NamePros.com  

Programming PHP, Perl, Ruby on Rails, AJAX, HTML, XHTML, CSS, JavaScript, MySQL and any other coding topics.


Views: 12543
Reply
 
Thread Tools
Old 05-30-2010, 10:26 AM THREAD STARTER               #1 (permalink)
Ik
Quality //
Ik's Avatar
Join Date: Sep 2008
Posts: 892
Ik has much to be proud ofIk has much to be proud ofIk has much to be proud ofIk has much to be proud ofIk has much to be proud ofIk has much to be proud ofIk has much to be proud ofIk has much to be proud ofIk has much to be proud of
 




Help! Unhash MD5 String


This is the situation,

I use md5() to hash user passwords, and I save the md5() result in the password field in my database.

Now, I want to give the users the option to recover their passwords (receive it by email). They are receiving the hashed password, something like: 64e4784baced6bdb9adef61a1edaf023

Is there a way to unhash the string so that they receive a password that makes sense?

Any ideas?
Thanks
Ik is offline   Reply With Quote
Old 05-30-2010, 12:07 PM   #2 (permalink)
NamePros Member
Satanclaus's Avatar
Join Date: Mar 2006
Location: Netherlands
Posts: 83
Satanclaus is on a distinguished road
 





No. It's an MD5 summary, not an encryption method.
The only way would be to bruteforce the password, which means you'd potentially spend a thousand years+ on a single password ;-)
Satanclaus is offline   Reply With Quote
Old 05-30-2010, 12:08 PM   #3 (permalink)
Domains my Dominion
sdsinc's Avatar
Join Date: Aug 2005
Location: Web 1.0
Posts: 12,571
sdsinc Has achieved greatnesssdsinc Has achieved greatnesssdsinc Has achieved greatnesssdsinc Has achieved greatnesssdsinc Has achieved greatnesssdsinc Has achieved greatnesssdsinc Has achieved greatnesssdsinc Has achieved greatnesssdsinc Has achieved greatnesssdsinc Has achieved greatnesssdsinc Has achieved greatness
 




It is better practice not to keep passwords in clear so you encrypt them.
If the user forgets it, you send a verification link to their E-mail so they can choose another password. Then you hash it and overwrite the previous password hash.


NameNewsletter.com - free lists of available domain names
ZoneFiles.net (beta) - ccTLD and gTLD droplists
sdsinc is offline   Reply With Quote
Old 05-30-2010, 12:13 PM   #4 (permalink)
Senior Member
nasaboy007's Avatar
Join Date: Jul 2005
Location: NJ
Posts: 1,207
nasaboy007 has much to be proud ofnasaboy007 has much to be proud ofnasaboy007 has much to be proud ofnasaboy007 has much to be proud ofnasaboy007 has much to be proud ofnasaboy007 has much to be proud ofnasaboy007 has much to be proud ofnasaboy007 has much to be proud ofnasaboy007 has much to be proud of
 




The whole point of hashing something is so that you aren't saving it in cleartext and it cannot be undone. Every input maps to an (almost) unique hash, but it is not reversible, especially since there exist collisions. For example, say "foo" hashes to "EbA" in some hashing scheme, but so does "bar". There is no way to reverse it to know if the original was "foo" or "bar". It's basically the definition of hashing.

You would need something like mcrypt() in PHP if you want to be able to decrypt it, but that is still slightly insecure because if for some wild reason a malicious user gets a hold of the encryptioned as well as your private key, he can decrypt them easily.

The best solution for password management was outlined by sdsinc, where you give the user the option to reset their password, email them a temporary link (after verifying their identity, of course) that lets them set a new password, and simply overwrite the hash with the new password.

