Google turned into ... password cracking tool

An expert of the Department of Computer Technology at the University of Cambridge, UK, successfully used Google to crack the passwords set in MD5 format (5th-Digit Algorithm).

On a chance occasion, security expert Steven Murdoch discovered that his personal blog, Light Blue Touchpaper, was invaded by an anonymous person. This person even set up an admin account inside the Wordpress blog software - which is installed on the server.

When conducting a comprehensive test of his computer to determine the extent of the damage, Murdoch was impressed by the way the hacker hacked his Wordpress password.

Source: AFP Since all Wordpress passwords are in MD5 format and stored in a user database, Murdoch has written a script, comparing the entire keyword in the English dictionary with MD5 to Find out the corresponding word.

However, this first experimental attempt failed, and Murdoch decided to switch to using the Russian dictionary. The reason is because he found many comments written in Russian inside the code that was implanted on the server.

But even this second attempt failed. That's when Murdoch decided to rely on . Google.

Murdoch entered the MD5 password into Google and received many link results with one thing in common: The name Anthony. That made him sure enough to believe that Anthony was the password.

" Google is taking on the whole function of an unlocking tool, because it allows us to search for previously encrypted passwords. Obviously Google is doing the work they still do best: storing one. Huge database and then search in there, "Murdoch said.

Trong Cam