Jump to content

Recommended Posts

It depends on how it was encrypted.  There are what's known as one-way encryptions, not designed to be decrypted, there's things like md5 which can sometimes be broken using brute force tactics and there are some that are designed to be used to both encrypt and decrypt.

Regards
Huggie
  • 2 months later...
decrypy md5? how?

u r talking about the online scripts which have a database with a predefined number of md5 decrypted and if u r in luck for your pass to be in that db then u will have it decrypted?

or have u found a way to decrypt any md5? as far as i know, md5 cannot be decrypted
[quote author=ShogunWarrior link=topic=115877.msg521154#msg521154 date=1170592031]
[code]
you cant decrypt md5
[/code]

Let's agree to agree with that.

[/quote]
I would agree with that unless anyone paste some codes up that proofs md5 can be decoded.
Ted
md5 encryption can be decrypted however it is not easy to do - there is no set code/function available. You have to use brute force attacks in order to decrypt it - some hackers use so called dictionary attacks which basically means the hacker runs a programme that goes through every word in the dictionary to hack the encrypted password. To hack md5 encryption it requires lots of computing power.
Its not violent no - no ones comes to your home demanding your password.

It is a method which is used to go through a large number of known possibilities to creak a password/pass-phrase.

You can readup on brute force attacks and dictionary attacks over at wikipedia.com for more information.
[quote author=ted_chou12 link=topic=115877.msg521198#msg521198 date=1170595874]
I see, btw, the way you use "brute force" makes it sounds a bit violent to me, i dont know why, but it creates a sense of violence...
Ted
[/quote]It is a bit violent to the server being brute forced. Can be quite demanding on the CPU/Bandwidth if it's not protected against. It's very easy to just automatically ban anyone who tries it though.

Anyways if you want someone's password, ask them what their password is, and if they don't tell you then you aren't getting their password and are gonna just have to accept that.
md5 can be decrypted -well, if the password subject to decryption is within a database of previously encrypted passwords, eg

5d41402abc4b2a76b9719d911017c592 is md5 for hello, run this through http://www.md5decrypter.com/ and paste in the md5 hash and sure enough:

Results
Md5 Hash: 5d41402abc4b2a76b9719d911017c592
Normal Text: hello

the hash is always the same output, and depending that the word hasnt got any numbers in it you can bet it'll crackable.
nope, is not exactly a decrypter, do you see this:
[font=Verdana]We have a total of 498393 unique decrypted md5 hashes since December 2005.[/font]
they actually tested the code and stored it as info, but not running through a raw function.
Ted
logic wise, i dont believe you can encrypt/decrypt convert between these two very easily, because md5 always generate a string 32 characters long, so if you have some million thousands text essay or data base storage, you store it as md5 and when you want the info. recall it for decrypt, and you get the essay back again..., i dont think that is possible, since storage capacity will no longer be a problem in technology anymore, then every hard disk would store infinite files, but is that so?
so personally, md5 decrypt is not possible at all.
Ted
Md5 cannot be decrypted. Yes a brute force attack would work or even a dictionary attack but those attacks convert the words or combinations of letters and numbers into md5 and compare them to the original hash. According to cryptography a decryption is an actual reverse algorithm that can turn the hash back into its original form. If you post the encryption type you are using i might be able to help you decrypt it or something along the lines as long as its your property. Also those sites where you can compare the hash to others to find the original text are called rainbow tables. They are usually over 20gigs and can take over a year to generate.
A brute force attack is just randomly entering passwords over and over until you are lucky and enter the right one. You can't use an MD5 hash to find out what made it, because there are many different combinations that could make it. For example there might be 100 trillion possible passwords, and each MD5 could belong to like 1000 different passwords, there is no way to find out.

And the only possible purpose for wanting to decrypt MD5 is to crack people's passwords. And the only people that could possible have a legit reason to do that are the CIA, FBI, etc. Anyone else is just some script kiddie who wants to steal passwords, most likely to cause damage, although probably won't admit it.

