md5 and sha1

MD5 and SHA1 are known to be secure hash generator. But you may have heard that MD5 has been broken in 2005. I’ve found an interesting article that shows how md5 collides, nice reading, this generates sain or evil binaries that have the same MD5.
Also, here you can see MD5 collisions visualised.

MD5 and SHA1 are often used to generate password, and we don’t really mind if there are collisions or not, because programs stores the generated hash and with that hash we aren’t able to find the source string. But for a given string the generated hash will always be the same, so we can generate a database of MD5 and SHA1 passwords for a list of given strings. That’s why using strong passwords is important: If you don’t use strong passwords, someone can check a hash he found and find the source string. There is such a database I use sometimes to test the strength of passwords or find default passwords for a program I just installed. This database is here:

Have Fun ! 🙂


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: