Google MD5 searches

I have been getting a few search from Google on MD5 like this one, in which I noticed this freshmeat project, by Dave Hope.

So I download the code, and reviewed it. Brute force it correct, almost brute fumble, worst crime against CPUs every where is:

  • Converting the resulting hash to ASCII and using printf for each attempt.
    Close runner ups are:
  • Then there is the multiple use of strlen, when you have an outer loop with an integer already holding the length of the string been processed.
  • Doing a string compare on the ASCII result string vs the original.

With those limitations in place, you can safely assume the code will never get past ~9 character passwords, thus you could re-shuffle the code as I did when I did this exact same thing. But publishing this code as a tool seems premature.

While picking on the sins, what with the #include “Functions.c” inside the main function. I can only assume this is yet another useful GCC 3.x feature, but is very ugly. Why not just put three prototypes before main (only one is actually needed) and put the block of code below.

<\Rant> back to work for now…

Well maybe not, just noticed on the English version of that search, that the freshmeat project is the first item, but is also 1 1/2 years old. sigh.