|
|
#16
09-17-2022, 09:41
|
|||
|
|||
|
Quote:
0x67452301, 0xEFCDAB89, 0x98BADCFE and 0x10325476. I have for instance seen at least a program using the following chaining values instead 0X1234567, 0X89ABCDEF, 0XBA98FEDC and 0X76504321 
|
|
#17
09-17-2022, 21:38
|
|||
|
|||
|
So it looks like you want to do a first pre image attack on MD5.
Wait a second if they are chaining, that opens up a whole new set of opportunities. Why not look into length extension attack and such. You need to explain what is meant by "chaining" in mathematical detail e.g. h(h(bytes[12:16])^bytes[8:12]) where ^ is xor or even concatenation. The time it takes to handle a group of 4 !!!! Should then based on that list for the final combos be the time per final pair to get the next to last combo etc. If you want to pass remote validation checks, it may still be impossible as they may further reduced the allowable set or notice unusual activity ertc, no guarantees.
|
|
#18
09-18-2022, 04:55
|
|||
|
|||
|
Quote:
|
|
#19
09-18-2022, 12:26
|
|||
|
|||
|
@TmC
The way for you is brute force attack, if you know some values you can customize your own mask, but from now on you will need time to complete your test. A few months ago I came across something similar and I was able to develop a c++ program for this, but it takes time to compute for a 10-character password (around 8 hours), although your start seed is small and knowing the mask it may take less time. The easy way was to substitute the MD5 Hash but I already saw that you need to connect to the server and a valid serial number. If you want and you can give me the private mask and at least one valid MD5 hash and we will see. Regards, UWT pd. I remember in one of my projects that the hardcodes were the ones on the blacklist. Last edited by UWT; 09-27-2022 at 06:37. Reason: Add information
|
 |
| Thread Tools | |
| Display Modes | |
|
|
Linear Mode
