mIRC Home    About    Download    Register    News    Help

Print Thread
Simple md5 Q. #97137 09/09/04 02:46 PM
Joined: Feb 2004
Posts: 714
Z
Zyzzyx26 Offline OP
Hoopy frood
OP Offline
Hoopy frood
Z
Joined: Feb 2004
Posts: 714
Hi smile I was wondering, what do I have to do to convert an $md5'd value to its original understandable form?

Eg:
$md5(Zyzzyx26) = b3abf980befc92e0f109b6638f6b5f16


Is there an identifier to turn b3abf980befc92e0f109b6638f6b5f16 into Zyzzyx26 again?

Thanks smile


"All we are saying is give peace a chance" -- John Lennon
Re: Simple md5 Q. #97138 09/09/04 03:18 PM
Joined: Mar 2004
Posts: 108
X
xxxYODAxxx Offline
Vogon poet
Offline
Vogon poet
X
Joined: Mar 2004
Posts: 108
I was under the impression it was non-reversable..


sometimes these are as bad as quit messages :tongue:
Re: Simple md5 Q. #97139 09/09/04 04:02 PM
Joined: Nov 2003
Posts: 2,327
T
tidy_trax Offline
Hoopy frood
Offline
Hoopy frood
T
Joined: Nov 2003
Posts: 2,327
You can't, MD5 is irreversable.
The only way you could do it is by generating lots of random characters, then check $md5(<generated characters>) to see if it matches the md5 string you gave it.


New username: hixxy
Re: Simple md5 Q. #97140 09/09/04 06:30 PM
Joined: Dec 2002
Posts: 2,962
S
starbucks_mafia Offline
Hoopy frood
Offline
Hoopy frood
S
Joined: Dec 2002
Posts: 2,962
In practice that's completely infeasible. Hash (aka message digest) algorithms are specifically designed to make it *impossible* to generate any given hash without knowing the input value. You would have to calculate MD5 hashes for approximately 2^128 different input values (which would take millenia on the average computer) before you found one that yielded the same hash - and even then it probably wouldn't be the original input value.


Spelling mistakes, grammatical errors, and stupid comments are intentional.
Re: Simple md5 Q. #97141 09/09/04 06:34 PM
Joined: Dec 2002
Posts: 2,962
S
starbucks_mafia Offline
Hoopy frood
Offline
Hoopy frood
S
Joined: Dec 2002
Posts: 2,962
MD5 is a one-way algorithm. It's impossible to obtain the original message from the hash it generates. There aren't any built-in mIRC commands for encryption, however there is a DLL available which supports the Blowfish cipher, which will do what you want. I believe it's available on mircscripts.org.


Spelling mistakes, grammatical errors, and stupid comments are intentional.
Re: Simple md5 Q. #97142 09/09/04 08:30 PM
Joined: Feb 2004
Posts: 714
Z
Zyzzyx26 Offline OP
Hoopy frood
OP Offline
Hoopy frood
Z
Joined: Feb 2004
Posts: 714
Hmm.. I see. Thanks you 3 for the replies smile


"All we are saying is give peace a chance" -- John Lennon
Re: Simple md5 Q. #97143 09/09/04 09:51 PM
Joined: Dec 2002
Posts: 788
C
Coolkill Offline
Hoopy frood
Offline
Hoopy frood
C
Joined: Dec 2002
Posts: 788
MD5 isnt 'irreversible', while it may take hundreds of hours to decrypt a simple 5 alpha-string, it can and is done...

Eamonn.

Re: Simple md5 Q. #97144 09/09/04 09:59 PM
Joined: Dec 2002
Posts: 2,962
S
starbucks_mafia Offline
Hoopy frood
Offline
Hoopy frood
S
Joined: Dec 2002
Posts: 2,962
It is irreversible. By using brute force on a hash of a ridiculously short input you might discover input that yields the same hash, however as the attacker you could never be certain that it was the original message.


Spelling mistakes, grammatical errors, and stupid comments are intentional.
Re: Simple md5 Q. #97145 09/09/04 09:59 PM
Joined: Nov 2003
Posts: 2,327
T
tidy_trax Offline
Hoopy frood
Offline
Hoopy frood
T
Joined: Nov 2003
Posts: 2,327
The only way i've heard of "cracking" md5 is the way I suggested, which isn't reversing anything, it's guessing the original string by brute force.

If there's a way to actually reverse it then ignore me.


New username: hixxy
Re: Simple md5 Q. #97146 10/09/04 07:49 AM
Joined: Jan 2003
Posts: 14
A
Angua Offline
Pikka bird
Offline
Pikka bird
A
Joined: Jan 2003
Posts: 14
Just a clarification here:

md5 is a one way algorithm, this should be as well fairly obvious, if you know that hashes in general are used for example, to determine if a file has been tampered with. It is extremely unlike that if you make the md5sum over an ISO image for example, that you can reconstruct the iso image by knowing the hash wink

the only way to "crack" md5, is to brute force the algorithm. That doesn't mean that there are no ways which are more efficient than your standard brute force by looping though all possible combinations. It is amazing, when it comes to passwords for example, how many ppl will use a standard word, or name, or birthdate, etc. The main functionality of all password cracking programs uses dictionaries, where words are tried out and used to attempt to break the password.

While this approach is often quite useless for a given single password, it usually yields good results on a collection of passwords, like a linux passwd file, which has been aquired the one way or the other, on machines with many users. While most of the users will be aware that they should use some more complicated password, which can't be broken that easily, and as well something which is longer than the average 4-5 characters, there will be always the one or other used which either will use a standard word with standard spelling, or, possibly a very short password, which can be much easier brute-forced than a long one ( every character lenght, adds one power to the O(f), where f is a function of something like 96^n, means if the password is one char long, you will need 96 tries, if it is two characters long 96*96, etc. which progresses nicely exponentially. )

Of course, should we ever build a quantum computer, then this calculations will be irrelevant, as a quantum computer will be able to solve all P-complete problems in one!! single iteration, and possibly quite a few NP-complete in a very low time, which will make most kinds of current encryptions quite obsolete.

Angua



Sentinel scripter ( current version X, alpha )