Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
blueimp-md5
Advanced tools
JavaScript MD5 implementation. Compatible with server-side environments like Node.js, module loaders like RequireJS, Browserify or webpack and all web browsers.
The blueimp-md5 package is a JavaScript function for hashing messages with MD5. It is commonly used to create 128-bit hash values from strings. The package can be used both in browser environments and in Node.js applications, making it versatile for various web development needs.
MD5 Hashing
This feature allows the user to generate an MD5 hash from a given string. It is useful for creating unique identifiers or checksums from large volumes of data.
const md5 = require('blueimp-md5');
const hash = md5('Hello World');
console.log(hash); // Outputs MD5 hash of 'Hello World'
MD5 Hashing with a Key
This feature enhances the basic hashing functionality by allowing a key (or salt) to be included in the hash process. This is particularly useful for creating more secure hashes by adding an additional layer of complexity.
const md5 = require('blueimp-md5');
const hash = md5('Hello World', 'secretKey');
console.log(hash); // Outputs MD5 hash of 'Hello World' using 'secretKey' as the salt
MD5 Hashing with Raw Output
This feature allows the user to obtain the raw binary output of the MD5 hash, rather than the default hexadecimal string. This might be useful in scenarios where binary data is required for further processing.
const md5 = require('blueimp-md5');
const hash = md5('Hello World', null, true);
console.log(hash); // Outputs raw binary format of MD5 hash
Crypto-js is a collection of cryptography algorithms implemented in JavaScript. Like blueimp-md5, it supports MD5 hashing, but it also includes a wider range of cryptographic functions such as SHA-1, SHA-256, and AES. This makes crypto-js more versatile if you need more than just MD5 hashing.
The md5 package is another simple implementation of the MD5 hashing algorithm. It is very similar to blueimp-md5 in functionality and usage. However, blueimp-md5 offers additional features like key-based hashing and raw output, which are not available in the md5 package.
JavaScript MD5 implementation.
Compatible with server-side environments like Node.js,
module loaders like RequireJS or
webpack and all web browsers.
Install the blueimp-md5 package with NPM:
npm install blueimp-md5
Include the (minified) JavaScript MD5 script in your HTML markup:
<script src="js/md5.min.js"></script>
In your application code, calculate the (hex-encoded) MD5 hash of a string by calling the md5 method with the string as argument:
var hash = md5('value') // "2063c1608d6e0baf80249c42e2be5804"
The following is an example how to use the JavaScript MD5 module on the server-side with Node.js.
Install the blueimp-md5 package with NPM:
npm install blueimp-md5
Add a file server.js with the following content:
require('http')
.createServer(function (req, res) {
// The md5 module exports the md5() function:
var md5 = require('./md5'),
// Use the following version if you installed the package with npm:
// var md5 = require("blueimp-md5"),
url = require('url'),
query = url.parse(req.url).query
res.writeHead(200, { 'Content-Type': 'text/plain' })
// Calculate and print the MD5 hash of the url query:
res.end(md5(query))
})
.listen(8080, 'localhost')
console.log('Server running at http://localhost:8080/')
Run the application with the following command:
node server.js
The JavaScript MD5 script has zero dependencies.
Calculate the (hex-encoded) MD5 hash of a given string value:
var hash = md5('value') // "2063c1608d6e0baf80249c42e2be5804"
Calculate the (hex-encoded) HMAC-MD5 hash of a given string value and key:
var hash = md5('value', 'key') // "01433efd5f16327ea4b31144572c67f6"
Calculate the raw MD5 hash of a given string value:
var hash = md5('value', null, true)
Calculate the raw HMAC-MD5 hash of a given string value and key:
var hash = md5('value', 'key', true)
The JavaScript MD5 project comes with
Unit Tests.
There are two different ways to run the tests:
npm test
in the Terminal in the root path of the repository package.The first one tests the browser integration, the second one the Node.js integration.
The JavaScript MD5 script is released under the MIT license.
FAQs
JavaScript MD5 implementation. Compatible with server-side environments like Node.js, module loaders like RequireJS, Browserify or webpack and all web browsers.
The npm package blueimp-md5 receives a total of 1,216,643 weekly downloads. As such, blueimp-md5 popularity was classified as popular.
We found that blueimp-md5 demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.