how to decrypt password from database?

  • (3 Pages)
  • +
  • 1
  • 2
  • 3

31 Replies - 40491 Views - Last Post: 05 March 2012 - 09:01 AM Rate Topic: -----

#1 alej  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 9
  • Joined: 28-August 11

how to decrypt password from database?

Posted 20 February 2012 - 11:11 AM

How to decrypt the encrypted password from the database??
Is This A Good Question/Topic? 0
  • +

Replies To: how to decrypt password from database?

#2 CTphpnwb  Icon User is offline

  • D.I.C Lover
  • member icon

Reputation: 2910
  • View blog
  • Posts: 10,078
  • Joined: 08-August 08

Re: how to decrypt password from database?

Posted 20 February 2012 - 11:20 AM

The point of hashing is to try to make that impossible. That's part of why passwords are normally reset and not sent to the user.
Was This Post Helpful? 3
  • +
  • -

#3 Dormilich  Icon User is offline

  • 痛覚残留
  • member icon

Reputation: 3512
  • View blog
  • Posts: 10,136
  • Joined: 08-June 10

Re: how to decrypt password from database?

Posted 20 February 2012 - 11:21 AM

based on the information given … with the decryption key and the matching decryption algorithm (i.e. if you used AES_ENCRYPT, you need to use AES_DECRYPT).

if you have hashed the passwords (MD5, SHA1, etc.) then there is no way as these are not encryption functions (you could call them one-way encryption functions, though)

This post has been edited by Dormilich: 20 February 2012 - 11:22 AM

Was This Post Helpful? 4
  • +
  • -

#4 hockey97  Icon User is offline

  • D.I.C Regular

Reputation: -77
  • View blog
  • Posts: 300
  • Joined: 25-September 08

Re: how to decrypt password from database?

Posted 22 February 2012 - 04:50 PM

View PostDormilich, on 20 February 2012 - 12:21 PM, said:

based on the information given … with the decryption key and the matching decryption algorithm (i.e. if you used AES_ENCRYPT, you need to use AES_DECRYPT).

if you have hashed the passwords (MD5, SHA1, etc.) then there is no way as these are not encryption functions (you could call them one-way encryption functions, though)


Their is no such thing as a one-way encryption. Hackers already have tools that decrypt MD5's by itself. That is why most now would salt their MD5's hashes. It's to make it harder for the hackers to decrypt those passwords.

TO decrypt anything you need to know the algorithm of the encryption that is used. You need to know how such data is encrypted how the encryption works. Then all you do is do the same but in reverse.

for example:

your have the number 60 inputted from the user.

60 then we do +5.. +25. *4 /20 we will have 18.

so in the database we would have the number 18.

so the user can login with the number 60 and it will generate 18 and compare that 18 in the database. If true login else false display error message.

now if your a hacker or trying to decrypt it.

you would do this:

you grab value from database which is 18.

so 18 *20 /4 -25 -5 = 60

This is a very simple way to decrypt anything from a databse.

It's the simple concept. Instead of strict math you need to know how that scramble of letters and numbers are arrange or created.

This is called an algorithm. a formula that does the work.

The first part where we took 60 and then made it equal 18 that is called encryption.

decryption would be the second part where we took 18 and turned it back to 60. In math teleology.

we took the result and reversed the process to get the original input or variable or factor.
Was This Post Helpful? -11
  • +
  • -

#5 Dormilich  Icon User is offline

  • 痛覚残留
  • member icon

Reputation: 3512
  • View blog
  • Posts: 10,136
  • Joined: 08-June 10

Re: how to decrypt password from database?

Posted 22 February 2012 - 10:20 PM

don’t mistake hash collisions for decryption.

and the example you have would rather go as encryption than hashing.
Was This Post Helpful? 2
  • +
  • -

#6 no2pencil  Icon User is online

  • Toubabo Koomi
  • member icon

Reputation: 5226
  • View blog
  • Posts: 27,000
  • Joined: 10-May 07

Re: how to decrypt password from database?

Posted 22 February 2012 - 10:26 PM

*
POPULAR

View Posthockey97, on 22 February 2012 - 06:50 PM, said:

View PostDormilich, on 20 February 2012 - 12:21 PM, said:

based on the information given … with the decryption key and the matching decryption algorithm (i.e. if you used AES_ENCRYPT, you need to use AES_DECRYPT).

if you have hashed the passwords (MD5, SHA1, etc.) then there is no way as these are not encryption functions (you could call them one-way encryption functions, though)


Their is no such thing as a one-way encryption. Hackers already have tools that decrypt MD5's by itself. That is why most now would salt their MD5's hashes. It's to make it harder for the hackers to decrypt those passwords.

Uhg. You are missing one huge technical point. MD5 is not encryption.

