Want to get paid for a vulnerability similar to this one?
Contact us at: firstname.lastname@example.org
MD5 Hashes protect a verity of content types such as in the case of pass phrases, session ids, etc the logic behind it is that to compute an equivalent of MD5 of all possible plain text would be a computational nightmare.
This computational nightmare has been brought one step closer to becoming an hackers’/crackers’ best friend with the introduction of the “Online MD5 Hash Database“. The Online MD5 Hash Database does exactly as it names says, stores in excess of 12 Million different MD5 values and their corresponding plain text equivalents.
How good the engine you say? will it was able to crack this MD5 Hash in near “real-time”: 1870a829d9bc69abf500eca6f00241fe (wordpress). How did it do it? well it some user has inputted the word wordpress into its Hash database.
I did the same for the words: security (e91e6348157868de9dd8b25c81aebfb9), securiteam (1d167077e74e969b9b7d34b2d901d697) and SecuriTeam (0a6b8933fcc5ea8234d49769de76cddc).