Asking how to crack people's passwords is as bad if not worse then asking how to make and distribute a virus.

Why do people come onto these forums and ask for hacks and cracks and viruses? It's just plain sad.  :-\
[quote author=Azu link=topic=115877.msg522106#msg522106 date=1170712462]
because there are many different combinations that could make it.[/quote]

The whole point of hash functions(MD4,MD5,SHA1) is that any unique data input into it will create a unique hash.
I.E: Two different inputs _should_ never create the same hash. If it was the case the 1000 differents pasword had the same hash then how would you verify passwords?
[quote author=ShogunWarrior link=topic=115877.msg522114#msg522114 date=1170713024]
[quote author=Azu link=topic=115877.msg522106#msg522106 date=1170712462]
because there are many different combinations that could make it.[/quote]

The whole point of hash functions(MD4,MD5,SHA1) is that any unique data input into it will create a unique hash.
I.E: Two different inputs _should_ never create the same hash. If it was the case the 1000 differents pasword had the same hash then how would you verify passwords?
[/quote]

I think there is a lot of confusion and disinformation here. MD5 cannot be decrypted - never, no how, no way.

An MD5 hash creates a 32 character string consisting of letters and numbers. There are 26 letters plus 10 numbers which = 36. With 32 characters the total number of MD5 hashes possible is 26^32 (26 to the power of 32). That is a finite (albeit a very large) number of possible values of 170,141,183,460,469,231,731,687,303,715,884,105,728. But, you can create an MD5 has of an infinite number of values. So, there are some values that will create the exact same hash. These are referred to as collisions.

Now, the probability that someone types in a incorrect password and it passes an MD5 check because of a collision is so astronimical that it doesn't need to be considered. but, those collisions do exist.

The above reason is also why MD5 cannot "really" be cracked or decrypted. Because any one hash can have many different values that created it there is no way to really know what value was used to create the hash. But, because "most" values that are MD5 hashed are passwords or other small strings, there are MD5 lookup tables where common words and values have been identified with their MD5 hash.

Here is a sample MD5 lookup page: http://nz.md5.crysm.net/

If you were to enter the value (1f3870be274f6c49b3e31a0c6728957f) it will tell you that the value for the hash is "apple" because it would be the most logical choice even though there are many more values that could create that hash - although they probably aren't anything legible.

If you were to enter the hash (feb1808680d0d4f855b88981e88a0a97) it would tell you that it doesn't know what that is because I created it using the value "NsdJS#DFu^DSH(fUE".
[quote]
it will tell you that the value for the hash is "apple" because it would be the most logical choice even though there are many more values that could create that hash - although they probably aren't anything legible.
[/quote]

If there were any more than 1 value for a hash such as "1f3870be274f6c49b3e31a0c6728957f2" except for "apple" then it would be a collision and your statement here seems to indicate this is common.
[quote author=ShogunWarrior link=topic=115877.msg522149#msg522149 date=1170715620]
[quote]
it will tell you that the value for the hash is "apple" because it would be the most logical choice even though there are many more values that could create that hash - although they probably aren't anything legible.
[/quote]

If there were any more than 1 value for a hash such as "1f3870be274f6c49b3e31a0c6728957f2" except for "apple" then it would be a collision and your statement here seems to indicate this is common.
[/quote]

No, there are many different values for that hash. The reason it came up with "apple" is that that is the only value associated in that database with that hash. There are plenty of other values that would create that hash, but in all likelyhood they would not be anything that would make sense in any language and would probably be many, many characters long. I really don't have the time or processing power to spare to find a duplicate value for that hash, but I promise they do exist.

If you use simple logic it is evident that collisions would exist and that there is no 1-to-1 correspondence between a value and a hash. There are a finite number of hashes and there are an infinite number of values that can be used to create a hash. That is a fact. If that is the case there HAS to be collisions.
This site has more information and includes examples of values that can create the same MD5 hash. My favorite concerns to postscript files: one is a resume and one is a security clearance - both with the same MD5 hash.

http://www.mscs.dal.ca/~selinger/md5collision/
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.