MD5 and SHA1 password collision example attack vectors

Post date: Jun 15, 2016 1:27:07 PM

Password limits: max 32 chars, every character in ASCII range 0x20 - 0x7E

People claim that MD5 and SHA1 collisions are trivial and salting doesn't help. So if it's that trivial, please provide me collisions. Because I didn't find any samples by Googling.

If it's that trivial as it's being said, someone smarter than me, could use that 15 minutes to provide colliding strings for all of the hashes mentioned.

I don't just personally believe it's that easy. But I might be totally wrong.

I've seen a lot of discussion, but not a single practical example anywhere.

If password is too hard, almost any English language word being 8 characters long with colliding string is a perfect start.

As example, here are some collisions using crc32. All of these words produce same end result 35c246d5.

pasword = afapaheh, avrehnqx, bgdqkibq, bkxwghlw, bwwdbova, cpmlklsb, degegezf, dfirwsly, dutpncnv, dzfartvo, enakbgqc, fodjhfvz, fskymall, gkpuqsef, gtqqdbio, gxmwhcgi, henzclfp, iazezyul, ibtrjocs, inhtfnmu.

Keywords: #password #collision #example #attack #vectors for #sha1 and #md5 #hash #challenge #hacking #cracking