What is Digg?54 Comments
- Gravix, on 10/12/2007, -0/+3I could have told you that "Yggdrasil" isn’t going to be in there. I just checked though and "yddgrasil" is in there (I checked my old 'pre-uploaded' database). Firstly, "Yggdrasil" isn’t going to be easily cracked by almost anything except a massive dictionary. Its 9 in length and its lower/upper. Personally, I couldn’t even see a rainbow table pull that. That’s besides the point.
I guess in theory my database could be called a "rainbow table". In application, no way. My database was divided between 65536 files stored in locations based on their hash (ex "EE9113A1FBCCDA4BABC4B495489A8284:yggdrasil" would be under /EE/91.txt). Doing this makes the emphasis on the 'time' part of the "Time/Memory Tradeoff" theory. In result, the load is placed on 'memory' (this database weighs upwards of 250mb) and as a result I didn’t do very many mutations (if I were to add a duplicate of a word with the first letter in cap, it would almost double the database size and only crack a few extra hashes). This database was meant to crack a bit more "common", if you will, passwords. Although "yggdrasil" was in there, "Yggdrasil" was not. Reason being: not too many common persons will have their passwords be much but just loweralpha or numeric passwords. I aimed for productivity. I could double my database size, but its rewards would be limited.
On a note, her is all that’s included in my database:
GDict (languages from Swedish to Japanese, extensive English, topics ranging from cars to mythology to anime)
TheArgon (cropped with dupes removed, got down to 40mb after dup-less)
Extensive name list (added with lowercase first letter AND uppercase first letter)
[0-9]{1-6}
Any user submitted words
In honesty, I'm glad you submitted your opinion pacobell. It allowed me to clarify some things. Thanks. - dbavaria, on 10/12/2007, -0/+3Please change the name of that site to "hash database"...it is far from a cracker.
- Gravix, on 10/12/2007, -0/+3Backstab: Actually, your wrong. Its not rainbow table. I made the database out of a series of specifically set up files. It works like this:
Say your looking for the hash of "aabbccddeeff00112233445566778899" then you'd check under /aa/bb.txt for the text "ccddeeff00112233445566778899:*passhere*"
Chiefyboy: Aye, my friend advised I implement that. Dunno why. Its being removed though. - PacoBell, on 10/12/2007, -0/+1Okay, never mind. After I submitted the word, it worked. Isn't that kind of counterproductive, though?
- inactive, on 10/12/2007, -0/+1Something fishy is going on. 2000+ diggs for a story 72 days old, only now to make it on the front page.
- PacoBell, on 10/12/2007, -0/+1One more post and I'll stop spamming this thread. Gravix, how is this not a rainbow table, if not in practice, then in theory?
- SnaKe09, on 08/18/2008, -1/+1http://www.md5crack.com/
Is another good site for cracking MD5's it uses google which is cool. - inactive, on 10/12/2007, -1/+1The diggs are botted
- BLASTOCYST, on 10/12/2007, -1/+0Yeah I don't know anything about MD5 or hashes. Someone fill me in.
- inactive, on 10/12/2007, -1/+0hmmm only 86 diggers. 2255 divided by 86 equals 25.872. One digg is equal to 25.872
- finknottle, on 10/12/2007, -1/+0Pardon my ignorance, but what is the significance of this?
- BLASTOCYST, on 10/12/2007, -1/+0At the bottom of this page is says only 90 people dugg this?
- lilrabbit129, on 10/12/2007, -1/+0couldn't get mylifesucksass
- inactive, on 10/12/2007, -1/+0What the hell?
- dude3609, on 10/12/2007, -1/+0ooh i see why there is so many diggs.. submitted 74 days ago. lol
- Tulle, on 10/12/2007, -1/+0Gravix, are you the same guy that posted something like this on hackthissite a fair while back? Anyways, I dont care what other people say about the swite, I think its great for certain purposes. Im always trying to crack hundreds (not an exageration) of hash's a day, and this is much more complete than the other online ones that I have been trying. Although my rainbow table may be better (most of the time), it takes much longer too, and I dont ever have the time to wait out every hash.
