Hash without salt

Algorithm:
Password:
Result:


Dictionary attack
Create a hash of one ASCII character using the "Hash without salt" form and enter it over here together with the used algorithm. Then click break.

Algorithm:
Hash:
Result:


Hash with salt

Algorithm:
Password:
Salt:
Result:


Code

<%@ Page Language="C#" %>
<%@ Import Namespace="System.IO" %>
<%@ Import Namespace="System.Web.Security" %>
<%@ Import Namespace="System.Security.Cryptography" %>

<script runat="server">
void Page_Load(object sender, System.EventArgs e)
{
   string f = Server.MapPath(Request.Path);
   using(StreamReader r = new StreamReader(f))
   {
      code.Text = Server.HtmlEncode(r.ReadToEnd());
   }
}

void btn1_Click(object sender, System.EventArgs e)
{
   txtHash1.Text = FormsAuthentication.HashPasswordForStoringInConfigFile(pwd1.Text, algo1.SelectedValue);
}

void btn2_Click(object sender, System.EventArgs e)
{
   string salt = CreateSalt(64);
   txtSalt2.Text = salt;
   txtHash2.Text = FormsAuthentication.HashPasswordForStoringInConfigFile(salt + pwd2.Text, algo2.SelectedValue);
}

string CreateSalt(int size)
{
   RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider();
   byte[] buf = new byte[size];
   rng.GetBytes(buf);
   return Convert.ToBase64String(buf);
}

void btn3_Click(object sender, System.EventArgs e)
{
   char begin = (char) 0;
   char end = (char) 255;
   for (char c = begin; c <= end; c++)
   {
      string h = FormsAuthentication.HashPasswordForStoringInConfigFile(c.ToString(), algo3.SelectedValue);
      if (h == hash3.Text)
      {
         txtPass.Text = c.ToString();
         return;
      }
   }

   txtPass.Text = "Failed";
}
</script>

<html>
   <body>
      <form runat="server">
         <b>Hash without salt</b><br><br>
         Algorithm: 
         <asp:DropDownList id="algo1" runat="server">
            <asp:ListItem Value="SHA1">SHA1</asp:ListItem>
            <asp:ListItem Value="MD5">MD5</asp:ListItem>
         </asp:DropDownList><br>
         Password: <asp:TextBox id="pwd1" runat="server" /><br>
         Result: <asp:TextBox id="txtHash1" runat="server" ReadOnly="true" width="350px" /><br><br>
         <asp:Button id="btn1" runat="server" OnClick="btn1_Click" Text="Hash" />
         <hr>

         <b>Dictionary attack</b><br>
         <i>Create a hash of one ASCII character using the "Hash without salt" form and enter it over here together with the used algorithm. Then click break.</i><br><br>
         Algorithm: 
         <asp:DropDownList id="algo3" runat="server">
            <asp:ListItem Value="SHA1">SHA1</asp:ListItem>
            <asp:ListItem Value="MD5">MD5</asp:ListItem>
         </asp:DropDownList><br>
         Hash: <asp:TextBox id="hash3" runat="server" width="350px" /><br>
         Result: <asp:TextBox id="txtPass" runat="server" ReadOnly="true" /><br><br>
         <asp:Button id="btn3" runat="server" OnClick="btn3_Click" Text="Break" />
         <hr>

         <b>Hash with salt</b><br><br>
         Algorithm: 
         <asp:DropDownList id="algo2" runat="server">
            <asp:ListItem Value="SHA1">SHA1</asp:ListItem>
            <asp:ListItem Value="MD5">MD5</asp:ListItem>
         </asp:DropDownList><br>
         Password: <asp:TextBox id="pwd2" runat="server" /><br>
         Salt: <asp:TextBox id="txtSalt2" runat="server" ReadOnly="true" width="700px" /><br>
         Result: <asp:TextBox id="txtHash2" runat="server" ReadOnly="true" width="350px" /><br><br>
         <asp:Button id="btn2" runat="server" OnClick="btn2_Click" Text="Hash" />
         <hr>

         <b>Code</b><br><br>
         <pre><asp:Literal id="code" runat="server" /></pre>
      </form>
   </body>
</html>