[SOLVED] Password decryption

Xoom3r · May 5, 2008

Hey there, I have a forum and I also have a suspect on a spamming issue.

So i checked my MySQL tables I reached the password field and its encrypted.

Can anyone tell me how to decrypt this password? (or at least, decrypt if you can)

9ac01a2ef71f6eab14b18b41e1ebeee6

trq · May 5, 2008

That looks like an md5 hash. md5 can not be undone I'm afraid.

Xoom3r · May 5, 2008

Uh No! D:

Xoom3r · May 5, 2008

Wait! but then.. how does vBulletin reads it?

peranha · May 5, 2008

It hashes what you put in, and compares that to a database.

trq · May 5, 2008

Wait! but then.. how does vBulletin reads it?

It never needs to. md5 hashes can very simply be compared. eg;

<?php

  $hash_stored_in_db = '9ac01a2ef71f6eab14b18b41e1ebeee6'; // <-- a hash to compare against.
  $password = $_POST['password']; // <-- password entered by user.
  if (md5($password) == $hash_stored_in_db) {
    echo "Match";
  } else {
    echo "Fail";
  }

?>

Hooker · May 7, 2008

If you've got a few spare years you could try to bruteforce it

beansandsausages · May 7, 2008

Wait! but then.. how does vBulletin reads it?

It never needs to. md5 hashes can very simply be compared. eg;

<?php

 $hash_stored_in_db = '9ac01a2ef71f6eab14b18b41e1ebeee6'; // <-- a hash to compare against.
 $password = $_POST['password']; // <-- password entered by user.
 if (md5($password) == $hash_stored_in_db) {
   echo "Match";
 } else {
   echo "Fail";
 }

?>

So does the same combanation always give the same md5 password,

Example :

chris = 6b34fe24ac2ff8103f6fce1f0da2ef57 in md5 so is there a chance that chris could equal a diffrent combnation of letters?

For instance would chris never equal some thing diffrent from the 6b34fe24ac2ff8103f6fce1f0da2ef57?

PFMaBiSmAd · May 7, 2008

So does the same combination always give the same md5 password

That is an odd question to ask. If the same starting value did not produce the same result, the function would be useless.

beansandsausages · May 7, 2008

That is an odd question to ask. If the same starting value did not produce the same result, the function would be useless.

Yeah i guess so, But i just wanted to know does every word, number have its own unique md5 hass, like chris in md5 wouldnt also be the same as Chris?

PFMaBiSmAd · May 7, 2008

You are actually asking two different questions -

So does the same combination always give the same md5 password

is not the same as

does every word, number have its own unique md5 hash

The answer to the first question is yes. chris and Chris will give different results (try it.)

The answer to the second question is no. There are a finite number of different md5 values and different inputs produce the same md5. This is why it is possible using table lookups to find a starting value that can be entered that will work when the code is not using a "salt" string. Search for "md5 salt" if you want to know what that means.

beansandsausages · May 7, 2008

Thank you, Sorry took so long to get the answer, Im not so good at asking questions haha,

Sign In

[SOLVED] Password decryption

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Join the conversation

Important Information