Fascinating read. Thank you.
Originally Posted by tubbygweilo
One thing that I am curious about is how the crackers were able to piece together whole passwords from the hashes of portions of those passwords.
From the post:
The article goes on to explain how dictionary attacks work, how well they do, and the sorts of passwords they find.
Steube was able to crack "momof3g8kids" because he had "momof3g" in his 111 million dict and "8kids" in a smaller dict.
I thought that even the slightest modification to the input of a cryptographic hash function would substantially change the hash. So how were the crackers able to piece-together whole passwords, simply due to their having constituents of those passwords' hashes in their dictionaries? The author of the blog post mentioned that the passfile was hashed with MD5, so maybe that has something to do with it. I was aware that, as the author stated, MD5 was inappropriate for hashing passcodes - although I don't have a good understanding of why that is. I'm new to this stuff. But isn't MD5 still somewhat good for validating the integrity of files (i.e., to verify they weren't tampered with)? So wouldn't a small change to the input of the MD5 hash, still produce a substantially different hash?