Welcome
  • ๐Ÿ‘‹Welcome!
  • ๐Ÿ”About Me
  • ๐Ÿ”จProjects
    • Aircrack-ng
    • SQL Injection
    • Data Exfiltration
    • Persistence
    • Lateral Movement
    • Pico Ducky
    • Useful Commands
      • Windows
      • Linux
    • Reverse Shell
    • Metasploit
    • Useful commands for website hacking
    • Web Status Code Guides
    • Zaid Website Hacking Course Notes
    • Security+ Notes
  • Try Hack Me
  • Hack The Box
    • Support
  • Hacker One
  • ๐Ÿ‘ถFreshman
    • System 140
      • Tech Glossary
      • Week 1
        • Connecting to Cyber.Local
        • Number Systems Journal 1
      • Week 2
        • SYS 140 Lab 1
        • Chapter 3 A+
        • johnson_homework1
      • Week 3
        • Derek Johnson Lab3
        • System Fundementals Hw #2
        • Derek Johnson w3 journal
      • Week 4
        • Derek Johnson RAM Lab
        • Notes
        • SYS140_Chapter7_lab
      • Week 5
        • Tech Journal
        • SYS140_Chapter7_lab
      • Week 6
        • Lab #5: PC Purchase
        • Tech Journal Week 6
      • Week 7
        • Rainmeter Lab
      • Week 8
        • Week 8 Journal
      • Week 9
        • Homework #5: I/O Research Questions
        • Accessibility Lab
        • Chapter 13 Journal
      • Week 10
        • Homework #6 Chap. 15 Commands
        • NetworkToolsLab
        • Lab 2
      • Week 11
        • Lab 9a Scripting Practice
        • Lab 9b Scripting Practice
      • Week 12
        • Week 12 Journal
      • Week 13
        • Lab 10b Linux Command Line Programs
        • Sysinternals
        • Information Literacy Integration_21
      • Week 14
        • 11/28/2022 Notes
        • Automatic Updating
        • Lab Guide on Windows 10 dd
      • Week 15
        • DF Lab_SYS140wk15
    • Security 110
      • Tech Glossary
      • Week 1
        • Professional Document Template
      • Week 2
        • Deploy a Virtual Machine
      • Week 3
        • UDP Scan Lab
      • Week 4
        • TCP Scan Lab
      • Week 5
        • Google Hacking
      • Week 6
        • Data Security Principles - Information States
        • Osint Findings
        • Security Goals
      • Week 7
        • Data Security Principles
          • SEC 110_Assignment_3 1
      • Week 8
        • Wireshark Lab
      • Week 9
      • Week 10
        • Crypto Scheme
        • 1 Caesar Cipher Activity
        • Encryption in Transit Lab
      • Week 11
      • Week 12
        • 2 Digital Certificates
        • 1_ Hash Functions Lab
        • 1_ MCRYPT
      • Week 13
        • 2_ HASHING ACTIVITY
        • Public Key Encryption
        • Public Key Encryption Part 2
      • Week 14
        • 3 Password Audits
      • Week 15
        • 2_ Digital Signatures
        • Web Security Research
    • Network 150
      • Week 1
        • johnson lab1.1 01 20 23
      • Week 2
        • Journal-Notes-01-24-23
        • Intro to Packet Tracer
        • 01 25 23 IntroToPacketTracer Johnson
      • Week 3
        • johnson-01-27-23-ObservingLan
      • Week 4
        • Johnson 3.2 02 05 23
        • Lab 3.2 notes
        • 1 johnson 02 05 23
      • Week 5
        • Lab 4-1: ARP Packet Tracer Lab
        • Lab 4-2
        • Lab-4-2-submission
        • Lab 4-3
        • 3 Johnson
        • Lab 5-1
        • Week 11
          • Dynamic Routing
      • Week 8
        • Lab 7.1 deliverable
        • Lab 7.1 Notes
      • Week 12
        • Rip-Lab-10.1
        • 10-1 Lab Johnson
        • 10-2-Johnson
      • Week 13
        • Lab 11-1 VLANs in Packet Tracer Johnson
      • Week 14
        • Lab-12-2-Johnson
        • Lab Notes
      • Lab-14-1-Johnson
    • Security 250
      • Week 1
        • Week 1: Lab Attack Simulation
        • Week 1a: Legal Analysis
      • Week 2
      • Week 3
      • Week 4
        • johnson 3bLab phishingquiz
      • Week 5
        • Steganography sec250 FA 2022 (1)
        • Shell lab SP17 DBGrevised (1)
        • Notes
      • Week 6
        • Vulnerability Information Gathering Johnson
        • Mid Term Notes
      • Week 11
        • NMAP Lab Commands
      • Week 12
        • Open VPN Lab
  • ๐Ÿง’Sophomore
  • ๐Ÿง‘โ€๐ŸฆฑJunior
  • ๐Ÿง“Senior
  • ๐Ÿ“งContact
    • Links
Powered by GitBook
On this page
  1. Freshman
  2. Security 110
  3. Week 13

