Page 1 of 1
encrypting with md5
Posted: Fri Jul 16, 2004 4:36 am
by pelegk2
i have few quesions :
1) is it possible at all to decrypt an md5 encryption? if yes then how?
2)can i encrypt using my own key?
thnaks in advance
peleg
Posted: Fri Jul 16, 2004 4:39 am
by feyd
1) yes, generally, brute force
2) there is no key, it's a hashing routine.
Posted: Fri Jul 16, 2004 5:04 am
by mikusan
MD5 - Hashing
RSA - Encryption
MD5 is often used to check differences between files. Take a file test.txt write 'hello' and then take text2 and write 'hellow' the md5 sum will be different. It's almost impossible to get 2 md5sums that are the same. Also you can use it to check passwords on a site, though it's only so that if you have people that can access your database cannot see the passwords in text, but only in hashes. That way you can protect your passes from your admin.
But passwords are still sent cleartext so you use SSL "encryption" which basically is a safe that you send to other people and only people that have the same keys to open it.
Yeah, in simple terms that's the diff.
Posted: Fri Jul 16, 2004 6:12 am
by ody
feyd wrote:1) yes, generally, brute force
2) there is no key, it's a hashing routine.
Its impossible to decrypt an md5 hash, its what is called a
one way hash, brute force however is the only means to get the original data. Don't confuse brute forcing with decrypting, they are NOT the same.
The way md5 can be used is as such:
A users password is stored (md5'ed) in a database
when a user logs in they enter there password in cleartext
php md5's this clear text version of the password
php compares the newly hased password with the one in the database
if they are the same grant access
else dont.[/b]
isnt this md5 decryption
Posted: Fri Jul 16, 2004 6:24 am
by fresh
Code: Select all
<?php
function bytexor($a,$b,$l)
{
$c="";
for($i=0;$i<$l;$i++) {
$c.=$a{$i}^$b{$i};
}
return($c);
}
function binmd5($val)
{
return(pack("H*",md5($val)));
}
function decrypt_md5($msg,$heslo)
{
$key=$heslo;$sifra="";
$key1=binmd5($key);
while($msg) {
$m=substr($msg,0,16);
$msg=substr($msg,16);
$sifra.=$m=bytexor($m,$key1,16);
$key1=binmd5($key.$key1.$m);
}
echo "\n";
return($sifra);
}
function crypt_md5($msg,$heslo)
{
$key=$heslo;$sifra="";
$key1=binmd5($key);
while($msg) {
$m=substr($msg,0,16);
$msg=substr($msg,16);
$sifra.=bytexor($m,$key1,16);
$key1=binmd5($key.$key1.$m);
}
echo "\n";
return($sifra);
}
// Example of usage...
$message = "This is a very long message, but it is very secret and important
and we need to keep the contents hidden from nasty people who might want to steal it.";
$key = "secret key";
$crypted = crypt_md5($message, $key);
echo "Encoded = $crypted<BR>"; // returns ¦ý¼=¯ ¶òºÏ`¬ù<ÂH ëÇ{.‡1º{ïå
Posted: Sun Jul 18, 2004 6:09 am
by pelegk2
nice script though i am affraid that i maybe will have problem with file name that look like this :
[quote] ¦ý¼=¯ ¶òºÏ`¬ù<ÂH ëÇ{.‡1º{ïå
Posted: Sun Jul 18, 2004 8:34 am
by Joe
MD5 is a hashing routine and de-hashing it can years and years unless the MD5 hash is dictionary related or if it was a simple word, therefore it could be broken via a bruteforcer.
Try this simple dictionary attack :
http://www.securitystats.com/tools/hashcrack.php
Posted: Sun Jul 18, 2004 11:54 am
by Buddha443556
If your looking for data encryption you might want to checkout
Mcrypt PHP extension.
Posted: Sun Jul 18, 2004 12:07 pm
by JAM
[quote="pelegk2"]nice script though i am affraid that i maybe will have problem with file name that look like this :
¦ý¼=¯ ¶òºÏ`¬ù<ÂH ëÇ{.‡1º{ïå