Case in point. You can encrypt a file so that it is not readable. You transfer the file, the receiver can then decrypt it & now have the original, unchanged file. You can MD5 a file, you get a 32 bit hash. It simply is not possible to un-md5 the 32bit hash & have the original file. So why would one want to do this with strings? Yes MD5 can be broken, that is not the question. Point being it isn't encryption. Its' a 32bit string representation of what was passed into it. You can MD5 passwords, you can MD5 paragraphs, you can MD5 files. MD5 is not designed to be a 2 way process. It is designed to be one way & that's why it's replied as such that Dormilich did. Completely correct.
Was This Post Helpful? 5
  • +
  • -

#7 hockey97  Icon User is offline

  • D.I.C Regular

Reputation: -77
  • View blog
  • Posts: 300
  • Joined: 25-September 08

Re: how to decrypt password from database?

Posted 24 February 2012 - 02:00 PM

View Postno2pencil, on 22 February 2012 - 11:26 PM, said:

View Posthockey97, on 22 February 2012 - 06:50 PM, said:

View PostDormilich, on 20 February 2012 - 12:21 PM, said:

based on the information given … with the decryption key and the matching decryption algorithm (i.e. if you used AES_ENCRYPT, you need to use AES_DECRYPT).

if you have hashed the passwords (MD5, SHA1, etc.) then there is no way as these are not encryption functions (you could call them one-way encryption functions, though)


Their is no such thing as a one-way encryption. Hackers already have tools that decrypt MD5's by itself. That is why most now would salt their MD5's hashes. It's to make it harder for the hackers to decrypt those passwords.

Uhg. You are missing one huge technical point. MD5 is not encryption.

Case in point. You can encrypt a file so that it is not readable. You transfer the file, the receiver can then decrypt it & now have the original, unchanged file. You can MD5 a file, you get a 32 bit hash. It simply is not possible to un-md5 the 32bit hash & have the original file. So why would one want to do this with strings? Yes MD5 can be broken, that is not the question. Point being it isn't encryption. Its' a 32bit string representation of what was passed into it. You can MD5 passwords, you can MD5 paragraphs, you can MD5 files. MD5 is not designed to be a 2 way process. It is designed to be one way & that's why it's replied as such that Dormilich did. Completely correct.


No, it's encryption. You can ask anyone. You just admitted it's encryption. You said it yourself. It's a 32bit string representation. what do you think encryption means? It don't matter if it's a file or a string and yes MD5 is one way. Yet, their been russian hackers that was able to reverse the algorithm.

If you google around the word MD5 you will see encryption by it's name. It's all over... so why say it's not encryption?

http://www.exodus3000.com/tools/md5/


MD5 is an cryptic algorithm. It takes a string and then hashes it. The spits out a 128-bit hash or a 32-character hexadecimal number whichever you prefer to call it.

Their are many tools online that takes that MD5 hash and then figures out what string was passed to it by reversing the algorithm processes.

Yet, your wrong. MD5 dosen't generate a 32-bit has it generates a 128-bit hash but uses a 32-bit hexadecimal number.

what do you think your doing with the file when you encrypt it? Your hashing the file. Then when you decrypting it...your unhashing the file to it's original. It don't matter weather this is a file, a signal, a password...aka a string, numbers. It don't matter. The process is the same in concept.

This post has been edited by hockey97: 24 February 2012 - 02:12 PM

Was This Post Helpful? -8
  • +
  • -

#8 no2pencil  Icon User is online

  • Toubabo Koomi
  • member icon

Reputation: 5226
  • View blog
  • Posts: 27,000
  • Joined: 10-May 07

Re: how to decrypt password from database?

Posted 24 February 2012 - 02:32 PM

View Posthockey97, on 24 February 2012 - 04:00 PM, said:

No, it's encryption.

Fine. I'll never post on this site again if you can show me how to MD5 a file, transfer the encrypted output, & decrypt it back to it's original format. Thus provided the end user with a safe means of transferring an encrypted file.
Was This Post Helpful? 1
  • +
  • -

#9 E_Geek  Icon User is offline

  • D.I.C Head
  • member icon

Reputation: 45
  • View blog
  • Posts: 236
  • Joined: 20-February 11

Re: how to decrypt password from database?

Posted 24 February 2012 - 02:39 PM

Alej, Maybe this could help you, Authentication Clash Using Hashing
Was This Post Helpful? 0
  • +
  • -

#10 CTphpnwb  Icon User is offline

  • D.I.C Lover
  • member icon

Reputation: 2910
  • View blog
  • Posts: 10,078
  • Joined: 08-August 08

Re: how to decrypt password from database?

