how to retrieve a md5 hash
hello i am relatively new to this so any help is appreciated. i do indeed plan on hacking my friends Facebook account, all for fun of course, i hardly believe that my reason needs too much morale justification, but any way, i have a couple of programs to crack md5 hash 1 of which i found on hbh. but the only problem i have is… i need a way to get the md5 for his password??? anyone have any idea? or perhaps a more efficient one? i am well aware of how long it takes to crack md5. All help will be appreciated:)
Unless you have a database dump of Facebook and Facebook is actually using MD5 to store the hashed version of their users passwords I don't give you a lot of luck with that.
Cracking a MD5 hash is a wide subject, if you just want to crack it without any background knowledge about the process I would advise you can use an application I built which you can find here: http://cr.ackack.net
If my cracker couldn't find it you can use Google (just insert the hash) or use John in incremental mode - it's a popular good free application with which you can crack hashes; you should learn a lot about this cracker it can kick in handy a lot of times.
I have seen a cool presentation at OWASP from Samy Kamkar where he hacked in rsnake's Facebook through flaws in the (PHP) sessions implementation of Facebook, you might want to do some investigation and try that out, I believe Facebook did not really patch that issue. Here are some links to get you started with that: http://samy.pl/talks/2010-talk.ppt https://media.blackhat.com/bh-us-10/whitepapers/Kamkar/BlackHat-USA-2010-Kamkar-How-I-Met-Your-Girlfriend-wp.pdf
Jelmer de Hen wrote: Cracking a MD5 hash is a wide subject, if you just want to crack it without any background knowledge about the process I would advise you can use an application I built which you can find here: http://cr.ackack.net
cr.ackack.net 404's for me, by the way.
I have seen a cool presentation at OWASP from Samy Kamkar where he hacked in rsnake's Facebook through flaws in the (PHP) sessions implementation of Facebook, you might want to do some investigation and try that out, I believe Facebook did not really patch that issue. Here are some links to get you started with that: http://samy.pl/talks/2010-talk.ppt https://media.blackhat.com/bh-us-10/whitepapers/Kamkar/BlackHat-USA-2010-Kamkar-How-I-Met-Your-Girlfriend-wp.pdf
I actually really recommend this to anyone else who stumbles across here as well! It's a great presentation.
@OP - Like I said in your other duplicate post, you're going about this the wrong way. You would have to have access to the actual Facebook database first, like Jelmer said. This would require actually breaking into Facebook. So getting the MD5 is probably not going to be the easiest method.