php passwords encrypted with md5

[raymyster]

Hello,

 

do you know how to decrypt php passwords encrypted with md5?!

 

P.S.: we know the key

 

thanks for your help, Regards!

[peranha]

md5 is one way encryption.  There are rainbow tables out there, but if a salt is being used, they are kind of useless.

[wildteen88]

not you cannot decrpty md5 hashes. md5 is a one way encryption. In order to decrypt the hash you'll need to use brute force or a dictionary attack which will take log time to do.

 

Why do want to decrypt a password? Is to retrieve the orginal password if the user has forgotten it? I do not recommend this method. Instead what you should do is reset the password to a random one and provide the new password to the user. There are many tutorials out there which shows how to create random passwords

[marcusfaye87]

Yes and there is no real use to it.

 

but You could try typing every possible password, convert those to MD5 and running a search to which converted password maches your found MD5 password.

 

So in conclusion, long long time

[runnerjp]

its very very hard to convert back... otherwise what would be the point in using it

[maxudaskin]

I have seen it done...

 

http://www.md5oogle.com/

 

Put c321da05a0593d465ffe67159f41def6 in.

[GingerRobot]

its very very hard to convert back... otherwise what would be the point in using it

 

Well, actually its impossible to convert back, since it's not an encryption, but rather a hash. Yes, you can (sometimes) gain the original text through the use of rainbow tables, but that's not quite the same thing.

[marcusfaye87]

Well it has to use some algorithm, so it should be possible to convert back, just find the algorith (not easy to do lol)

[--ss--]

Nope there isn't but you could use external sites like md5decrypter.com and the millions of others out there to do it for you.

The way they basically do it is by having tables with common words (i'm talking about millions) and their equivalent md5 code that has already been encrypted. To let others crack their md5 they let people search for their string in the database and if it finds the match of the md5 string it will give you the pre inserted word.

That method only works on common passwords that don't use symbols and such .

[marcusfaye87]

There must be some way to get the password back....

 

I mean, it converts it somehow.... everything is reversable, else I don't see logic in it.

you can't NOT get it back imo.

 

The way how just isn't found yet?

[peranha]

http://en.wikipedia.org/wiki/MD5

 

you can read that, there are algorithms there, so if you want to figure out how to unhash it, go ahead.

[marcusfaye87]

Nah not my kind of pass-time, but somebody will already have done it somewhere I guess

[rarebit]

However if you did find a datablock which did hash to the same, it doesn't actually mean that it is what was used originally. This is the underlying principle to either freenet or usenet...

 

err, there were weaknesses proved in the 2nd or 3rd round of md4, which was why md5 was developed, basically it cascades sooner and there are less collisions...