Another way to do it is to generate a random password, overwrite their current password with the new hash, email that password to them, and tell them to log in and change it to whatever they'd like.
nasaboy007 is offline   Reply With Quote
Old 05-30-2010, 01:25 PM THREAD STARTER               #5 (permalink)
Ik
Quality //
Ik's Avatar
Join Date: Sep 2008
Posts: 892
Ik has much to be proud ofIk has much to be proud ofIk has much to be proud ofIk has much to be proud ofIk has much to be proud ofIk has much to be proud ofIk has much to be proud ofIk has much to be proud ofIk has much to be proud of
 




Thank you guys, both solutions sound great
Ik is offline   Reply With Quote
Old 06-04-2010, 10:57 AM   #6 (permalink)
NamePros Member
digital29's Avatar
Join Date: Feb 2010
Posts: 94
digital29 is an unknown quantity at this point
 




Even NASA cannot decrypt MD5
digital29 is offline   Reply With Quote
Old 06-04-2010, 11:32 AM   #7 (permalink)
Domains my Dominion
sdsinc's Avatar
Join Date: Aug 2005
Location: Web 1.0
Posts: 12,571
sdsinc Has achieved greatnesssdsinc Has achieved greatnesssdsinc Has achieved greatnesssdsinc Has achieved greatnesssdsinc Has achieved greatnesssdsinc Has achieved greatnesssdsinc Has achieved greatnesssdsinc Has achieved greatnesssdsinc Has achieved greatnesssdsinc Has achieved greatnesssdsinc Has achieved greatness
 




Well brute force actually works well with weak/short passwords.


NameNewsletter.com - free lists of available domain names
ZoneFiles.net (beta) - ccTLD and gTLD droplists
sdsinc is offline   Reply With Quote
Old 06-04-2010, 07:30 PM   #8 (permalink)
Senior Member
nasaboy007's Avatar
Join Date: Jul 2005
Location: NJ
Posts: 1,207
nasaboy007 has much to be proud ofnasaboy007 has much to be proud ofnasaboy007 has much to be proud ofnasaboy007 has much to be proud ofnasaboy007 has much to be proud ofnasaboy007 has much to be proud ofnasaboy007 has much to be proud ofnasaboy007 has much to be proud ofnasaboy007 has much to be proud of
 




Look up rainbow tables, but even with those it's a pain to decrypt.
nasaboy007 is offline   Reply With Quote
Old 06-10-2010, 08:18 PM   #9 (permalink)
New User
RegisterRants's Avatar
Join Date: Oct 2006
Location: NJ
Posts: 1,146
RegisterRants has a spectacular aura aboutRegisterRants has a spectacular aura aboutRegisterRants has a spectacular aura about
 

Send a message via AIM to RegisterRants Send a message via Skype™ to RegisterRants




Imagine you have three people standing in a line. Call them person A, B and C. Person A trusts Person C to keep his data safe, but doesn't trust Person B. So, Person A transforms (encrypts) his data, then tells Person B the encrypted jibberish, who then passes it along to Person C.

Now, let's say Person A wants to prove to Person C that he/she is actually Person A. Person A still doesn't trust Person B, so he has to pass the data after transforming it. Person B sends that along to Person C.

Now, think of A, B and C as the user, Internet and web site, respectively (there's a little but of discrepancy because the *server* usually does the encryption, but I digress...). At no point does anyone but the user know or store his *actual* password, only a transformed version.

In theory, as with all encryption and transformation, with enough time, one could "reverse" anything. It's just a matter of trying all of the possible combinations, like picking a combination lock (one of the good ones that don't stick when you hit the right number.) However, naturally, this takes time--especially with something like MD5, where the parameters can be any character that a computer can parse in a string.

So yeah. The short answer is that you can't. The best practice in this situation is to make a new password (randomly, for the love of all things...) for the user, hash it, and send them the new password, or a link which will then give them a one-time login, after which they must change the password.
RegisterRants is offline   Reply With Quote
Old 06-11-2010, 05:39 AM THREAD STARTER               #10 (permalink)
Ik
Quality //
Ik's Avatar
Join Date: Sep 2008
Posts: 892
Ik has much to be proud ofIk has much to be proud ofIk has much to be proud ofIk has much to be proud ofIk has much to be proud ofIk has much to be proud ofIk has much to be proud ofIk has much to be proud ofIk has much to be proud of
 




Thanks everyone,

That's what I've done; I generate a new password and email it to the user
Ik is offline   Reply With Quote
Old 06-11-2010, 11:23 AM   #11 (permalink)
NamePros Regular
CyXic's Avatar
Join Date: Feb 2006
Location: Within
Posts: 498
CyXic is just really niceCyXic is just really niceCyXic is just really niceCyXic is just really nice
 




