2019-01-10 05:05
浏览 110


I'm in the process of building a program to bruteforce passwords using golang. The format of the password hashes are a md5 hash applied 1000x to the initial password and then that being used. (The code I show is only applying this 5x)


func hash(pw string) string {
    hasher := md5.New()

    data := []byte(pw)
    fmt.Printf("Initial data: %s
", pw)

    for i := 0; i < 5; i++ {
        sum := hasher.Sum(nil)
        data = sum[:]
        fmt.Printf("Iteration %x has the hash: %x
", i+1, data)
    return hex.EncodeToString(data)

The result from this differs from what using the command line utility md5sum gives. My other attempt was to use, because this was stateless but I still start to deviate on the second round of hashing

sum := md5.Sum([]byte(data))

What is a good/successful way of achieving calculating this iterated hash?

  • 写回答
  • 好问题 提建议
  • 关注问题
  • 收藏
  • 邀请回答

1条回答 默认 最新

  • douyou2048 2019-01-10 05:22

    Maybe I'm misunderstanding your question, but is this what you're looking for?

    package main
    import (
    func main() {
    result: %s", md5plus("123", 2))
    func md5plus(text string, cost int) string {
        for i := 0; i < cost; i++ {
            fmt.Printf("Loop %d: %s", i+1, text)
            hash := md5.New()
            io.WriteString(hash, text)
            text = fmt.Sprintf("%x", hash.Sum(nil))
            fmt.Printf(" => %s
    ", text)
        return text

    I realize you're trying to reuse the hasher in your version, but to my understanding, that's not how the library is intended to be use. You write to it to compute single hashes, not rounds.

    解决 无用
    打赏 举报

相关推荐 更多相似问题