How to convert the password saved in the database into the real password?

Mypaper

How did we convert, the password stored in the database to the actual value?

for example, I created the following user
usename : nima      password: 123456789

And is stored in the database as follows:
usename : nima    password: 98e26f06a04bdf250a8ffdc58636607f              salt : 3bb14c

And another example

I created the following user
usename : kamran      password: 185mp

And is saved in the database as follows:
usename : kamran    password: cbe6f23f14167ae5044e812b84c6f8ae            salt : 3e6bee

This code is stored in the password, what is the code?
And how we can convert it to the actual value?

netnikogo

1.   $salt = substr(uniqid(rand()), -6);
   
2.   $password = md5(md5($password).$salt);
   

Copy the Code

Mypaper

netnikogo 2013-8-27 21:38

Thanks for your answer, Can you explain more clearly. How can I use the code that you wrote.
Can you give an example?

khalid

http://md5decryption.com/

khalid

Note : this site have database for decryption text

so if your text not from it database you will not find the answer

--------------
2- Impossible to convert md5 to text  

Md5 is a hashing algorithm. There is no way to retrieve the original input from the hashed result.

Mypaper

khalid 2013-8-27 22:51
Note : this site have database for decryption text

so if your text not from it database you will n ...

I find this code.  If someone can show how to use it

http://www.yunsec.net/a/security/web/jbst/2012/0423/10544.html
http://www.myhack58.com/Article/html/3/68/2012/33733.htm
http://www.2cto.com/Article/201204/128589.html

1.    1. <?php
   
2.    2. error_reporting(0);
   
3.    3. if ($argc<2) {
   
4.    4. print_r('
   
5.    5. ----------------------------------------------------------------+
   
6.    6. Usage: php '.$argv[0].' hash
   
7.    7. Example:
   
8.    8. php '.$argv[0].' cd1a0b2de38cc1d7d796b1d2ba6a954f:dc2bce
   
9.    9. ----------------------------------------------------------------+
   
10.   10. ');
    
11.   11. die;
    
12.   12. }
    
13.   13. $fd=fopen("1.txt","rb");
    
14.   14.  
    
15.   15. if(!$fd)
    
16.   16. {
    
17.   17. echo "[!] error: www.2cto.com 打开字典文件错误";
    
18.   18. die;
    
19.   19. }
    
20.   20.  
    
21.   21. echo "\n[+] 破解中...";
    
22.   22. echo "\r";
    
23.   23.  
    
24.   24. while($buf=trim(fgets($fd)))
    
25.   25. {
    
26.   26. //echo $buf."\r\n";
    
27.   27. $hash=$argv[1];
    
28.   28. $hash2=substr($hash,0,32);
    
29.   29. $salt=substr($hash,33,6);
    
30.   30. $tmp=md5(md5($buf).$salt);
    
31.   31.  
    
32.   32. $conn = strcmp($tmp,$hash2);
    
33.   33. if($conn==0)
    
34.   34. {
    
35.   35.  
    
36.   36. echo "[+] 密码破解成功\n"."[+]密码为：".$buf."\r\n";
    
37.   37. die;
    
38.   38. }
    
39.   39.  
    
40.   40. }
    
41.   41.  
    
42.   42. if($conn!=0)
    
43.   43. {
    
44.   44. echo "你的字典不给力啊!快快扩充字典吧: ) \r\n";
    
45.   45. }
    
46.   46. fclose($fd);
    
47.   47. ?>

Copy the Code

vot

If someone can show how to use it

Just look inside the code!

1.    5. ----------------------------------------------------------------+
   
2.    6. Usage: php '.$argv[0].' hash
   
3.    7. Example:
   
4.    8. php '.$argv[0].' cd1a0b2de38cc1d7d796b1d2ba6a954f:dc2bce
   
5.    9. ----------------------------------------------------------------+

Copy the Code

But Khalid said already:

Note : this site have database for decryption text

so if your text not from it database you will not find the answer

Mypaper

vot 2013-9-2 12:15
Just look inside the code!But Khalid said already:

Hi Vot
Khalid got a site that referred to data without salt.
I do not know how to run this code.
Where should I run it?See if it works or does not work
Thanks

vot

1) The code itself is working ok.
2) You CAN NOT RUN it, because of you do not have THEIR DATABASE "1.txt"
3) You COULD NOT RUN it, because of it is a stupid code, that just read md5 from the file and compare with the md5 entered by you...