Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Security Encryption

Online MD5 Cracking Service 401

toast writes "Did you forget your password but have your /etc/shadow? If so, this site is for you. Submit a MD5 hash and within a few days you'll have an answer. Of course, once Slashdot has its way, you'll have to wait a few years for an answer.. At least now I'll always know what f3789b3c1be47758203f9e8a4d8c6a2a means.."
This discussion has been archived. No new comments can be posted.

Online MD5 Cracking Service

Comments Filter:
  • Dictionary attack (Score:5, Interesting)

    by Anonymous Coward on Saturday July 03, 2004 @12:31PM (#9600604)
    This is why we use salted, iterated hashing.
    • by kasperd ( 592156 ) on Saturday July 03, 2004 @01:11PM (#9600874) Homepage Journal
      This is why we use salted, iterated hashing.

      I never really looked into exactly how crypt [daimi.au.dk] works, so I can't say for sure if it use iterated hashing. But in the case of MD5 passwords, it does indeed use a 48 bit salt (8 chars base 64 encoded). So mentioning /etc/shadow doesn't really make any sense. I still find it a bit worrying that they can crack a password with about 42 bits of entropy. A good 8 character password will have about 48 bits of entropy, which means it would take only 64 times as long to crack as what they can do now (a litle more if the hashing is in fact iterated). But the salt does mean they couldn't be cracking more than one password at a time. (I'm glad my root password is 16 chars long).
    • by hpavc ( 129350 )
      which is why this website needs to have a distributed client
      • Re:Dictionary attack (Score:4, Interesting)

        by kasperd ( 592156 ) on Sunday July 04, 2004 @03:33AM (#9604675) Homepage Journal
        which is why this website needs to have a distributed client

        How much would that help? Presumably everybody submiting a password to have cracked have a different salt, so how much can they help each other? Of course if you want to find the reverse image of a hash value by brute force, it would help to have a lot of machines working on it, and if everybody had a list of all the hashes being searched for, they could help each other. But brute forcing MD5 this way is something that wouldn't be realistic now, maybe in a 100 years we will have enough computing power to do that. So some shortcuts must be made, which is why they allow only short passwords using a restricted set of chars. This "service" will only find the password from a small set with 42 bits of entropy, the salt alone have 48 bits of entropy. Probably you could make similar shortcuts even given a salt, but they would have to be aimed at one particular salt.
    • This method and more in the next version of 101 ways to abuse virtual hosting package.
  • Hmmmmmm (Score:5, Insightful)

    by skynetos ( 778296 ) on Saturday July 03, 2004 @12:31PM (#9600608)
    hmmmm I would never submit any shadow file, who knows what the admin of the site does with the results! Nick
  • A /. 1st? (Score:4, Funny)

    by Your_Mom ( 94238 ) <slashdot@inNETBSDnismir.net minus bsd> on Saturday July 03, 2004 @12:32PM (#9600610) Homepage
    All joking aside, how much do you want to bet this is the first time the slashdot effect /really/ causes a computer to catch fire due to excessive processor heat?
  • by Zorilla ( 791636 ) on Saturday July 03, 2004 @12:32PM (#9600612)
    At least now I'll always know what f3789b3c1be47758203f9e8a4d8c6a2a means..

    Processing....

    (Three days later)

    Processing Complete: Result is 42
    • by BobPaul ( 710574 ) * on Saturday July 03, 2004 @12:35PM (#9600635) Journal
      on page 2 when results are 500, you'll find

      "f3789b3c1be47758203f9e8a4d8c6a2a" = "goatse"

      So stop submitting it! ;)
      • by arvindn ( 542080 ) on Saturday July 03, 2004 @12:50PM (#9600746) Homepage Journal
        This is probably obvious, but you can verify it using:

