Md5()

[asgsoft]

MD5, a hash encrytion of texts. although it is supposed to be uncovertable it can be converted back recently. it is a very easy function to use but uesed a lot in sending encrypted data and storing it, like this forum it uses it to store passwords. this is how it works:

$text="test text";
$encrypted= md5($text);
echo $encrypted;

this will ouput 1e2db57dd6527ad4f8f281ab028d2c70. but to make it more secure like what IPB does it to double encypt it. so it looks like this:

$text="test text";
$encrypted= md5(md5($text));
echo $encrypted;

this will output: a932721fa7514980123ca95f1e94cb47 which is harder to crack becuase it is an encrytption of an encryptiom.

hope that helps.

 

[Shorty]

One thing I like to do is this:
$password = md5($password);
$password = strrev($password);
Just as an added measure of confusion.

There's absolutely nothing stopping anyone adding dozens of sha1's and md5's, or whatever else they want to do. I imagine it makes them safer, but I suppose it's effectiveness wears off.

One thing I would reccomend is just do a few random letter replacements, the more the better. Just make sure you store them in an external include (.php so they cant be opened) so that you can call them again when handling logins etc.

 

[ApeXX]

MD5, a hash encrytion of texts. although it is supposed to be uncovertable it can be converted back recently. it is a very easy function to use but uesed a lot in sending encrypted data and storing it, like this forum it uses it to store passwords. this is how it works:

$text="test text";
$encrypted= md5($text);
echo $encrypted;

this will ouput 1e2db57dd6527ad4f8f281ab028d2c70. but to make it more secure like what IPB does it to double encypt it. so it looks like this:

$text="test text";
$encrypted= md5(md5($text));
echo $encrypted;

this will output: a932721fa7514980123ca95f1e94cb47 which is harder to crack becuase it is an encrytption of an encryptiom.

hope that helps.

IPB also uses a salt, which I believe means they insert a random encrypted word into the final encryption pass.

 

[tm]

doing md5(md5($string)) isn't necasarilly safer

No but something like

$superencrypted = md5(sha1(md5(sha1(rand(0,1000000)).md5(sha1($str)));

is pratically unencryptable because there's no way somebody could guess how I encoded $superencrypted.

 

[Dan]

md5 is not decryptable.

They have giant databases with the word and it's hash. They try to find the hash you enter, and return the word.

If your encrypted text isn't completely basic (like 'hi'), they won't be able to tell you what it is.

 

[tm]

Not decryptable, but you can crack it by brute force. This is where you go through all the possible key combinations to see if it matches the original string.

 

[Dan]

You can crack anything with brute force, so saying that means nothing.

$superencrypted = md5(sha1(md5(sha1(rand(0,1000000)).md5(sha1($str)));

You can crack that by brute forcing. Have fun.

 

[Tree]

True. Anything that can be hashed can be "unhashed." Supercomputers combined with huge databases can "unhash" anything. Be it SHA1, MD5, MD4, or lesser know algorithms such as the AP, DEK, DJB, and the widely used ELF.

Combine supercomputers equivalent to those used for genetic sequencing and a database capable of more than 1.0873661566567430802736528525679*10^147 records (Oracle, IBM's DB2), and you'll have a database which can hold all possible combinations for a-z A-Z 0-9 and these special characters `~!@#$%^&*()_-+={[}]|\:;"'<,>.?/ for up to a string that is only 10 characters in length.

Quite large.

 

[Tree]

Found a Perl module just for this

http://search.cpan.org/~mwdhk/Digest-MD5-Reverse-1.0/lib/Digest/MD5/Reverse.pm

 

[tm]

Cool.

Somebody give me a 5 char md5 :P

 

[Dan]

http://gdataonline.com/seekhash.php

That site doesn't crack it and the perl script just goes to the site.