п»їHow to crack MYSQL hashes depending on the version.
This page will help you to differentiate the two hashing methods used in MySQL databases (all versions). The biggest change was done with version 4.1, when they introduced a stronger hashing algorithm based on SHA-1.
/!\ This is for educational purposes only, and should not be used for unauthorized access, tampering or accessed illegally without owner permission.
The Original (Pre-4.1) Hashing Method.
Prior to MySQL v4.1, password hashes computed by the PASSWORD() function are 16 bytes long. Such hashes look like this:
mysql_3.23> SELECT PASSWORD('mypass'); +--------------------+ | PASSWORD('mypass') | +--------------------+ | 6f8c114b58f2ce9e | +--------------------+
This hash is commonly called "mysql323" as this is the last version of MySQL to use this kind of hash.
The 4.1 (and upper) Hashing Method.
Different format of password values produced by the PASSWORD() function Widening of the Password column Control over the default hashing method Control over the permitted hashing methods for clients attempting to connect to the server Password hashes in the 4.1 format always begin with a “*” character, whereas passwords in the pre-4.1 format never do.
mysql> SELECT PASSWORD('mypass'); +-------------------------------------------+ | PASSWORD('mypass') | +-------------------------------------------+ | *6C8989366EAF75BB670AD8EA7A7FC1176A95CEF4 | +-------------------------------------------+
For developpers, a MySQL hash can be computed with :
// PHP code $sha1_hex = sha1(sha1($string,true);
How to crack those hashes.
You can paste your mysql323 hash (16-bytes) or MySQl 4.1/5+ hashes (40-bytes, without '*' !) in our system. Note : This website can crack 100% of your "MySQL323" 16-bytes hashes. Bruteforce or/and collision are used.