I'm in the process of building a program to bruteforce passwords using golang. The format of the password hashes are a md5 hash applied 1000x to the initial password and then that being used. (The code I show is only applying this 5x)
md5(md5(md5(md5(....(md5(password))))))
func hash(pw string) string {
hasher := md5.New()
data := []byte(pw)
fmt.Printf("Initial data: %s
", pw)
for i := 0; i < 5; i++ {
hasher.Reset()
hasher.Write(data)
sum := hasher.Sum(nil)
data = sum[:]
fmt.Printf("Iteration %x has the hash: %x
", i+1, data)
}
return hex.EncodeToString(data)
}
The result from this differs from what using the command line utility md5sum gives. My other attempt was to use, because this was stateless but I still start to deviate on the second round of hashing
sum := md5.Sum([]byte(data))
What is a good/successful way of achieving calculating this iterated hash?