        $ echo -n goatse | md5sum

        f3789b3c1be47758203f9e8a4d8c6a2a -

        So parent is right.
      • by Anonymous Coward on Saturday July 03, 2004 @01:04PM (#9600837)
        So what the parent is really saying is that the question to life, the universe, and everything is "goatse"? and the answer is 42....expalins so much..
  • Passwords (Score:2, Funny)

    by Laivincolmo ( 778355 )
    I hope they can't identify information that could link you to your password... I guess most people would change it afterwards. Also, is there a possibility of abuse by this system for cracking other people's passwords?
    • Re:Passwords (Score:4, Informative)

      by mindmaster064 ( 690036 ) on Saturday July 03, 2004 @01:37PM (#9601019) Homepage
      As long as you aren't using passwords that are straight out of the dictionary (this is like 3rd grade people) you should be fine even with something like this being available. I suggest quit using passwords, and use passphrases instead. Someone MD5ing phrases will have to look for months not days.. Change your passphrase like every three months and you'll never have a thing to worry about. The only problem is that md5 has a pretty limited key space and "foo" might equal "TheLastStand" so someone may come up with an equivalent key. Regardless, md5 is designed to keep people from being able to easily come up with these passwords or alter a file it is not designed to keep people off of your computer and it is still much better than crypt. Being able to reverse an md5sum isn't going to get someone on your system that hasn't already got in. Make sure root cannot log on to your box and a user cannot su without being in wheel so if someone does crack the md5 they have no hope of getting any more rights than they already have. Configure a script to run to alert you right away if someone attempts to su but gets canned because of not being in the wheel group. Really stuff unix people should have been doing all along

      Remember: Don't Panic!

      -Mind
  • If you have physical access to your computer...which you should...then of course you could just do it all by hand by booting off of a CD. Why go through all this, unless it's to do something you're not suppose to be doing.

    I don't know, what would this be usefull for? Remote admin tasks perhaps?
    • /boot/kernel init=/bin/bah ....[wait here] bash# passwd New UNIX password: .. Takes a minute or so...
      • Sounds like a faster rescue without the need for a CD.

        Have you tried this yourself?

        I am curious about filesystems being mounted and such when you do this.

        • by sonicattack ( 554038 ) on Saturday July 03, 2004 @01:18PM (#9600912) Homepage
          I've done this a couple of times when something needed to be fixed and no-one remembered the root password. Since the system is in a very basic state after starting with init=/bin/bash, it's probably a good idea to only fix the absolutely necessary stuff in order to make a real startup.

          mount -o remount,rw /
          ... fix the password file ..
          sync ; sync
          reboot -f

          • Why sync twice?

            Surely just once will flush all data to the hard disk controller buffers, which will then be flushed to the disk surface during the reset that the BIOS will send them during a warm boot?
            • It may be that only one sync is necessary to get the data to the disk.

              But since I've heard many times that on some systems, the first sync merely schedules dirty pages for writing, while the second sync won't return until the first sync has completed (buffers actually flushed), I've always gone for the safer bet.

              Syncing three times is also a popular way of doing it. I've also noticed that the number of syncs I perform before reboot -f'ing correlates to the amount of coffee I've had. :^)
              • The idiom is "sync[return]sync[return]sync[return]", so that the first sync schedules the dirty page writing, which should (at least in theory) be done by the time the (super)user is done typing the third. Using semi-colons instead of returns defeats the purpose of doing it three times, since nothing happens until the return is typed; the second and third sync's are there only for the typing delay, which doesn't happen if they're ganged up on one command line.

                Alternately, one could simply count to five or

        • Have you tried this yourself?
          I have tried it once, and it does in fact work. (Not that I would have needed to try it, I knew it would work).