Posted 24 February 2012 - 03:05 PM

View Posthockey97, on 24 February 2012 - 05:00 PM, said:

No, it's encryption. You can ask anyone. You just admitted it's encryption. You said it yourself. It's a 32bit string representation. what do you think encryption means? It don't matter if it's a file or a string and yes MD5 is one way. Yet, their been russian hackers that was able to reverse the algorithm.

No, you just admitted that it's not encryption. Encryption is not one way! Finding a way to reverse a hash doesn't make it encryption because the method for reversing a hash depends on looking up known values for the hash and not an algorithm. That's not decrypting.

http://en.wikipedia....i/Hash_function
http://en.wikipedia....wiki/Encryption
Was This Post Helpful? 0
  • +
  • -

#11 modi123_1  Icon User is online

  • Suitor #2
  • member icon



Reputation: 9048
  • View blog
  • Posts: 33,970
  • Joined: 12-June 08

Re: how to decrypt password from database?

Posted 24 February 2012 - 03:21 PM

To be ultimately clear - what is trying to be said is hashing has the ability to take different input and the function generates the same output. That's collision. Collision can't occur with encryption else the integrity of data is lost.

To borrow an image from wikipedia - this is collision.

Attached Image
https://en.wikipedia...i/Hash_function

Think of this as a list of spies. If you hashed it then "cracked" that hash there is a good chance you will have two entries for one name instead of two distinct names. You would still have a spy running loose! With an encrypted file collisions do not exist.

Specifically this all addresses one of the security triads: confidentiality, integrity, and availability. Hashing fails on integrity *since* collisions exist.


In the end it's cool dude. Chillax. You have no idea how many people confuse the two. There's no reason to dig in and throw a fit. It's like 'Schrodinger's Cat'... people get that confused all the time too but it's cool.


Was This Post Helpful? 1
  • +
  • -

#12 no2pencil  Icon User is online

  • Toubabo Koomi
  • member icon

Reputation: 5226
  • View blog
  • Posts: 27,000
  • Joined: 10-May 07

Re: how to decrypt password from database?

Posted 24 February 2012 - 03:44 PM

View Postmodi123_1, on 24 February 2012 - 05:21 PM, said:

It's like 'Schrodinger's Cat'...

Bazinga!
Was This Post Helpful? 0
  • +
  • -

#13 hockey97  Icon User is offline

  • D.I.C Regular

Reputation: -77
  • View blog
  • Posts: 300
  • Joined: 25-September 08

Re: how to decrypt password from database?

Posted 24 February 2012 - 03:46 PM

View Postno2pencil, on 24 February 2012 - 03:32 PM, said:

View Posthockey97, on 24 February 2012 - 04:00 PM, said:

No, it's encryption.

Fine. I'll never post on this site again if you can show me how to MD5 a file, transfer the encrypted output, & decrypt it back to it's original format. Thus provided the end user with a safe means of transferring an encrypted file.



yes, It can it's been proven for a while now. I am not going to show you the process. I don't feel like wasting too much time one people that fight or verbally attack someone that knows something more then what they know. Keep using plain MD5 hashes. Hackers will have fun with you. Do a google search and you will find many that tell you to salt your MD5 passwords because using just plain MD5 to hash a file, a string etc isn't safe because it can easily be decryption.

I could careless if you still come to this website or not. Go google search for tools that will generate a plain md5 hash and then find a plain md5 decrypter. You will then see you can easily encrypt passwords in MD5 and the easily decryption them back to the original text value. That is why it's common practice to salt your passwords because by default MD5's are easy to decrypt. It used to be a one way encryption but not for a long time. In 2006 russian hackers decrypted it. So, now if you know how too you can encrypt with MD5 and then decrypt the MD5 back to the original. This been known for a long time. Yet, most don't know this and just thing the programmers books are still accurate that it's still a one way encryption.

What I was saying that their is no such thing as one way encryption. If you know how the algorithm works you can reverse the process to get the original. You seem to know know how encryption and deceptions actually work.
If you did then you would know that no encryption is a one way encryption. It can always be reversed at some point.
It just that MD5 was designed and created as a one-way encryption. Yet, that was changed by those Russian hackers in 2006. That is why they now tell you that it be smart to salt your MD5 hashes.
Was This Post Helpful? -3
  • +
  • -

#14 no2pencil  Icon User is online

  • Toubabo Koomi
  • member icon

Reputation: 5226
  • View blog
  • Posts: 27,000
  • Joined: 10-May 07

Re: how to decrypt password from database?

Posted 24 February 2012 - 03:53 PM

*
POPULAR

View Posthockey97, on 24 February 2012 - 05:46 PM, said:

What I was saying that their is no such thing as one way encryption.

Yes, that's what you said & it's blatantly wrong. Well, your correct that there is no such thing as one way encryption. That's why MD5 isn't encryption, it's a hash value.

MD5 is designed to be one way. You pass something to an MD5 function & you get a 32 character code. A hash. A checksum. A value. MD5 is not designed to revert that hash back to the orignal.

