[Owasp-natal] JTR against 135 millions MD5 hashes

Noilson Caio caiogore em gmail.com
Domingo Junho 17 16:40:40 UTC 2012

As part of a recent presentation for the InfoSec Southwest conference (
http://www.infosecsouthwest.com/), KoreLogic scoured the Internet looking
for MD5 and SHA1 password hashes. We came up with a few--about 146 million.
In order to improve the research behind better password cracking--and
stronger password storage and strength enforcement--researchers need raw
data, and real data is better than contrived data.

These hashes were obtained from Hash-cracking websites and forums, pastebin
leaks, paste2.org, yourpaste, MD5 hashcracking lists, Google, etc. All
these hashes were previously published and shared publicly by other people
on the Internet, and KoreLogic is not responsible for their initial

We collected these, removed as many "bad" or invalid hashes as possible,
removed any usernames or site information, sorted, and uniqued them into
this one massive list. Some non-crackable hashes and other noise might have
slipped through; for example we know there are at *least* 5,000 NTLMs in
this list. Additionally, some of the MD5s might be missing their salts.

The result is a 2.5 gigabyte tarball. A .torrent of it is available here:



Noilson Caio Teixeira de Araújo
Linux Professional Institute Certification  2 - LPI000182893
Novell Certified Linux Administrator (CLA) - 10111916
Novell Data Center Technical Specialist

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-natal/attachments/20120617/dfc5794d/attachment.html>

More information about the Owasp-natal mailing list