          I am curious about filesystems being mounted and such when you do this.
          There is one detail you must remember. The root filesystem is normally mounted read only if you follow the example, so you would have to remount it read/write before trying to change the password. Or you could just add rw to the boot command. Of course you have to type /bin/sh or /bin/bash, /bi
      • by Pharmboy ( 216950 ) on Saturday July 03, 2004 @02:47PM (#9601345) Journal
        or pass "linux 1" to the kernel, at least in RH. Also, what is this /bin/bah shell you speak of? Is it part of the humbug package? ;)
    • Well, perhaps you dont want to reboot your server. It could be in production or something.
  • Hmm (Score:3, Insightful)

    by Have Blue ( 616 ) on Saturday July 03, 2004 @12:33PM (#9600622) Homepage
    This seems pretty irresponsible... There's not even a disclaimer or click-through license that tells you to submit only a shadow file you are authorized to manipulate. People who have legitimately lost their passwords are going to be a tiny, tiny minority of users of this site.
    • Re:Hmm (Score:5, Insightful)

      by GodEater ( 7709 ) on Saturday July 03, 2004 @12:35PM (#9600633) Homepage
      Especially since the only people who should have access to /etc/shadow should be the people with root on the box.

      Joe bloggs on his shell account isn't going to be able to get it is he ?
    • Re:Hmm (Score:3, Insightful)

      by JeffTL ( 667728 )
      A disclaimer -- "This service, if being used for password retrieval, is intended only for use by system administrators or their authorized agents" -- would help avoid legal problems, but a click-through license is worthless. They may or may not hold water, and beyond that, how would you go about enforcing the contract?
    • Re:Hmm (Score:2, Insightful)

      I'll bet you pay attention to this message on websites:

      If you are a member of a government agency you must leave now.
      don't you?

      The site is netrual, it's the uses that are irresponsible. And a silly disclaimer doesn't change that.

    • Stop this nonsense (Score:4, Informative)

      by Peaker ( 72084 ) <gnupeaker.yahoo@com> on Saturday July 03, 2004 @12:57PM (#9600797) Homepage
      A click-through license is not a binding contract. In fact, it is absolutely nothing, legally. Yes, EULA's are worthless pieces of text as well, and shown unenforceable in court.
  • by Anonymous Coward on Saturday July 03, 2004 @12:33PM (#9600623)
    Just send us your:

    1. SS#
    2. Mother's maiden name
    3. Address of the account with the forgotten password
    4. ID of the account with the forgotten password
    5. MD5 Hash of the forgotten password

    Please send all info to The Good Samaritans c/o Nigerian Embassy.
  • Nothing new. (Score:4, Informative)

    by Moonshadow ( 84117 ) on Saturday July 03, 2004 @12:37PM (#9600648)
    There are already md5 cracking utilities out there that are extremely fast. It'd probably be faster to brute force the hash on your own machine, really.

    Now, distributed md5 cracking would be quite interesting.
  • Question (Score:4, Interesting)

    by ArchAngel21x ( 678202 ) on Saturday July 03, 2004 @12:39PM (#9600658)
    What is /etc/shadow?
    • Re:Question (Score:5, Funny)

      by Zeebs ( 577100 ) <rsdrew&gmail,com> on Saturday July 03, 2004 @12:40PM (#9600671)
      What /etc/passwd leaves against a surface when you shine a light at it.
    • Re:Question (Score:2, Insightful)

      by Prod_Deity ( 686460 )
      You must be new here.
    • Re:Question (Score:2, Informative)

      by mooingyak ( 720677 )
      On Solaris Sytems (and probably others, but I only know for sure about Solaris) you have two files containing user/login information. /etc/passwd has most of that information, such as login name, actual name, home directory, login shell, etc. Any user can read the contents of /etc/passwd.

      The shadow file contains the login name, the hashed password, and some other stuff that I don't recall. This file is readable by root only.
    • In the old days, you just had a world readable /etc/passwd. It had to be world readable because that was where all the uid username, uid home directory, etc. lookups got their data from. this left the passwords, though encrypted, world readable. Passwords are a one-way hash algorithm, so the only way to break a password is to guess something, encrypt it, and see if it matches. In theory, very hard to break. In practice, people severly limit the possible password space to search (how many passwords do
    • Re:Question (Score:3, Informative)

      by Nailer ( 69468 )
      Its where you password hashes (stored versions of passwords) live these days. /etc/passwd just stores user properties, but not the password hashes. It did once (hence the name), but since everyone on a Unix box can read the passwd file (so users can find each others home directories, for example) they could read the hashes too. With enough time and computing power, they could work out what the typed-in password were from the hashes.

