|
You last visited: Today at 05:58
Advertisement
[HELP]Password script
Discussion on [HELP]Password script within the EO PServer Hosting forum part of the Eudemons Online category.
09/07/2009, 05:50
|
#16
|
elite*gold: 0 
Join Date: Sep 2008
Posts: 979
Received Thanks: 647
|
Quote:
Originally Posted by funhacker
Seriously dude the only way you are going to reverse the hash into an actual word/sentence etc. is if you had a program repeatedly come up with random letters numbers and symbols until it found an md5 that matched. But ultimately this is still not decrypting and it is VERY ineffective specially running for a password recovery.
But now thinking about it is this because you are starting another server or are you trying to use existing md5hash passwords and logins that you may of obtained from another game/server?
|
Not either of, It's a simple research i am doing. Top Secret.
and seriously, Decrypting MD5 Hashes can be done using Low level languages as C++, PHP will NOT do it, unless it's encrypted in an other way.
Account server encrypts and decrypts MD5 hashes 24/7 to check for authentication in accounts.
|
|
|
|
09/07/2009, 08:06
|
#17
|
elite*gold: 20
Join Date: Sep 2007
Posts: 1,767
Received Thanks: 1,746
|
Quote:
Originally Posted by The Crasher
funhacker , you say you cant decrypt md5
let me proof you that it is posseble on a simple way
if you go to your db , the password is entered in md5
now , go to a forum and get the same password , it got other numbers but it is still the same password but it is created with other value's
so the password md5 of your forum will never work into eudemons , the value is wrong (still same password )
now a other funny thing
a password get decrypted to check if it is the same password with the same value
every code can be decrypted , it use the same way as encrypting but then to the other direction
the only thing you need is the value that it use to encrypt and then you can decrypt
basicly , if you use the forum password to decrypt with the wrong value's then you get a differend password
if you use it with the right value then you get exact the same
hardest part , try to get the value 
for the rest , everything that you can encrypt can be decrypted , no mather what code it is
there are no safe ways of unencrypted data
els they would use only md5 as the safest way and not other encrypting methodes
and in case of intrests just follow this link
MD5 - Wikipedia, the free encyclopediaEncryption - Wikipedia, the free encyclopedia
Thank you
Greets From The Crasher |
Seriously dude google the meaning of HASH and Encrypted notice the difference?
Encryption is 2 way process there IS a value that is used to encrypt/decrypt the final value.
A hash uses an alogrythm to hash the value to a set length. So you can NOT reverse the hash. Sadly with md5 there is even a possibility (very little) that there are multiple values that will return the same hash value.
So you can md5 an entire novel and it will still only return a 32byte string. So explain to me how it would even be possible to store over 100,000 words into a 32byte string? If this was possible don't you think that programs like winword would be able to compress all their files to just 32bytes no matter how long.
No point arguing facts it just is that you can't "decrypt" hash because you can't decrypt something that is NOT encrypted.
|
|
|
|
|
09/07/2009, 12:16
|
#18
|
elite*gold: 246
Join Date: Jan 2008
Posts: 1,712
Received Thanks: 896
|
Quote:
Originally Posted by The Crasher
now a other funny thing
a password get decrypted to check if it is the same password with the same value
every code can be decrypted , it use the same way as encrypting but then to the other direction
|
Quote:
Originally Posted by Necron33
Account server encrypts and decrypts MD5 hashes 24/7 to check for authentication in accounts.
|
Two birds one stone. Account server never "decrypts" the hashes. The password that you enter into the client is hashed and then compared with the password in the database. You guys have the right idea, but are applying it to the completely wrong situation.
Quote:
Originally Posted by The Crasher
if you go to your db , the password is entered in md5
now , go to a forum and get the same password , it got other numbers but it is still the same password but it is created with other value's
so the password md5 of your forum will never work into eudemons , the value is wrong (still same password )
|
That's is because your forum doesn't use the same salt value and process as the one that hashes the passwords for EO. It could even be using a plain MD5 script that is vulnerable to rainbow tables.
|
|
|
|
|
09/08/2009, 19:39
|
#19
|
elite*gold: 0
Join Date: Jan 2008
Posts: 84
Received Thanks: 23
|
loled abit by reading this let me give you some videos to watch
they do explain it very nicely
|
|
|
|
|
09/08/2009, 19:40
|
#20
|
elite*gold: 0
Join Date: Jan 2008
Posts: 84
Received Thanks: 23
|
loled abit by reading this let me give you some videos to watch
they do explain it very nicely
|
|
|
|
|
09/08/2009, 21:48
|
#21
|
elite*gold: 20
Join Date: Aug 2007
Posts: 606
Received Thanks: 563
|
doing md5 collisions is not decrypting. you are obviously missing the point of hashing algorithms. they were designed to not be reversible, and if there is way to create string that matches md5 hash, it's vulnerability of the algorithm. not to mention chance of getting the original password is 1:1 000 000 000 as collision algorithms only try to get the same hash from generated string (for example word "skin" would have md5 5aff4d8200123c34f4 and phrase "FSIOYfghdysfgusykg$%^%$@^jkrdhgasfgkjgdasker34$%@ #$^$%7" might have SAME md5).
