This website uses cookies to ensure you get the best experience on our website. Learn more
How Attackers Use mdxfind to Crack Passwords
Table of Contents
Last updated on May 12, 2026
Password cracking is relatively straightforward when everything is known. Given a set of hashes and the algorithm behind them, crackers can apply tools like Hashcat effectively. But Hashcat assumes that an attacker or researcher already knows what they’re dealing with, which in many scenarios isn’t the case. When someone is working through a pile of hashes from a forum breach, infostealer log, or mixed data dump, and the algorithms aren’t clear, mdxfind helps them uncover how those hashes were constructed.
Within these datasets, it’s also possible to encounter more obscure or custom-built hashing schemes. Some platforms still rely on chained constructions like md5x4 [md5(md5(md5(md5(password))))] or md5(sha256(password)), on the assumption that layering algorithms adds meaningful protection.
The thinking is that attackers would need to break each stage individually, making recovery impractical. That approach doesn’t survive contact with reality and mdxfind is a useful way to see why.
What is mdxfind?
mdxfind is better described as a hash search tool than a hash cracker in the hashcat sense. Hashcat takes one known algorithm and throws massive GPU parallelism at it. mdxfind takes a list of hashes and tests them against hundreds of algorithms at once, including many hashcat doesn’t support and many of the odd, nested constructions discussed above.
That design makes it the right tool for two situations in particular:
- Unknown or mixed hashtypes: A dump from a forum breach or a miscellaneous collection of leaks often contains hashes in formats you can’t identify by inspection. mdxfind will churn through its catalog and tell you what each one is.
- CPU-friendly and exotic algorithms: mdxfind does have OpenCL acceleration for some salted hashtypes, but it mainly covers algorithms that are awkward or unsupported on GPU, leaving the GPU-friendly heavyweights to hashcat. The two tools complement each other rather than compete.
This is also why mdxfind shows up in password cracking competitions and on platforms like hashmob.net, where unmarked or unusually constructed hashes are the point. Organizers will sometimes deliberately use nested algorithms to push competitors toward mdxfind, or toward writing their own hashcat kernels.
One caveat on versions: mdxfind is under active development and releases are frequent. The commands and behavior described here reflect v1.249, built on 31 March 2026.
A worked example: the “annoying” hashtype
To show what this looks like in practice, consider a deliberately obnoxious construction, the kind a competition organizer might use to force competitors into using tools like mdxfind:
def process_line(line):
bytes = line.strip().encode()
for x in range(6):
bytes = hashlib.md5(hashlib.sha1(bytes).hexdigest().encode()).hexdigest().encode()
return bytes.decode()To the eye, the output looks like MD5 (32 hex characters) and most identification tools won’t get you further than that. mdxfind has no such trouble:
mdxfind -h 'ALL' -h '!salt,!user' -f hashes.txt rockyou.txtRather than writing to a potfile as hashcat does, mdxfind writes cracks to stdout, which you can pipe to a file and split out later with mdsplit.
The -h flags are additive and accept boolean operators, which is where a lot of mdxfind’s practical power lives. The command above tells it to:
- try every algorithm it knows (ALL)
- exclude salted hashtypes (!salt)
- exclude hashtypes that incorporate usernames (!user)
Combining these lets you pare the search space down to whatever subset you have reason to believe applies, rather than burning cycles on algorithms you know aren’t in play.
Mixed dumps and the rules engine
Because mdxfind works by searching across algorithms rather than targeting one, it’s perfectly happy with a file that contains several hash types mixed together. Drop a batch of MD5SHA1MD5SHA1MD5x01 hashes into the same file as a a batch of MD4UTF16MD5x01, and mdxfind will identify each as it cracks.
For handling salts and usernames, the relevant switches are:
- -f: hash file (as in the example above)
- -F: hash file where each line is in hash:salt format
- -s: separate salts file
- -u: usernames file
So if your hashes are known to be in hash:salt form:
mdxfind -h 'ALL' -h '!user' -F hashes.txt rockyou.txtmdxfind also has a rules engine in the hascat mould, for generating password candidates from a wordlist:
mdxfind -h 'ALL' -h '!salt,!user' -f hashes.txt rockyou.txt -r OneRuletoRuleThemStill.ruleThe candidate space grows fast (you’re applying rules across hundreds of algorithms rather than one) but when you don’t yet know the hashtype, that’s the price of admission.
Finally, if you do know the algorithm, mdxfind accepts hashcat-style mode numbers via -m, so you can run a targeted rule-based attack on a single hashtype. For instance, plain MD5 (hashcat mode 0):
mdxfind -m 0 -f hashes.txt rockyou.txt -r rules.ruleFor most single-algorithm work you’d hand this off to hashcat, but for salted algorithms in mdxfind’s wheelhouse it can be the faster choice.
Why this matters for defenders
The reason to pay attention to mdxfind isn’t that it’s exotic. It’s that its existence refutes a specific defensive assumption that still shows up in production systems. A chain of fast general-purpose hashes remains cheap to crack whether or not the attacker knows the chain, because tools like mdxfind will try the plausible chains for them.
Previous Specops research into sha256 and bcrypt has shown that the real determinant of how hard a hash is to crack is the entropy of the underlying password, not the novelty of the wrapper around it. A cracker doesn’t attack the layers individually; they compute the full chain on each password candidate and compare the result. If the construction is deterministic and unsalted, which home-grown chains usually are, the attacker just needs to know, or guess, the recipe. That’s exactly what mdxfind is built to do.
In addition, knowing the algorithm doesn’t meaningfully change how hard a well-chosen modern hash is to attack. A properly configured argon2 or bcrypt deployment remains expensive to crack whether or not the attacker knows which one you used, because the cost is baked into the algorithm itself.
If you’re reviewing password storage, your own or a vendor’s, the practical takeaway is short: use argon2 or bcrypt with sensible parameters, and don’t try to out-clever the cryptographers. Obscurity is not a substitute for a work factor.
How Specops can help
The defender’s side of this equation has two parts:
- Keeping high-entropy passwords in your environment in the first place.
- Making sure the ones you already have aren’t sitting in a breach corpus somewhere.
Specops Password Auditor is a free, read-only tool that scans your Active Directory for compromised, identical, expired, and blank passwords, and returns an interactive report you can act on. It’s a fast way to see where your exposure sits before deciding what to do about it.
There are also a number of measures that increase protection against password hash cracking attempts, including:
- Setting high minimum password length (such as 15 characters or more) or enabling passphrases.
- Enforcing multiple character classes, with an optimal scenario of upper, lower, digits and special characters.
- Implementing a custom dictionary of blocked words relevant to your organization, such as product names.
- Scanning against a breached password database to identity compromised credentials before attackers can use them.
Specops Password Policy gives teams the ability to continuously protect against the latest identity security threats. If you’re interested in seeing how Specops can help support your security strategy, contact us today or book a demo to see our solutions in action.
Last updated on May 12, 2026