      If we could rename /etc/passwd /etc/users, and /etc/shadow /etc/passhashes,
  • Umm.. (Score:5, Informative)

    by pilot1 ( 610480 ) on Saturday July 03, 2004 @12:43PM (#9600696)
    "At the moment we can crack md5 hashes in this character range: a-z;0-9 [8] which means we can break almost all hashes (99.56%) which are created from lowercase plaintext with letters and/or digits up to length of 8 characters." (Emphasis mine)

    If your password is under 8 characters and contains only lowercase letters and digits, you deserve to be cracked.
    If you use a proper password, then you have nothing to fear from this "service"
    • Re:Umm.. (Score:3, Insightful)

      by Vellmont ( 569020 )

      If your password is under 8 characters and contains only lowercase letters and digits, you deserve to be cracked. If you use a proper password, then you have nothing to fear from this "service"


      Why am I so vulnerable if I don't have > 8 character passwords? Only root can look at /etc/shadow, so I guess if you already have root, you could guess my password. Big deal. Root can do anything to the system+account anyway, so this isn't much of a security compromise
      • Re:Umm.. (Score:3, Informative)

        by pilot1 ( 610480 )
        The shorter the password, the fewer the number of combinations, the less time it will take to crack.
        Anything > 8 takes long enough to crack for it to be somewhat secure.
        • Re:Umm.. (Score:3, Informative)

          by julesh ( 229690 )
          You missed the point -- if an intruder already has his password hash, they've got control of the system, so why would they benefit from cracking his password.

          What he's neglected to consider is that his password hash might be revealed by an exploit that can only read files as root, but not make modifications, thus enabling a crack which allows someone to log in with full access. E.g., an 'htpasswd' file inside a public web directory on which some dull admin had failed to ensure couldn't be accessed by an i
    • Re:Umm.. (Score:4, Interesting)

      by cgenman ( 325138 ) on Saturday July 03, 2004 @01:23PM (#9600937) Homepage
      Anyone else wonder if this is just a clever way to steal passwords?

  • 'scuse me? (Score:4, Insightful)

    by NitsujTPU ( 19263 ) on Saturday July 03, 2004 @12:44PM (#9600702)
    While I'm *cough* sure that this site has good intentions, the best thing to do if you lose your password is

    1) Get the admin to change it for you.

    or, if you've lost the root password

    2) Boot through some external method (generally from CD or network) and change your password that way.

    Admins should keep the shadow file safe from malicious access, but this is giving it to a 3rd party... bad juju.
  • How much use? (Score:3, Interesting)

    by pctainto ( 325762 ) on Saturday July 03, 2004 @12:44PM (#9600710) Homepage
    If you RTFA, it says that it will only hack the following passwords:

    a-z;0-9 [8]

    This just seems sorta pointless. Many people are ocmplaining about you getting a password for someone else's stuff -- but if they put a capital letter, or any sort of special character, they're safe from this attack. Is there a reason that they didn't add capital letters into the algorithm?
  • by erikharrison ( 633719 ) on Saturday July 03, 2004 @12:45PM (#9600719)
    At least now I'll always know what f3789b3c1be47758203f9e8a4d8c6a2a means

    A quick check of hashes pending results shows that not only will you know, but also the 52 dronelike /.ers who submitted the same hash.


    Tip: Change your password.

  • why? (Score:2, Interesting)

    so, what they are saying is that they can tell me my password if i give them my /etc/shadow. however, that file can't be read, opened, et cetera, unless you are root. so if i had my root password, i could change my user's password anyway... or make a new user and copy all my ~ files over. If I didn't have my root password, but had my user with sudo, I could fix it. Or I could reboot into single user mode. All things which can be done for FREE and without fear of the decrypted password file out in la-la-
  • Interesting... (Score:3, Interesting)

    by Quixote ( 154172 ) on Saturday July 03, 2004 @12:52PM (#9600755) Homepage Journal
    From the passcracking.com page:
    This project is using RainbowCrack [antsight.com] technology

    Heading on over to the RainbowCrack [antsight.com] page, we find (at the bottom):
    Contact Information
    Zhu Shuanglei shuanglei[at]hotmail.com
    Member of Kingnet Security, Inc.
    Shanghai, China

    • by drix ( 4602 ) on Saturday July 03, 2004 @01:36PM (#9601016) Homepage
      Ah ha! You've got `em, you cunning sleuth, you.