Necron, you're having obsession over c++ or what? it's not ultimate answer to everything, it's just computer language and you can use it for various purposes, just like any other language(fortran, pascal, c, java, python, perl, php). And breaking md5 is just about maths - you can do maths in javascript or visual basic.. so you can implement md5 collision POC in branfuck if you want.
So conclusion is: reversing/rainbow table cracking md5 is inefficient way to get back the password. It's always better send new randomly generated password by mail to recover access to the user.
|
|
|
|
|
09/09/2009, 01:20
|
#22
|
elite*gold: 0
Join Date: Sep 2008
Posts: 979
Received Thanks: 647
|
Quote:
Originally Posted by forcer
doing md5 collisions is not decrypting. you are obviously missing the point of hashing algorithms. they were designed to not be reversible, and if there is way to create string that matches md5 hash, it's vulnerability of the algorithm. not to mention chance of getting the original password is 1:1 000 000 000 as collision algorithms only try to get the same hash from generated string (for example word "skin" would have md5 5aff4d8200123c34f4 and phrase "FSIOYfghdysfgusykg$%^%$@^jkrdhgasfgkjgdasker34$%@ #$^$%7" might have SAME md5).
Necron, you're having obsession over c++ or what? it's not ultimate answer to everything, it's just computer language and you can use it for various purposes, just like any other language(fortran, pascal, c, java, python, perl, php). And breaking md5 is just about maths - you can do maths in javascript or visual basic.. so you can implement md5 collision POC in branfuck if you want.
So conclusion is: reversing/rainbow table cracking md5 is inefficient way to get back the password. It's always better send new randomly generated password by mail to recover access to the user.
|
I meant it exactly, Low level languges, you can NOT decrypt hashes in lua or PHP for example, I understood the account server method with MD5 hashes now, all what i do is to send an eMail asking for Yes/No on it.
It is a normal computer languages after all , as all languages  .
Thank you.
|
|
|
|
|
09/09/2009, 08:01
|
#23
|
elite*gold: 20
Join Date: Aug 2007
Posts: 606
Received Thanks: 563
|
Quote:
Originally Posted by Necron33
I meant it exactly, Low level languges, you can NOT decrypt hashes in lua or PHP
|
That's not true. I can implement md5 collision system in perl/php/lua without any problem, it's not about the language!! The reason why they implement password/hash crackers in c/c++ is performance. That is the only advantage over all scripting languages. learn more on the topic when arguing!
|
|
|
|
|
09/09/2009, 10:40
|
#24
|
elite*gold: 20
Join Date: Sep 2007
Posts: 1,767
Received Thanks: 1,746
|
Quote:
Originally Posted by commandcom
loled abit by reading this let me give you some videos to watch
they do explain it very nicely |
Well done you just further proved there is no way of DECRYPTING md5. Unless you were siding with us who were saying this then i apologise for the sarcasm.
And I would just say to Soul i suggest requesting ALL your players changing their passwords because personaly if Necron says he aint opening another server of any kind then he can only have 1 other use for this which is using existing accounts and md5 hash to login to on a game and well it's pretty good timing right?
|
|
|
|
|
09/09/2009, 21:21
|
#25
|
elite*gold: 0
Join Date: Sep 2008
Posts: 979
Received Thanks: 647
|
Quote:
Originally Posted by funhacker
Well done you just further proved there is no way of DECRYPTING md5. Unless you were siding with us who were saying this then i apologise for the sarcasm.
And I would just say to Soul i suggest requesting ALL your players changing their passwords because personaly if Necron says he aint opening another server of any kind then he can only have 1 other use for this which is using existing accounts and md5 hash to login to on a game and well it's pretty good timing right?
|
Means I am a hacker?
please explain.
i do this for my next Pserver all things guide.
|
|
|
|
All times are GMT +1. The time now is 06:00.
|
|
![[HELP]Password script](https://www.elitepvpers.com/forum/iconimages/eo-pserver-hosting/help-password-script_ltr.gif){kind=small}
