How to crack MYSQL hashes depending on the version

This page will explain you how to extract & crack your MySQL hashes, all versions.

MySQL database : extracting and cracking hashes

Blog Single

Intro

This page will help you to differentiate the two hashing methods used in MySQL databases (all versions).
The biggest change was done with version 4.1, when they introduced a stronger hashing algorithm based on SHA-1.

/!\ This is for educational purposes only, and should not be used for unauthorized access, tampering or accessed illegally without owner permission.

The Original (Pre-4.1) Hashing Method

Prior to MySQL v4.1, password hashes computed by the PASSWORD() function are 16 bytes long. Such hashes look like this:

mysql_3.23> SELECT PASSWORD('mypass');
+--------------------+
| PASSWORD('mypass') |
+--------------------+
| 6f8c114b58f2ce9e   |
+--------------------+

This hash is commonly called "mysql323" as this is the last version of MySQL to use this kind of hash.

The 4.1 (and upper) Hashing Method

MySQL 4.1 introduced password hashing that provided better security and reduced the risk of passwords being intercepted. There were several aspects to this change:

  • Different format of password values produced by the PASSWORD() function
  • Widening of the Password column
  • Control over the default hashing method
  • Control over the permitted hashing methods for clients attempting to connect to the server
  • Password hashes in the 4.1 format always begin with a “*” character, whereas passwords in the pre-4.1 format never do.
The changes in MySQL 4.1 took place in two stages:
  • MySQL 4.1.0 used a preliminary version of the 4.1 hashing method. This method was short lived and the following discussion says nothing more about it.
  • In MySQL 4.1.1, the hashing method was modified to produce a longer 41-byte hash value:
    mysql> SELECT PASSWORD('mypass');
    +-------------------------------------------+
    | PASSWORD('mypass')                        |
    +-------------------------------------------+
    | *6C8989366EAF75BB670AD8EA7A7FC1176A95CEF4 |
    +-------------------------------------------+
The longer password hash format has better cryptographic properties, and client authentication based on long hashes is more secure than that based on the older short hashes.
To accommodate longer password hashes, the Password column in the user table was changed at this point to be 41 bytes, its current length.

For developpers, a MySQL hash can be computed with :
// PHP code
$sha1_hex = sha1(sha1($string,true);

How to crack those hashes

You can paste your mysql323 hash (16-bytes) or MySQl 4.1/5+ hashes (40-bytes, without '*' !) in our system.
Note : This website can crack 100% of your "MySQL323" 16-bytes hashes. Bruteforce or/and collision are used.

Bonus

Google dork.

Share this Post: