md5 decoding. How they do it?

自作多情 提交于 2019-11-27 02:05:55

It doesn't decode an MD5 hash. It uses what's called a rainbow table... That's why it's so important to use salted hashes instead of storing the hash directly...

It is impossible to decode an MD5 hash as it is a one way algorithm, they will have a database of pre-calculated hashes and the string that was used to generate the hash and then perform a lookup.

The web page actually contains the answer:

The database contains millions of MD5 hashes and their decrypted forms.

If you hash a somewhat trivial string like "Hello World" chances are it exists in that db. But enter a long string of some weird text like "H3ll0 Wh1rrl3d!?!" and the "conversion" will fail because it will not exist in the hash db. (Though my "weird" string seems to be getting decoded?!?)

IMPORTANT:


  • NOTE FROM THE SITE: Any data which is MD5 hashed is stored for lookups. Do not encode sensitive data using this form

lol. That's why anything you hash with the site will come back as decoded! Everytime you hash something with that site you increase the size and capability of the database!

It says clearly: This tool searches multiple databases for the unencoded version of a MD5 hash

In general, this is still computationally intractable. However, rainbow tables assist in locating known pre-images. It will only work when the pre-image is based on common strings (e.g. dictionary words) and a salt isn't used. That's what they mean by "This tool searches multiple databases."

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!