Page 1 of 1

Encrypted?

Posted: Wed Jul 31, 2002 2:22 pm
by Dale
When a password gets entered into a database it gets encrypted but is there a way of converting it back to normal in its non-encrypted form?

Posted: Wed Jul 31, 2002 2:24 pm
by llimllib
what did you encrypt it with?

Posted: Wed Jul 31, 2002 2:36 pm
by Dale
On my old host i had a MySQL Database and one of them that was encrypted by the MySQL database is:
e066281913ab9e7bdcc9d8f5af3d35dd

Posted: Wed Jul 31, 2002 2:40 pm
by llimllib
at some point you have to tell the database what encryption scheme to use. they all generally produce output like that, so that doesn't tell me anything. You need to figure out what scheme you were using to determine if it is reversible or not.

Posted: Wed Jul 31, 2002 2:42 pm
by Dale
Does this help?

`userpassword` varchar(50) NOT NULL default

Posted: Wed Jul 31, 2002 2:55 pm
by llimllib
nope, all that means is that the field can handle 50 chars. you're looking for something like insert into users values(blah, blah, md5($pass)) - some reference to md5(), crypt(), mcrypt(), base64_encode() or something else along those lines.

Posted: Wed Jul 31, 2002 2:58 pm
by Dale
All i've got in the USER INFO table is this:

Code: Select all

CREATE TABLE `bb".$n."_user_table` (
  `userid` int(11) NOT NULL auto_increment,
  `username` varchar(30) NOT NULL default '',
  `userpassword` varchar(50) NOT NULL default '',
  `useremail` varchar(150) NOT NULL default '',
  `regemail` varchar(150) NOT NULL default '',
  `userposts` int(11) NOT NULL default '0',
  `groupid` int(7) NOT NULL default '0',
  `statusextra` varchar(25) default NULL,
  `regdate` int(11) NOT NULL default '0',
  `lastvisit` int(11) NOT NULL default '0',
  `lastactivity` int(11) NOT NULL default '0',
  `session_link` int(1) NOT NULL default '1',
  `signatur` text NOT NULL,
  `usericq` varchar(30) NOT NULL default '',
  `aim` varchar(30) NOT NULL default '',
  `yim` varchar(30) NOT NULL default '',
  `userhp` varchar(200) NOT NULL default '',
  `age_m` varchar(10) NOT NULL default '',
  `age_d` int(2) NOT NULL default '0',
  `age_y` int(4) NOT NULL default '0',
  `avatarid` int(11) NOT NULL default '0',
  `interests` varchar(250) NOT NULL default '',
  `location` varchar(250) NOT NULL default '',
  `work` varchar(250) NOT NULL default '',
  `gender` int(1) NOT NULL default '0',
  `usertext` text NOT NULL,
  `show_email_global` int(1) NOT NULL default '0',
  `mods_may_email` int(1) NOT NULL default '1',
  `users_may_email` int(1) NOT NULL default '1',
  `invisible` int(1) NOT NULL default '0',
  `hide_signature` int(1) NOT NULL default '0',
  `hide_userpic` int(1) NOT NULL default '0',
  `prunedays` int(4) NOT NULL default '0',
  `umaxposts` int(2) NOT NULL default '0',
  `bbcode` int(1) NOT NULL default '1',
  `style_set` int(11) NOT NULL default '0',
  `activation` int(10) NOT NULL default '0',
  `blocked` int(1) NOT NULL default '0',
  `warnings` int(2) NOT NULL default '0',
  `blockedbywarn` int(1) NOT NULL default '0',
  `instantm` int(1) NOT NULL default '1',
  PRIMARY KEY (`userid`)

Posted: Wed Jul 31, 2002 3:03 pm
by llimllib
It's not encrypted automatically upon insertion, so you're looking in the wrong place. Whoever inserts it has to encrypt it - so whatever program (person?) was inserting the passwords contains the code encrypting the password.

Posted: Wed Jul 31, 2002 4:10 pm
by twigletmac
It's likely (in a MySQL database) that the password was encrypted using MySQL's PASSWORD() function. This is a one way encrytion, you can't get the original string back, but because the same string is always encrypted in the same way you can compare another encrypted string to see if they're the same.

Mac

Posted: Wed Jul 31, 2002 4:12 pm
by RandomEngy
32 characters, 0-f, looks like they encrypted it with md5(), so you can't decrypt it then. Sorry.

Posted: Wed Jul 31, 2002 4:51 pm
by Dale
RandomEngy wrote:32 characters, 0-f, looks like they encrypted it with md5(), so you can't decrypt it then. Sorry.
Ok ;)