This code was written as an assignment for the subject CS-6813 Information Security and Privacy at NYU Tandon School of Engineering. In this assignment, we were provided with the hash strings of the passwords of the user accounts on the website eharmony.com, which got leaked in circa 2011. We were supposed to run a script or program which decrypts these provided hash strings into the actual passwords. These passwords were hashed with message digest-5 (MD5) algorithm.
The approach that I adopted was to run a dictionary attack on the hashed strings. As the hash function is an one-way function and it is nearly impossible to decrypt some meaningful information out of it, dictionary attack is one of the only few methods through which we can obtain those input strings. The dictionary attack mechanism that I went ahead was to hash the wordlists of a common password list, rockyou.txt. Then I compared those hash strings with the given hashed-password list of eharmony.com. The strings which had the some MD5 output was the actual password of the user.