Convert Plane Text into MD 5 Hash with Salt [VB.NET]

If you’re a software developer then often you have to take sensitive input from users and store it in some way. e.g passwords. If your app is for personal use only then it is OK to store those password strings as plane/simple text in a local database or in a text file but if you’re developing app for commercial level or even for medium level where number of other users will interact with your app then this is not a good choice.

Here comes handy a special security algorithm called as MD 5. MD 5 algorithm takes input of any kind or length and convert it into fixed 128 bit or 32 digit hash. Here is an example of MD 5 Hash:

ff23f89d5e73b949618773a515a9f80c

But wait, here arises another problem, anyone who knows that your password is encrypted with MD 5 algorithm can crack it back to original string. As some one has said, “Every problem has a solution and every solution has a problem.” Here comes handy another feature of MD 5 algorithm which is called as Salt. Salt just works like password for your MD 5 hash. As you can’t login any of your accounts without entering correct password, a salted MD 5 hash can’t be cracked without using correct Salt. I have used word crack instead of word decrypt, why? Because MD 5 is one way encoding, there is no reverse process of it. Then how online MD 5 decrypt tools work? They just generate a new hash and compare it with given hash, if both hashes match then they return those keywords with which new hash was generated. Here is an example of salted MD 5 hash:

soleYv6MtQ7ECPq4eMsRSw==

It is just an example, different methods are used to generate salted MD 5 hash. So, results can contradict with above example if you used different method other than mine.

There are some methods like Brute Force and Dictionary Attack to crack salted MD 5 hash without knowing the correct Salt but don’t worry because even a high speed and powerful computer will take years to crack it.

Tutorial:

Just start up your Visual Studio or what ever IDE you’re using for Visual Basic.net and create a Windows Form project.

Double click on form design to view coding area (in case of VS).

Import two new namespace before Public Class as follow.

Imports System.Text
Imports System.Security.Cryptography

Now define a new function and name it stringtomd5 and use inputstring as string variable and define it ByReference after Public Class.

Function stringtomd5(ByRef inputstring As String)

End Function

Note: Your have to put all following pieces of code into this function.

Define three variables within function as follow.

Dim Hashedbyte As Byte()

Dim encodingstr As New UTF8Encoding()

Dim md5encoder As New MD5CryptoServiceProvider

I am not going to explain each variable in detail as it will lead us to the out of point.

Now just convert your input string and salt string into bytes with following lines of code. Replace yoursaltkeywordhere with your desired salt within quotes.

Dim passwordBytes As Byte() = encodingstr.GetBytes(inputstr)

Dim saltpassBytes As Byte() = encodingstr.GetBytes(“yoursaltkeywordhere”)

Define a new byte variable which has length equal to combined length of password byte variable and salt byte variable and combine both password byte and salt byte into that new variable as follow.

Dim passwordAndSaltBytes As Byte() = New Byte(passwordBytes.Length + saltpassBytes.Length – 1) {}
For i As Integer = 0 To passwordBytes.Length – 1
passwordAndSaltBytes(i) = passwordBytes(i)

Next

For i As Integer = 0 To saltpassBytes.Length – 1

passwordAndSaltBytes(i + passwordBytes.Length) = saltpassBytes(i)

Next

Now compute hash from that latest variable and convert hash into its equivalence base64 string as follow.

Hashedbyte = md5encoder.ComputeHash(passwordAndSaltBytes)

Dim hashstring As String

hashstring = Convert.ToBase64String(Hashedbyte)

Now just use Return statement to get your hash string as follow.

Return hashstring

How to use this function?

Just give the function an input by following command and it will return your hash string.

stringtomd5(“mypassword”)

And by combing all pieces of code we get:

Imports System.Text
Imports System.Security.Cryptography

Public Class projectname
Function stringtomd5(ByRef inputstring As String)
Dim Hashedbyte As Byte()

Dim encodingstr As New UTF8Encoding()

Dim md5encoder As New MD5CryptoServiceProvider
Dim passwordBytes As Byte() = encodingstr.GetBytes(inputstr)

Dim saltpassBytes As Byte() = encodingstr.GetBytes(“yoursaltkeywordwithingquotes”)

Dim passwordAndSaltBytes As Byte() = New Byte(passwordBytes.Length + saltpassBytes.Length – 1) {}
For i As Integer = 0 To passwordBytes.Length – 1
passwordAndSaltBytes(i) = passwordBytes(i)

Next

For i As Integer = 0 To saltpassBytes.Length – 1

passwordAndSaltBytes(i + passwordBytes.Length) = saltpassBytes(i)

Next
Hashedbyte = md5encoder.ComputeHash(passwordAndSaltBytes)

Dim hashstring As String

hashstring = Convert.ToBase64String(Hashedbyte)

Return hashstring

End Function

End Class

Facebooktwittergoogle_plusredditpinteresttumblrmailFacebooktwittergoogle_plusredditpinteresttumblrmail

Leave a Reply

Your email address will not be published.