      It will be a cold day in Hell before I hand my /etc/shadow over to a Chinese person.

      Thank you so very much for enlightening me and the rest of /. about this very pertinent, sensitive and telling piece of information.
      • by BJH ( 11355 )
        Personally, I'd be more worried about handing my password over to someone whose main point of contact is a Hotmail address.
  • hash (Score:4, Funny)

    by k31bang ( 672440 ) on Saturday July 03, 2004 @12:55PM (#9600782) Homepage
    All this talk about Hash is making hungry for brownies.
  • Brute force search (Score:5, Informative)

    by arvindn ( 542080 ) on Saturday July 03, 2004 @12:57PM (#9600801) Homepage Journal
    Just so that its clear, they haven't broken MD5 in the cryptographic sense; they're merely using the fact that the 8 character password space is small enough if you are restricted to lowercase alphabets and numbers (about 3*10^12) to run the whole thing through a brute force search. The nice thing is that they precompute all the plaintext-ciphertext pairs, which means that the actual cracking step is simply a lookup. Lookup can be greatly speeded up if you're looking up lots of things at once, so the /. effect is a very good thing for them, throughput-wise :-)
  • by fanatic ( 86657 ) on Saturday July 03, 2004 @01:15PM (#9600901)
    From the rainbbow crack FAQ site: http://www.antsight.com/zsl/rainbowcrack/faq.htm [antsight.com]:
    1. Is it possible to crack /etc/shadow file in linux with time-memory trade-off technique?
    No, you can't. Linux use salt to randomize the hash, which is originally designed to defend this kind of attack. However, any hash with salt is resistant to time-memory trade-off attack, while hashes without salt aren't.
    Emphasis added.
    • Is Linux salt like Morton's Salt? Would that be idodized, non-iodized, rock, kosher, or sea salt? ;) How many teaspoons are neededto salt the Hash? And what if I want pepper too,does that mess up the amount of Salt needed... (a little levity never hurts cryptographic discussions)
  • by jCaT ( 1320 ) on Saturday July 03, 2004 @01:21PM (#9600929)
    Why not just use the method that crypt() uses, and use a salt? It's not terribly difficult to implement, and it would mean their database would need to be roughly 3,800 times as big as it is now ( assuming [a-zA-Z0-9]{2} ) Since they have 47.6 GB of lookup tables now, adding a salt would mean the resulting database would be over 180 terabytes.

    Not to mention adding in special chars and uppercase letters, which would increase the database by 600 fold, assuming it's linear...
  • by rdewalt ( 13105 ) on Saturday July 03, 2004 @01:34PM (#9601002) Homepage
    Sorry, but this is nothing more than a "Oh cool." to me. It has no value to me as an admin. I lost my root pw, or my user passwords? I have physical access to the machine, I just reboot single user, and boom, I'm in.

    I purchase old computers all the time (where old is relative of course) often with passworded logins, or -always- the owner forgot the root password. Every OS I've come across with has had a way to get past the password protection -IF YOU HAVE PHYSICAL ACCESS-

    Now if you lose your login on your unix machine that you have remote access to only, contact whoever hosts it, have -them- break it open for you. If they don't know how... question their admin-fu.

    A short range MD5 cracker. Neat tho, but nothing more than brute force no?
  • by chill ( 34294 ) on Saturday July 03, 2004 @01:45PM (#9601051) Journal
    Well, 36 ^ 8 = 2,821,109,907,456. How long does it take to compute an MD5 Sum?

    More to the point, consider "cracking" passwords in this manner:

    The NSA has been reported to have ACRES of computer space; their own chip fab and some of the fastest computers in the world.

    What if, decades ago, they just dedicated banks of systems to cracking all possible passwords hashed with crypt. Then, a few years later, did the same thing with MD5, SHA-1, and Blowfish -- as each became available.

    They store all this stuff in a table, and now getting passwords to most systems is nothing more than a quick table lookup.

    Yes, I know the math. However, add in a bit of psychology and statistics.

    Most people don't use characters you can't type on a keyboard for a password. VERY few do ALT-nnn or something like that. Most are going to be puire alpha, or alphanumeric. Some will contain special characters.

    Meaning, you don't have to exhaust the entire 8-bit character space to get the vast majority of what you're looking for.

    Is it really a surprise that something like this is starting to be possible on consumer systems?

    Heck, imagine a beowulf cluster dedicated to this...
    • How long does it take to compute an MD5 Sum?

      Approximately 30 cpu cycles per byte, rounded up to a block size of 16 bytes, I think. That's assuming you can't vectorize the operations easily. That suggests that an average consumer system could generate the table for this project in approximately a week. Vectorize that correctly and you can probably halve it.
    • by Otto ( 17870 )
      They store all this stuff in a table, and now getting passwords to most systems is nothing more than a quick table lookup.

      As should be obvious, a table lookup through a few terabytes of data isn't all that quick.

      That's what this is all about. Rainbow crack, which is what the original posts site is using, is a faster way to look things up in tables. So when they say it works for anything a-z,0-9, then they mean that they have precalculated all those passwords (up to 8 chars) and what you are in fact doing
  • How it works (Score:5, Informative)

    by slubberdegullion ( 544119 ) on Saturday July 03, 2004 @01:51PM (#9601079)
    Their method isn't just a brute-force attack or a "brute-memory" list of PLAINTEXT:HASH. It is faster than brute-force, and uses far less memory than "brute-memory"

    It is a time-memory tradeoff. They come up with a "reduction function" R, which maps hashes into keys. It is not a reversal of the md5 algorithm, it just generates some key based on the hash. Then they create sequences of hash, key, hash, key, hash, key... with each key being the reduction function applied to the previous hash, and each hash being the hash function applied to the previous key. They stop their sequences when they reach "distinguished values," which may e.g. have 0's for the first 12 bits. Then they store the start and endpoints of the sequence.

    So now they have a list of start and endpoints for these chains of hashes and keys. To crack a hash, they apply the same process to it - reduction function, hash, reduction function, hash, until they reach a value that is in their table of endpoints. Then they begin at the startpoint associated with that endpoint, and regenerate the sequence up to the hash they're trying to crack. Since the key directly before that hash hashes to that hash, they've successfully cracked the hash.

    The "rainbow" refers to the recent innovation of using a different reduction function for each step of the sequence, i.e. using R1 on the first hash, R2 on the second, etc. This means that, even if two sequences contain the same hash, they probably won't be exactly the same after that - a significant problem with the older method of having a single reduction function.

    If you want to read about this in more detail with math symbols and such, the pdf is linked from the site.

  • by whiteranger99x ( 235024 ) on Saturday July 03, 2004 @02:00PM (#9601128) Journal
    ROLAND The combination is (hesitates) 827ccb.
    HELMET 827ccb.
    SANDURZ 827ccb. (writes)
    ROLAND 0eea8a.
    HELMET 0eea8a.
    SANDURZ 0eea8a. (writes)
    ROLAND 706c4c.
    HELMET 706c4c.
    SANDURZ 706c4c (writes)
    ROLAND 34a1689.
    HELMET 34a1689.
    SANDURZ 34a1689. (writes)
    ROLAND (hesitates) 1f84e7b.
    HELMET 1f84e7b.
    SANDURZ 1f84e7b. (writes)
    HELMET So the combination is 827ccb0eea8a706c4c34a16891f84e7b (lifts mask) That's the stupidest combination I've ever heard in my life. That's the kinda thing a fucking n00b would have on his Windows box. ;)
  • by Griim ( 8798 ) on Saturday July 03, 2004 @02:05PM (#9601148) Homepage
    "827ccb0eea8a706c4c34a16891f84e7b?? That's the same combination that's on my luggage!"
  • Keepass (Score:3, Informative)

