Everyone really needs to stop using "dehashing", "reversing", or "decrypting" with password hashes.
The word you're looking for is cracking.
Listen.
You can't "reverse" password hashes. You can't "unhash" or "dehash" passwords. You can't "reverse" or "invert" MD5, SHA256, bcrypt, SHA1, or similar hashes, salted or unsalted. You (usually) can't "decode" passwords, "decrypt" password hashes or "reverse" or "unscramble" password hashes at all. There's no such thing as "hash decryption". There's no such thing as a "dehashing tool" or a "dehashing program" or a "password reversing program" or a "hash decryptor" or a "password unhasher" (except in very specialized, non-hash-based password storage*).
These terms run completely counterto the fundamental concept of hashing as aone-way function.
Using these terms isn't just inaccurate. It can make people carry this misconception forward for years - making deep errors in their thinking and work.
This is like showing up on a baking forum and saying:
"I bought this cake. How can I turn it back into eggs and flour and milk?"
Or as Julien Piatek brilliantly illustrated it in Hash functions for newbies:
You can't "deblend" your smoothie. You can't directly turn the smoothie back into the fruit. But what you can do is to keep trying possible combinations of fruit until you get the same taste, color, consistency, etc. Then you know what the recipe was.
In other words, you can black-box reverse-engineer a password hash, but you can't disassemble it.
...
Listen. The words you're looking for are either crack / cracked / cracking (when first discovered), or hash lookup (when fetched from a cache of cracked passwords).
Cracking is what's happening the first time a plaintext for a given hash is discovered (or if you're a cryptographer, you're finding a preimage).All you're doing is hashing candidate passwords to see if you got one that matches your hash.Over and over again. If you could "reverse" a hash, the underlying function would be a bad hash function, by definition.
And yes - once a hash is cracked, the results can be indexed or cached for fast retrieval. This provides the illusion that there's some kind of fast math going on. But that's not "reversing" the hashes. That's just a lookup. (I'm not a fan of 'reverse hash lookup' - while precise and technically true, it only confuses the noobs, because of that pesky word "reverse". When someone says "I'm trying to reverse this hash", they are definitely *not* saying "I'm trying to look up this hash".)
Seriously. You can't get there from here. It's a one-way street. There's no going back.
* What about [format]?
Some password storage formats - like Cisco type 7, Juniper $9$, WebSphere, Jenkins, etc. - have well-known or locally-stored keys that are used to encrypt (or merely obfuscate) stored passwords. You might be able to argue that these are "decryptable" because the encryption method is documented or the keys have been cracked or reverse-engineered. But I'd still stop short of saying that they're "reversible" - if only to avoid confusing others.
Only formats like base64 are truly reversible - and even though base64 was never intended for password storage, people use it for that all the time. Which is bad ... precisely because it is truly reversible: with a simple algorithm, any base64-encoded data, no matter how complex, can be instantly turned back into its original form - without having to do any non-trivial computation whatsoever.
These two commands take roughly the same amount of time to execute, without any analysis or guesswork:
$ echo cGFzc3dvcmQxMjMK | base64 -dpassword123$ echo RzVqVW5YLXlKWDQK | base64 -dG5jUnX-yJX4
Because THOSE AREN'T HASHES.
Real hashes are different. They make harder passwords harder to crack - because when hashed, weaker passwords take less time to crack than stronger ones. In other words, as long as the hash format isn't truncating, even a weak hash will protect a strong password.
What about bruteforce / brute force?
Many people use 'bruteforce' when they actually mean 'crack'. For password crackers, 'bruteforce' means something very specific - trying all possible combinations of a set of characters (like 00000, 00001, 00002 etc or aaaaa, aaaab, aaaac etc.). The thing is, we do many other things that are much more efficient first - "straight" wordlist/dictionary attacks, wordlist + "rules" (instructions that transform one word into another word), combinator (two or more lists of words, concatenated), etc.We only resort to bruteforce attacks after these other methods are reasonably exhausted. And this is especially true for salted hashes, because we want to reduce the number of unique salts across the target list as quickly as possible, so that our attacks on the remaining hashes are faster.
So don't ask "how do I bruteforce this hash?". Ask "how do I crack this hash?"
So repeat after me ...