Yes, hackers have broken MD5 & they can brute force the value. I never said it was secure, in fact I stated that it's able to be broken, to be cracked. But it wasn't designed to be used for two way functionality.

Your defending one idea with another solution. MD5 is not encryption, because it isn't designed & not feasibly usable as a two way comparison. You store a hash, you compare the hashes. It isn't encrypted data. That's a fact.

View Posthockey97, on 24 February 2012 - 05:46 PM, said:

View Postno2pencil, on 24 February 2012 - 03:32 PM, said:

View Posthockey97, on 24 February 2012 - 04:00 PM, said:

No, it's encryption.

Fine. I'll never post on this site again if you can show me how to MD5 a file, transfer the encrypted output, & decrypt it back to it's original format. Thus provided the end user with a safe means of transferring an encrypted file.



yes, It can it's been proven for a while now.


You can not revert an MD5 hash from a file back into a file. That's not how the technology works. You can crack an MD5 hash back into text, but it is simply not possible to turn 32 characters into a file. It would be the best damn compression anyone has ever seen.

One can take a 650mb iso file of a cdrom, one can take a 4gb iso file of a DVD, hell, I could make a dd binary file of a 2 tb hard drive, & pass that file through MD5 to get a hash value. There is no way of reverting that MD5 hash back into my original file.
Was This Post Helpful? 6
  • +
  • -

#15 hockey97  Icon User is offline

  • D.I.C Regular

Reputation: -77
  • View blog
  • Posts: 300
  • Joined: 25-September 08

Re: how to decrypt password from database?

Posted 24 February 2012 - 04:25 PM

View Postno2pencil, on 24 February 2012 - 04:53 PM, said:

View Posthockey97, on 24 February 2012 - 05:46 PM, said:

What I was saying that their is no such thing as one way encryption.

Yes, that's what you said & it's blatantly wrong. Well, your correct that there is no such thing as one way encryption. That's why MD5 isn't encryption, it's a hash value.

MD5 is designed to be one way. You pass something to an MD5 function & you get a 32 character code. A hash. A checksum. A value. MD5 is not designed to revert that hash back to the orignal.

Yes, hackers have broken MD5 & they can brute force the value. I never said it was secure, in fact I stated that it's able to be broken, to be cracked. But it wasn't designed to be used for two way functionality.

Your defending one idea with another solution. MD5 is not encryption, because it isn't designed & not feasibly usable as a two way comparison. You store a hash, you compare the hashes. It isn't encrypted data. That's a fact.

View Posthockey97, on 24 February 2012 - 05:46 PM, said:

View Postno2pencil, on 24 February 2012 - 03:32 PM, said:

View Posthockey97, on 24 February 2012 - 04:00 PM, said:

No, it's encryption.

Fine. I'll never post on this site again if you can show me how to MD5 a file, transfer the encrypted output, & decrypt it back to it's original format. Thus provided the end user with a safe means of transferring an encrypted file.



yes, It can it's been proven for a while now.


You can not revert an MD5 hash from a file back into a file. That's not how the technology works. You can crack an MD5 hash back into text, but it is simply not possible to turn 32 characters into a file. It would be the best damn compression anyone has ever seen.

One can take a 650mb iso file of a cdrom, one can take a 4gb iso file of a DVD, hell, I could make a dd binary file of a 2 tb hard drive, & pass that file through MD5 to get a hash value. There is no way of reverting that MD5 hash back into my original file.


Well then tell that to the hackers. Because from what I was told from the hacker world that 2 russian hackers reversed engineered MD5 algorithm. Not using the method to compute the hashes and then compare them. They actually can take a MD5 hash and reverse the process to get the original content. I know MD5 wasn't engineered to be a two-way process. I just told you hackers were able to reverse the process. Their are bunch of tools online that you can download and ever some websites mainly hacker websites that have online tools. You will find most online that aren't hackers they will generate the Hash via MD5 and then compare that hash with another hash. Basically if you have a MD5 hash you can then take that hash and then compare them to other MD5 hashes in the database.

Like I said their is no true one way encryption. Anything mathematical can be reversed. MD5 was designed to be a one way encryption. I just told you that hackers mainly 2 hackers were able to reverse engineer the algorithm and they can actually take a MD5 hash and reverse.

If you think I am dead wrong or think that it's possible to use a math formula that can't be reversed then go tell them off. I just shared what I heard and know today. That is why I never use MD5 by itself. It's not secure. If you know how to reverse the process you then get a two way process. You can encrypt and decrypt. I never said that with MD5 it was engineered to be decryption. It's considered to be a one-way encryption.
Was This Post Helpful? -5
  • +
  • -

  • (3 Pages)
  • +
  • 1
  • 2
  • 3