Link to home
Start Free TrialLog in
Avatar of whspider
whspider

asked on

How to Decrypt the password using php

hi,

I had 2 fields in my database table named  password and  password_salt.The field password had d5c673c787001acd21a550645242a741 value  and password_salt had BH3 using these two values how  i decrypt the password.

thanks
SOLUTION
Avatar of Beverley Portlock
Beverley Portlock
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of whspider
whspider

ASKER

thanks for your replay . i know that but the issue is that they are not using the MD5 method

 for example:

Tthe original password is ramani this name is encrypted and stored in the database  like dc49a7cc03ee39b6f5ae8c43510f8284 now i had the original password and encrypted value .I  just need what technics they used to encrypt the password.
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Cannot decrypt the MD5 values. Only overwrite the old password. use base64_encode and base64_decode functions. It might be helpful for you...
base64_encode is not needed with MD5() - the md5() function does not create information that needs to be encoded.
Also just because it says it is the password and salt in those database fields it doesn't mean it is. Paranoid people do paranoid things like putting fake data in fields that say password and salt. If you have the code where they are doing the password comparisons then you should know what the encryption method is, so if you are sure it isn't MD5 then what do you know it is?
as i said earlyer:

its technicaly impossible to decrypt an md5 hash. since decryption would require an encrypted string.

md5 is hashing not encryption.

a hash usualy has always the same length. if it doesnt it lacks of security.

you can easily put a 20000000000 char password into a 32 char md5 hash. this is technicaly possible.
but you cannot get 20000000000 chars out of 32 chars.

if you bruteforce this example you will find a string with less then 33 chars that also creates the same hash


i will say it again:

your goal that you want to achieve is technicaly impossible.
ok
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.