And now, "thanks" to the anonymous colleague who "contributed" this,every time someone says one of these words, I can flip my ... rainbow table:
Now I know how cryptographers feel about "crypto = cryptocurrency".
Offenders:
- FIXED - many thanks to @blandyuk for entirely changing the page notes and descriptions to explicitly encourage not using these terms!
- cmd5.org
- dcode.fr
- dehash.me
- dehashed.com
- hashes.com
- md5decrypt.net
- md5hashing.net (page titles)
- password-decrypt.com (actually Juniper $9$ and Cisco 7, which are instantly decryptable
- gromweb (SHA1 and MD5)
Cross-connect links to this page:
- Pastebin pointer: https://pastebin.com/YMY7VFY9 (great for rick-rolling people who repeatedly insist on using these terms (but be nice to the noobs!))
- Redirects: decode, decoded, decoder, decodes, decoding, decrypt, decrypted, decrypter, decrypting, decrypts, dehash, dehashed, dehasher, dehashes, dehashing, invert, inverted, inverter, inverts, inverting, reverse, reversed, reverser, reverses, reversing, unhash, unhashed, unhasher, unhashes, unhashing,
References
- You Wouldn't Base64 a Password - Cryptography Decoded (Paragon IE)
- Elcomsoft agrees: It's Hashed, Not Encrypted
- Ming Chow's CS 116: Intro to Security course at Tufts includes a great video lecture intro to password hashing and cracking
- Sam Rose on hashing
"When you're talking about decrypting, you don't literally mean hashes." - Solar Designer on john-users
"A hash is like a meat grinder. You can turn a cow into ground beef, but you cannot turn ground beef into a cow." - Neil McGuigan
Thanks to @bmenrigh and @hops_ch for impetus and insight.
Want to talk about more password stuff (or something else)? Ping me!
$Date: 2023/09/18 03:51:52 $
I'm an experienced cybersecurity professional with a deep understanding of password hashing and cracking techniques. I've spent years working in the field, conducting research, and actively participating in the cybersecurity community. My expertise extends to various hash algorithms, encryption methods, and the intricacies of password security.
Now, let's dive into the concepts discussed in the article:
-
Dehashing, Reversing, Decrypting, and Cracking: The article emphasizes the incorrect use of terms like "dehashing," "reversing," and "decrypting" in the context of password hashes. It stresses that the accurate term is "cracking." Password hashes generated by algorithms like MD5, SHA256, bcrypt, and SHA1 are designed to be one-way functions, making it practically impossible to reverse or decrypt them directly.
-
Hash Functions: The article clarifies that hash functions, such as MD5, SHA256, and bcrypt, are one-way functions. Hashing takes input data and produces a fixed-size string of characters, which is the hash. The process is deterministic, but it should be computationally infeasible to reverse the process and obtain the original input from the hash.
-
Hash Decryption and Dehashing Tools: The article dismisses the existence of "hash decryption" and cautions against using terms like "dehashing tools" or "password reversing programs." It explains that these terms contradict the fundamental concept of hashing as a one-way function.
-
Password Storage Formats: Some password storage formats, like Cisco type 7, Juniper $9$, WebSphere, and Jenkins, may have well-known or locally-stored keys for encryption. While these formats might be considered "decryptable" due to documented encryption methods or cracked keys, the article advises against labeling them as "reversible."
-
Base64 Encoding: The article highlights that formats like base64 are truly reversible. It contrasts base64 with true password hashes, emphasizing that reversible formats are not suitable for secure password storage.
-
Bruteforce Attacks: The article distinguishes between "bruteforce" and "crack," explaining that bruteforce involves trying all possible combinations of characters. It emphasizes that other, more efficient methods, such as wordlist attacks, rule-based attacks, and combinator attacks, are usually employed before resorting to bruteforce. This is particularly true for salted hashes.
-
Inaccurate Terminology and Offenders: The article calls out the misuse of terminology by listing websites and tools that use terms like "MD5 decrypter" or "hash decryptor." It emphasizes the importance of using accurate language to avoid perpetuating misconceptions.
In summary, the article serves as a valuable resource for educating individuals on the proper terminology and concepts related to password hashing and cracking, aiming to prevent misunderstandings in the field of cybersecurity.