2_ HASHING ACTIVITY

CLASS LAB 8-2: HASHING ACTIVITY

Countermeasures Against Cyberattacks

Asymmetric Cryptography

HASHING ACTIVITY

Instructions: This activity provides experience running hash functions and seeing what hash function outputs look like, as well as how they can sometimes be broken.

Files or Resources Needed: To complete Task 1 of this activity, you will be using the website http://www.fileformat.info/tool/hash.htm to compute hash function outputs. To complete Task 2 you will use the website https://www.md5online.org/md5-decrypt.html.

TASK 1: GENERATING HASHES FROM STRINGS

Letโ€™s take a look at some inputs to hash functions and their corresponding outputs. Use the website http://www.fileformat.info/tool/hash.htm to convert the strings to hashes. Record the hash function outputs in the appropriate places in the table.

String

MD5

SHA-1

password

5f4dcc3b5aa765d61d8327deb882cf99

5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8

Password

dc647eb65e6711e155375218212b3964

8be3c943b1609fffbfc51aad666d0a04adf83c9d

Password!

0040f2abc2cff0c8f59883b99ae9fab6

ef8420d70dd7676e04bea55f405fa39b022a90c8

!Password

Notice how different each hash value is for each string. This pseudo-randomness gives hash functions their power!

QUESTION 1-1: To the average user, what makes MD5, SHA-1, and other hash function outputs different from each other?

Different hash functions use different hashing algorithms to output different numerical values for each string.

TASK 2: CRACKING HASHES

You might wonder why there are a variety of hash functions available. This is primarily because over time some have been proven insecure for modern use. As such, cryptographic hash functions like MD5 and SHA-1 are used primarily for purposes such as verifying the authenticity of files. As computational power continues to increase, researchers must keep up by developing new or stronger hash functions. The next frontier of securing encrypting is to be resistant to the evolving field of quantum computers.

Since hash functions by their nature are nearly impossible to reverse, decrypting hash functions is a challenge. A common technique to decrypting them is to develop Lookup Tables, also sometimes known as Rainbow Tables. These tables contain known strings and their corresponding hash values. You can see just how big some Rainbow Tables are by looking at the file sizes at https://freerainbowtables.com/.

Below are some hash values, try to use https://www.md5online.org/md5-decrypt.html and see if you can figure out what the original values are!

Hint: look under the Decrypt button for the output. If the hash is in the lookup table, the output says โ€œFound:โ€ followed by the text that used to create the hash.

MD5 Hash

Hashed Text

e91e6348157868de9dd8b25c81aebfb9

security

4862ee9c9b69ca7c7ac6e012cd7665b7

requires

f068fc985d0a439e5a126d78a28cc4c9

stronger

b2803b5602c2d8dc3cecb9ec7dee659c

techniques

PreviousWeek 13NextPublic Key Encryption

Last updated 2 years ago

๐Ÿ‘ถ

9a8896ebf2e4a99e4b1c0174504c898a

4533c662e44139873ae2fd3ce1fd3dbbf08b8c92