    by DarkHelmet ( 120004 ) * <.mark. .at. .seventhcycle.net.> on Saturday July 03, 2004 @02:50PM (#9601355) Homepage
    All my passwords are generated through KeePass [sourceforge.net]. They are 21 characters in length, from A-Z|a-z|0-9. I have the options to introduce other characters into the keyspace, but I wish anyone best of luck in cracking a 132 bit address space :)

    Anyway, time to change up to SHA1 ;)

  • by Twid ( 67847 ) on Saturday July 03, 2004 @03:07PM (#9601430) Homepage
    17:25 <ge_> http://passcracking.com/
    17:25 <ge_> !!
    17:26 <toast> interesting
    17:26 <toast> let's DoS it
    17:26 <ge_> hehehehe
    17:26 <toast> just write a distributed tool to submit nonsense and keep the queue full
    17:26 <ge_> worse
    17:26 <ge_> let's slashdot it!
    17:27 <toast> haha
    17:27 <toast> perfect

    :)

  • by profet ( 263203 ) on Saturday July 03, 2004 @04:41PM (#9601944)
    #!/usr/bin/perl

    use Digest::MD5;

    use constant POSSIBLE_CHARS => 'abcdefghijklmnopqrstuvwxyz0123456789ABCDEFGHIJKLM NOPQRSTUVWXYZ';
    use constant LAST_POSSIBLE_CHAR => substr(POSSIBLE_CHARS, length(POSSIBLE_CHARS) -1, 1);
    use constant FIRST_POSSIBLE_CHAR => substr(POSSIBLE_CHARS, 0, 1);

    print "Digest:\t";
    $digest = <STDIN>;
    chomp($data);

    $ctx = Digest::MD5->new;

    print "Beginning to decrypt...\n";
    $attempts = 0;
    $current_string=FIRST_POSSIBLE_CHAR;

    $start _time = time();

    while($digest ne $attempt)
    {
    $current_string = next_string($current_string);

    $attempts++;

    $ctx->reset();
    $ctx->add($current_string);

    $attempt=$ctx->hexdigest();
    }

    $end_time = time();

    print "String decrypted...\n";
    print "String = '$current_string'\t\t\tHash = $attempt\n";

    $time_to_complete = $end_time - $start_time;
    $seconds = $time_to_complete % 60;
    $time_to_complete = ($time_to_complete - $seconds) / 60;
    $minutes = $time_to_complete % 60;
    $time_to_complete = ($time_to_complete - $minutes) / 60;
    $hours = $time_to_complete % 24;
    $time_to_complete = ($time_to_complete - $hours) / 24;
    $days = $time_to_complete % 7;

    foreach $unit (($seconds, $minutes, $hours))
    {
    if($unit < 10) { $unit = '0' . $unit; }
    }

    print "String found in $days days, $hours:$minutes:$seconds\t\t\t$attempts cycles\n";

    sub next_string
    {
    ($string) = @_;

    $last_char_of_string = substr($string, length($string) - 1, 1);

    unless( $last_char_of_string eq LAST_POSSIBLE_CHAR )
    {
    substr($string, length($string) - 1, 1, substr(POSSIBLE_CHARS, ( rindex(POSSIBLE_CHARS, $last_char_of_string) + 1 ), 1));
    return $string;
    }
    else
    {
    if( (length($string) == 1) && ($string eq LAST_POSSIBLE_CHAR))
    {
    return FIRST_POSSIBLE_CHAR . FIRST_POSSIBLE_CHAR;
    }
    else
    {
    return next_string (substr($string, 0, length($string) - 1) ) . FIRST_POSSIBLE_CHAR ;
    }
    }
    }

"All the people are so happy now, their heads are caving in. I'm glad they are a snowman with protective rubber skin" -- They Might Be Giants

Working...