I realize that this may be a sensitive subject, so a mod may contact me at webmistress [at] sg1-heliopolis [dot] com if they want to take it off board.
I was looking to port my eFiction authors table into a different application. That one uses a plain text password field in the database, so I was wondering if there was a way to decode the password field of the author's table to plain text.
I don't think there's a way, otherwise no one would use md5. I looked into the once out of curiosity at one point when I was looking at integrating something with another application that had a different type of encryption, and I came to the conclusion that it wasn't possible. What you might consider is instead put the same hashing on the other application. Especially if it's web-based, the passwords should be encrypted.
I believe I have read that md5 was cracked by a hacker, but as of now there is no available way to convert from md5 to plain text.
yeah, they had some 100 ps3's running all day. made some supposed skeleton key so every website is compromised, but no action has been made. i'd say they were researchers.
I am rebuilding efiction! Join us on irc! #efiction at
I don't think it was actually cracked, whereas a dictionary is used to see is that hash matched one one in the dictionary, I know when in a CMS, I lost my pass, and I couldn't reset it and I didnt want to reinstall so I used mysql to replace the old hash with a simple hash for "1", and it worked.
Correction, it was cracked. See this, I don't think actual step-by-step methods are listed, however it lists several sites that have password databases.
But as others have pointed out, it is mainly done with brute force, as can be done with other methods of encryption/algorithms (in most cases).
