MD5 hash for each generated string
• Comparison: Check if computed hash matches any target hash
• Optimization: Stop early if all target hashes are found
• Progress Tracking: Monitor speed and estimated time remaining

The key insight is that MD5's computational efficiency becomes its weakness. A password that takes microseconds to hash can be cracked in seconds through brute force. This is why modern password hashing algorithms like bcrypt are intentionally slow, using key derivation functions with adjustable work factors.

What is a Salt?

A salt is a random string of characters that is appended or prepended to a password before hashing. Think of it as adding unique "seasoning" to each password hash. The salt is stored alongside the hash in the database, and while not secret, it dramatically increases the difficulty of hash-breaking attacks.

How Salts Work:

• Random Generation: A unique salt is generated for each password (typically 16-32 bytes)
• Concatenation: Salt is combined with the password (e.g., salt + password or password + salt)
• Hashing: The combined string is hashed using MD5 or a better algorithm
• Storage: Both the salt and hash are stored in the database
• Verification: During login, the stored salt is retrieved, combined with the entered password, hashed, and compared

Why Salts Are Critical:

• Prevents Rainbow Table Attacks: Pre-computed hash tables become useless because each password has a unique salt
• Eliminates Duplicate Hashes: Two users with password "password123" will have completely different hashes
• Forces Per-Password Cracking: Attackers must crack each hash individually, no bulk cracking
• Increases Search Space: Even weak passwords become more resistant to dictionary attacks
• No Secrecy Required: Salt can be stored in plaintext alongside the hash

Example Without Salt:

With proper salting, each password gets a unique hash even if the passwords are identical. This makes rainbow tables ineffective and forces attackers to crack each hash individually.

Professional password cracking employs multiple sophisticated techniques, each with different strengths and weaknesses. Understanding these methods is crucial for both offensive security assessments and defensive password policy design.

1. Brute Force Attack

• Method: Try every possible combination systematically
• Time Complexity: O(c^n) where c = charset size, n = password length
• Effectiveness: Guaranteed to find password given enough time
• Speed: Modern GPUs can test billions of MD5 hashes per second
• Best Against: Short passwords (≤6 characters), limited character sets
• Defense: Use long passwords (12+ characters) with mixed character types

2. Dictionary Attack

• Method: Try words from a pre-compiled dictionary/wordlist
• Common Wordlists: rockyou.txt (14M passwords), SecLists, common passwords lists
• Variations: Add common patterns (password123, Password!, p@ssw0rd)
• Effectiveness: 10-30% success rate on real-world databases
• Speed: Can test millions of passwords in seconds
• Best Against: Dictionary words, common passwords, predictable patterns
• Defense: Avoid dictionary words, use passphrases, add random characters

3. Rainbow Table Attack

• Method: Pre-computed hash tables using time-memory tradeoff
• How it Works: Generate hash chains that cover the entire keyspace efficiently
• Storage Requirements: Gigabytes to terabytes depending on coverage
• Speed: Near-instant lookups once table is built
• Effectiveness: Extremely fast for unsalted hashes
• Limitation: Each salt requires a new rainbow table (making them impractical)
• Defense: Always use unique salts, making rainbow tables ineffective

4. Hybrid Attack

• Method: Combine dictionary words with character substitutions and patterns
• Examples: "password" → "p@ssw0rd", "P@ssw0rd!", "Password123!"
• Rules: Common substitutions (a→@, e→3, i→1, o→0, s→$)
• Tools: Hashcat and John the Ripper excel at hybrid attacks
• Effectiveness: Catches users who think l33tspeak makes passwords secure
• Defense: Use truly random passwords or long passphrases

5. Mask Attack (Smart Brute Force)

• Method: Brute force with pattern constraints (e.g., "?u?l?l?l?l?d?d" for Password12 pattern)
• Pattern Definition: ?l=lowercase, ?u=uppercase, ?d=digit, ?s=special
• Effectiveness: Much faster than pure brute force by focusing on likely patterns
• Common Patterns: Uppercase first letter, digits at end, special char at end
• Defense: Use random passwords that don't follow predictable patterns

6. Combinator Attack

• Method: Concatenate words from multiple wordlists
• Example: "summer" + "2024" = "summer2024"
• Effectiveness: Catches passphrases made from common word combinations
• Speed: Faster than pure brute force, more thorough than dictionary
• Defense: Use 4+ random words or add random characters between words

7. Statistical Attack / Markov Chains

• Method: Generate passwords based on statistical probability of character sequences
• How it Works: Learn patterns from leaked password databases
• Effectiveness: Can crack "random-looking" passwords that follow human patterns
• Advanced: Machine learning models trained on billions of real passwords
• Defense: Use cryptographically random password generators

For educational purposes and security testing, several online resources provide hash lookup and cracking capabilities. These demonstrate how quickly unsalted hashes can be compromised.

Popular Online Hash Crackers:

• CrackStation (https://crackstation.net/) - Free rainbow table lookup for MD5, SHA1, SHA256, NTLM. Database of 15+ billion entries.
• Hashes.com (https://hashes.com/en/decrypt/hash) - Multi-algorithm hash lookup with submission system. Community-powered database.
• MD5 Online (https://www.md5online.org/md5-decrypt.html) - Dedicated MD5 hash cracker with large database.
• HashKiller (https://hashkiller.io/) - Free hash lookup supporting multiple algorithms.
• OnlineHashCrack (https://www.onlinehashcrack.com/) - Paid service for serious cracking, supports GPU acceleration.
• Cyber Chef (https://gchq.github.io/CyberChef/) - Not a cracker but excellent for hash analysis and encoding/decoding.

Offline Tools for Professional Use:

• Hashcat - GPU-accelerated, supports 300+ hash types, incredibly fast. Industry standard.
• John the Ripper - CPU-based, excellent rule engine, great for dictionary attacks.
• Hydra - Network login cracker, supports many protocols.
• Medusa - Parallel network login cracker.
• RainbowCrack - Generates and uses rainbow tables.
• ophcrack - Windows password cracker using rainbow tables.

⚠️ Legal and Ethical Considerations:

• Only crack hashes you have explicit permission to crack
• Use these tools for security research, penetration testing, or educational purposes
• Unauthorized access to computer systems is illegal in most jurisdictions
• Check local laws regarding password cracking tools and activities
• Always get written authorization before security testing
• Respect responsible disclosure practices when finding vulnerabilities

Best Practices for Defense:

• Never use MD5 or SHA1 for password hashing - use bcrypt, Argon2, or PBKDF2
• Always use unique random salts (16+ bytes)
• Implement key stretching (multiple rounds of hashing)
• Enforce minimum password length (12+ characters)
• Use password complexity requirements wisely (length > complexity)
• Implement rate limiting and account lockouts
• Consider multi-factor authentication (MFA)
• Monitor for breached credentials using services like Have I Been Pwned
• Educate users about password managers
• Conduct regular security audits and penetration testing