-1

Is there a way to do this? In my mapping class, I want to decrypt a MD5 password when I fetch my database data into entities. Is this possible?

Thank you!

Kiwanax
  • 1,265
  • 1
  • 22
  • 41

2 Answers2

1

MD5 can be used to encrypt passwords. MD5 is considered as a broken. What you do is you hash the password with MD5 and compare it with the original hash value in the database. Since MD5 is one way, if the passwords are same, hash value is same.

Edit:

If you are looking for cracking MD5 encrypted passwords, That is something different. Take a look at this

You mist first understand that this is not technology specific. These are basic computer science generic concepts which can be used implemented using various technologies. In you case C# and NHibernate etc.

To be simple, what you are doing with MD5(Message-Digest algorithm 5) is, you do hashing. because it is a hashing function. take a look at this.

But this MD5 is a one way hash function. "one way" means that it's nearly impossible to derive the original text from the string. That is why it is used for password encryption. Because you can not reverse a one way function and get the actual password. Take a look at this as well.

I assume that you want to check weather the inserted password is correct and allow log-in or do what ever necessary. You should not be doing decryption a password. If you are not going to crack a password. Password cracking is more of a guessing and scope can be reduced using the weaknesses of implemented methodologies(In MD5 hashing collisions).

In password creation, you take the password and you hash it using MD5(in your case).Then this hash value is what you are going to store in a database. Then next time you want to check weather the password is correct. Then you again take the password and you again hash it using MD5. then you take that hash value and compare it with the hash value in the database. If they match inserted password is correct.

I can see that you are new to SO. What I recommend is that you better learn these concepts first and the these concepts will help you irrespective of what technology you use.

Community
  • 1
  • 1
diyoda_
  • 5,274
  • 8
  • 57
  • 89
  • Nice. But do you know how can I decrypt the retrieved password encrypted with MD5? I'm trying to do this with C#, but with no success. – Kiwanax Apr 04 '13 at 16:20
  • do you want this to crack passwords?. can you please tell me roughly where are u going to do use this. – diyoda_ Apr 04 '13 at 16:38
  • No, I just want to get a Joomla password and decrypt it. Preferred in a mapping of NHibernate. But the basic is: get a Joomla password and decrypt it. – Kiwanax Apr 05 '13 at 11:41
  • Did you come up with an answer for this question? – diyoda_ Apr 12 '13 at 11:48
  • No. MD5 is a one-way hash, my solution was recreate lost password, crypting them with this method. – Kiwanax Apr 12 '13 at 12:28
0

You might as well ask if you can turn a pile of ashes back into the log before it was burned. Hashing is a one way action... you cannot "reverse" it. The only thing you could do is determine some source values that generate the same hash (hash collision).

BlakeH
  • 3,354
  • 2
  • 21
  • 31