Member Avatar for Clockowl

Hey guys,

I'm trying to create an MSCache (2 times MD4) cracker. I took the RFC thingy and implemented it in a cracker which is.. fast, but not as fast as I'd like it to be. So I searched a bit and stumbled on MDCrack, which claims it can do about 10 million MD4 hashes per second on my system, while I only get 4 million per second.

Since it's open source, I downloaded the source code of an old version and studied the MD4 algorithm, and it seems to partially reverse it. However, I lack knowledge of just about everything considering hashes and was wondering if someone here could teach me one or two things as the weaknesses of these cryptographic functions, how you would create secure ones and of course how to attack one.

Thanks in advance,
Nick

  • 2 Contributors
  • 1 Reply
  • 461 Views
  • 7 Months Discussion Span
  • Latest Post Latest Post by dzhugashvili
Member Avatar for dzhugashvili

Hello. I believe you can reverse the fourth and perhaps part of the third rounds of the external MD4, but nothing more.

here is open source code for a cracker implementing reversal and SSE2 for mscache:
http://blog.distracted.nl/2009/05/cacheebr-ms-cache-password-brute-forcer.html

could you direct me to the RFC for mscache? Can't find it.

about hash reversal:
http://3.14.by/forum/viewtopic.php?f=8&t=47&start=0&sid=66e99326eecd7366213d461d4579727f

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.