You could use rainbow tables to do it quickly, but it would very difficult to implement with PHP.
CyXic is offline   Reply With Quote
Old 06-11-2010, 12:46 PM   #12 (permalink)
Senior Member


Brujah's Avatar
Join Date: Apr 2006
Posts: 1,502
Brujah is a splendid one to beholdBrujah is a splendid one to beholdBrujah is a splendid one to beholdBrujah is a splendid one to beholdBrujah is a splendid one to beholdBrujah is a splendid one to beholdBrujah is a splendid one to behold
 




You seem to have it covered, but just wanted to mention another possibility too. There are numerous md5 reverse lookups available on the net now. One like:

Reverse MD5 hash lookup

Google for: "reverse md5"
Brujah is offline   Reply With Quote
Old 06-11-2010, 01:18 PM   #13 (permalink)
New User
RegisterRants's Avatar
Join Date: Oct 2006
Location: NJ
Posts: 1,146
RegisterRants has a spectacular aura aboutRegisterRants has a spectacular aura aboutRegisterRants has a spectacular aura about
 

Send a message via AIM to RegisterRants Send a message via Skype™ to RegisterRants




Originally Posted by CyXic View Post
You could use rainbow tables to do it quickly, but it would very difficult to implement with PHP.
Rainbow tables are just pre-computed hashes; in order to find, say "thisismypassword" from its MD5 hash, you'd have to have a rainbow table with "thisismypassword" already hashed. That's why security analysts say to never use things like dictionary words as your password; rainbow tables are heavily based on the dictionary and other common words/phrases.

Originally Posted by Brujah
You seem to have it covered, but just wanted to mention another possibility too. There are numerous md5 reverse lookups available on the net now. One like:

Reverse MD5 hash lookup

Google for: "reverse md5"
Same thing. Those "reverse md5" sites are merely using rainbow tables to search through what you plug in.

Actually, if you look at how they work, if it can't find something in the rainbow table the first time, it'll compute the MD5 hash and add it to the table, so the second time you search for, say, "nobody_could_guess_this_12093810293," it'll be there.
RegisterRants is offline   Reply With Quote
Old 06-11-2010, 01:36 PM   #14 (permalink)
Senior Member


Brujah's Avatar
Join Date: Apr 2006
Posts: 1,502
Brujah is a splendid one to beholdBrujah is a splendid one to beholdBrujah is a splendid one to beholdBrujah is a splendid one to beholdBrujah is a splendid one to beholdBrujah is a splendid one to beholdBrujah is a splendid one to behold
 




Right, so rather than build your own you could use an API from one of these reverse md5 sites assuming a large percentage of your members passwords will be there and then force a new password for those that aren't. That's the general idea I had in mind at first anyway.
Brujah is offline   Reply With Quote
Old 06-11-2010, 01:37 PM   #15 (permalink)
New User
RegisterRants's Avatar
Join Date: Oct 2006
Location: NJ
Posts: 1,146
RegisterRants has a spectacular aura aboutRegisterRants has a spectacular aura aboutRegisterRants has a spectacular aura about
 

Send a message via AIM to RegisterRants Send a message via Skype™ to RegisterRants




Eh, in my opinion that's a security risk. I don't believe that a user's password should ever be sent or exposed in plain text, for obvious reasons.
RegisterRants is offline   Reply With Quote
Old 06-14-2010, 02:14 PM   #16 (permalink)
NamePros Regular
amoeba's Avatar
Join Date: Sep 2005
Location: ~$
Posts: 798
amoeba has much to be proud ofamoeba has much to be proud ofamoeba has much to be proud ofamoeba has much to be proud ofamoeba has much to be proud ofamoeba has much to be proud ofamoeba has much to be proud ofamoeba has much to be proud ofamoeba has much to be proud of
 




Agreed, that's a terrible idea in terms of security. I get mad whenever I sign up for a website and it sends me my password in plain text. Why do so many sites do this?
amoeba is offline   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools




All times are GMT -7. The time now is 12:15 AM.



Domain name forum recommended by Domaining.com
Powered by: vBulletin® Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Search Engine Friendly URLs by vBSEO
Don't use this form or this link. If you do, you'll automatically be blocked. nofollow