ok well im trying to make my own lil bruter type prog for md5 hash i know kindve pointless due to the rainbow tables and all but thats just my point i want my prog to work almost like that goes through hits letter by letter by letter till it gets the right password but i know itll require alot n alot of weeks months n prob years to even compile n e thing like that so i was wonderin if i did what would be the best lang to do it in? vb? c++? c#? python? delphi?


also if ya dont like that could some 1 possibly help me make a prog that searchs all md5 hash dbs for the pass for a md5 hash ?

I suggest you C++ or C#, they are probably the best for that.

OFFTOPIC :
I moved this thread from Technical Support to Lounge, i think it is better to there.

ok thanks debcol n ima try it in c++ since i been doin that 1 alot lately but for makin game hacks usin pushtoconsole n sht lol so i hope i can figure this 1 out if not would u be able to give a few pointers??

Well i am not much of an expert in hashing, but i know one thing : "Bruteforce is surely going to find solution, but it takes too much time !". So i suggest you to understand process of MD5 Hashing and to try with probability. I know there are algorithms that crack hashes really fast. And yeah, try to find solution that someone else made, maybe that is going to give you an idea.

Remember that brute forcing md5 is going to be an EXTREMELY slow process. It requires a bit of processing power to hash out whatever it is your looking for. The process goes like this, using psuedo-code.


There are a few things to remember though:
-- You don't know how long of a string the hash represents. The string that is hashed could be 1 character long, or 1000.
--Current processing power makes it infeasible to brute force anything that's longer than 7 characters? Why? Because the processing time required to hash something and compare it is just too long. Additionally, each character length adds exponentially more potential passwords.
--An example: A hash can be made from any series of characters. Let's just say the hash is alphanumeric (only numbers and letters). So we have a-z, A-Z, and 0-9. This means we have 62 potential characters in each character spot. So, if we have a 3 length string that's been hashed, and we KNOW it's 3 characters, we have 62^3 possible combinations to try, or 238328. That's not too bad. Let's make it 7...62^7 = 3521614606208. Woops. It just got bit. How about 8? 62^8 = 218340105584896. Yeah....that's 62 TIMES bigger. So while it would take you YEARS to exhaust 62^7 attempts, it would take you 62 times longer to try an 8 character string.

So...I hope that I helped you realize that brute forcing is not going to be efficient. If you want to try a dictionary attack, that's understandable. Having a set limited number of strings you will attempt to crack with will provide a reasonable time frame. However, you will be ale to crack very few hashes.

I also hope that I didn't dissuade you from trying new things. Remember that rainbow tables were created because current processing power just isn't good enough to justify cracking. Tables provide a great ability to save time over the long haul by basically pre-cracking every available hash with a given set of characters.

That is great reply ajcis55. I totally understand what you wanted to say. Bruteforce is okay if you have small number of possible combinations.
And mathematical formula for combinations (in this case variations if we want to be mathematically correct) has factorials inside and they grow really fast.
Dictionary attacks are okay, but it is possible not to get solution. Maybe the best thing is to start thinking about laws of probability.
All together cracking by trying different combianations is the only way.