Eh, sorry for the long post, gj man. - ReBeLaCe, on 10/12/2007, -1/+0haxor to the maxor.
- nymphetamine, on 10/12/2007, -1/+0hmmm....2000+ diggs? very weird.
- naiku, on 10/12/2007, -1/+0I don't see why anyone dugg this. It doesn't crack for *****.
- zoltan, on 10/12/2007, -1/+0schweeet, check out www.milw0rm.com from milwaukee of course to have a firefox 1.07 exploit a few weeks old.... i bet thats what you guys have ;|
- siouxmoux, on 10/12/2007, -1/+0Eh? What the point of site, if It doing anything useful. I enter five hash, and no results.
- inactive, on 10/12/2007, -1/+0What the *****, this isn't an md5 hash cracker. No where near it. You have to put the word into their md5 maker (which likely adds the word to the database) and then you go to try it and it miraculously works. No thanks.
- dude3609, on 10/12/2007, -1/+0only 106 people dugg this as opposed to what the number on the top says. Deffinately something wrong.
- doofus, on 10/12/2007, -2/+1Digg: Where ancient news is new news.
- AndrewTechie, on 10/12/2007, -1/+0Botted diggs huh? Not so cool
- link470, on 10/12/2007, -1/+0huh, interesting. I'm surprised it couldn't crack more hash's. I checked a few and only 2 worked.
- inactive, on 10/12/2007, -1/+0wtf story submitted 74 days ago?
- striker1211, on 10/12/2007, -1/+0How about instead of adding ub3r l33t rss searches, new interfaces, and all this other digg BS, they actual BETA TEST it first or something. I think a "find an exploit on digg, get 25 bucks" type thing is in order here...
- kinetik, on 10/12/2007, -1/+0The digg badge says 2700+ diggs, but when you scroll to the bottom of this page, it says only 575. Something is wrong.
- thefurryone, on 10/12/2007, -1/+0This is why boys and girls you should use passwords that:
1) contain letters and numbers
2) contain capital letters in random places
3) use unusual, memorable proper nouns
4) don't use just one word
Worth a digg, of course, only because it lets you check if your own password is insecure (assuming you hash it somewhere else, like a PHP command line). - Sirak, on 10/12/2007, -1/+0I thought this was on the front page ages ago? :) I wrote a python script to auto submit hashes (It was quicker to submit by going to a shell prompt that going to the site :p ) and get the data back when I first saw it on digg. Back then the "Total number of cracked hashes:" counter thing broke because it was posted on digg and slashdot :P
If you're gonna cheat on the ammount of diggs, give it 1337 or something next time XD (Lame, I know... But amusing)
-Sirak - Inzoy, on 10/12/2007, -1/+0what if there was a client.. something like Rainbow@HOME ..
apart from that i agree that this is a nice way to check your own password and learn how to produce more coplex, un"crackable" passwords - gnida, on 10/12/2007, -1/+0Password restoring by RainbowTables and Dictionary - http://passcrack.spb.ru
Cracks MD5 hashes, plaintext is one of this:
[a-z][A-Z][0-9] - length 1-7
[a-z][0-9] - length 1-8
[0-9] - length 1-12 - foxhoundadmin, on 10/12/2007, -1/+0people are undigging and digging again. watch, it'll be at 2700 by the time i'm done. this is just a theory. i'm going to test it out now.
- bem1, on 10/12/2007, -1/+0TO MANY DAMN POPUPS.....THIS THING SUCKS!
- foxhoundadmin, on 10/12/2007, -1/+0nope. kevin thought of that one. doesn't work.
that is odd how a story so old can get up the list so fast and have close to 2700 diggs but only 458 diggers. - DJB31st, on 10/12/2007, -1/+0Used this before it appeared on DIGG did the job i needed, can get people's MD5 passwords if u have the hash and its a LAME password
- rc_collins, on 10/12/2007, -1/+0We really need a negative modifier for lame stories. Like this one.
- shakin, on 10/12/2007, -1/+0I would create a spider to crawl the internet, pull out every set of characters separated by a space, get the hash, and add them to the database. This will only be useful if it has a *huge* dictionary. You may also want to create a script to generate random numbers on the end of each word and hash them as well. Use the ranges 1-9 and 01-9999 at the end of each word.
Of course, you must ask yourself what you think this will be used for. Sysadmins who forgot a password or hackers? - kinetik, on 10/12/2007, -1/+0LOL... now the # of diggs on the bottom of the page says 548. Talk about database corruption.
- ignition, on 10/12/2007, -1/+0Not a very good demo. If you use this site to generate and then crack the passwords, it will always work no matter how complex you make the password. Try generating hashes with an MD5 calculator and then enter them in the site. It couldn't even crack the password "alphabet".
It cracked the word "alphabet" I guess I need to find a new password - mixseg, on 10/11/2007, -1/+0add aa4ff0807f95959f19419ab48dab21d6:Ischta
- alecks, on 10/12/2007, -1/+0I think a good practice is to seed the password before you MD5 it. For ex: md5("someWord" & strPassword)
that will completely kill any kind of hash lookup table of this kind - MageDealer, on 10/12/2007, -1/+0Passwords Crackng - md5, sha1, mysql - http://passcracking.ru
Database + Rainbow Tables. - dbr_onix, on 10/12/2007, -1/+0"I would create a spider to crawl the internet, pull out every set of characters separated by a space, get the hash, and add them to the database. This will only be useful if it has a *huge* dictionary. You may also want to create a script to generate random numbers on the end of each word and hash them as well. Use the ranges 1-9 and 01-9999 at the end of each word.
Of course, you must ask yourself what you think this will be used for. Sysadmins who forgot a password or hackers?"
Why bother doing that? It'd be far slower than just creating an incrementing series of letters/words (Like a bruteforcer does..), generate the hash, and store it in a database..
It's simple as feck to do (I wrote it in an afternoon), but to get to 6 letter hashes (with no spaces/upper&lower case) it took around an hour, and then going up to 7 characters took a lot longer.. By 6 letters, the database was somewhere around 200-400mb..)
But.. Once the database it made (or it can always be running, untill you run out of HD space..), you can search it fairly quickly (Searching several thousand rows took a second or two, on a PC that was running a bunch of other stuff at the time..)
The only problem with my code is that the number>sequence of letters from an array f***s up when it gets to a certain number (Very high, but when it goes above this, it repeats a single letter about 100 times, no idea why)
Anyway.. This site is nowhere near the first of it's kind, but it's still not bad
- Ben - PacoBell, on 10/12/2007, -2/+0It didn't work for "3c5f727017db4d75593f3d58b9b1607a:Yggdrasil". Sorry, but it seems to be defunct.
- dude3609, on 10/12/2007, -2/+0lol, my freind made something like this already so it's not the first, but it's most deffinately one of the first.
- will.wa, on 10/12/2007, -2/+02218 diggs and just getting the front page, buggen.
- Chiefyboy, on 10/12/2007, -3/+0Not a very good demo. If you use this site to generate and then crack the passwords, it will always work no matter how complex you make the password. Try generating hashes with an MD5 calculator and then enter them in the site. It couldn't even crack the password "alphabet".
- maseone, on 10/12/2007, -3/+0yeah, no *****. 2000+ diggs, haha.
does this ***** hash web app add 10 diggs for every user who gets suckered into wasting 30 seconds of thier life going to this site? -
Show 51 - 52 of 52 discussions
No big deal, vassever. Bruno is our latest guest for Digg Dialogg. 
© Digg Inc. 2009
— Content created and posted by Digg users is