Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Md5 hash encryption and decryption

Tags:

php

md5

I have a confusion regarding md5. I know that we cannot decrypt MD5 without attempting something like brute force hacking which is extremely tough. Now, For one md5 hash i visit this website. MD5Online For curiosity i decrypt that encrypted password to and i got the decrypted password. Then i tried 4-5 password which are previously stored in my database and this site decrypted all of them.

Then i tried with below code.

<?php
        $password = 'cool@123@!';
        $secure_md5password = md5($password);
        echo $secure_md5password;
?>

i got this md5 hash : 6234c13c3e1b965dbdd32d604151bd1b

I tried this hash in decryption of this site and i got 'cool@123@!'. I tried with other toughest passwords also.

So now i'm confuse about md5 algorithm. Is that website doing brute force or any thing and can we use any code in php which that site is using. I visit these links for answer but i can't find the answer. 1).encrypt-and-decrypt-md5 2).is-md5-decryption-possible 3).how-to-decrypt-an-md5-string-in-php

like image 331
Bhavin Avatar asked Dec 03 '22 14:12

Bhavin

2 Answers

MD5 has been proven to be a weak algorithm. As all your 'passwords' are basic, the website has already stored each password with a hash that was cracked long ago.

You cannot decrypt a hash, but you can brute-force and find out what it is.

Read more here: https://en.wikipedia.org/wiki/MD5

and

here: https://security.stackexchange.com/questions/19906/is-md5-considered-insecure

EDIT: Saw that you updated your question.

Assuming that you were to have a complex password of 'ajfn3inf' and you were to hash it. Running a md5 cracker will be easy to unhash it due to it's relatively short length and the power of GPU's to crack a hash. Read the links above to understand more about MD5.

like image 184
Ctc Avatar answered Dec 28 '22 19:12

Ctc

That website is probably using rainbow tables.

Information about this topic: https://en.wikipedia.org/wiki/Rainbow_table

Simple said: if they ever brute forced a hash, they'll save the hash and the password in a table. When someone enters a hash, they'll search the table and retrieve the unhashed value.

like image 39
Blaatpraat Avatar answered Dec 28 '22 18:12

Blaatpraat
Sign in to Comment

Related questions

Woocommerce custom user input fields [closed]
Getting File Name without Extension [duplicate]
Can We Restrict PHP Variables to accept only certain type of values
How can I add an item into a Laravel Eloquent Collection by index?
How to convert string with date and time AM/PM to 24 Hour mysql timestamp format
How to replace multiple values in php
track selecting and unselecting an option When updating a table
PDO bindParam() PHP Foreach Loop
yii2: Unable to determine the entry script file path - change PHP server environment from cgi to cli
Is it possible to change mysql DB encoding charset from within a laravel migration?
Cakephp 3 : Json render View not working
end(explode) Strict Standards: Only variables should be passed by reference in
Laravel check if image path string is image
Laravel 5 - ORM has() Relationship (Inverse - notHas)
WIll it be possible to run symfony 1.4 under PHP7?
Laravel string Localization in config files
PhpUnit inline DataProvider
'Rscript' is not recognized as an internal or external command, operable program or batch file
simple html dom failed to open stream for a site
How to create a where query for Json in mysql with key having a white space in between the name

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!