Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
influent
Constraint Violating Yak Guru
367 Posts |
 Posted - 2006-09-21 : 13:45:02
|
| Due to a lack or foresight on the part of the original db designers, I need to compare passwords in two different tables for equality. The problem is that one table uses binary format, and the password is hashed against MD5 prior to conversion and insertion. Is there any way I can use SQL to convert the password back to ASCII or Unicode? |
|
|
Michael Valentine Jones
Yak DBA Kernel (pronounced Colonel)
7020 Posts |
Posted - 2006-09-21 : 15:59:54
|
quote:
Originally posted by influent
Due to a lack or foresight on the part of the original db designers, I need to compare passwords in two different tables for equality. The problem is that one table uses binary format, and the password is hashed against MD5 prior to conversion and insertion. Is there any way I can use SQL to convert the password back to ASCII or Unicode?
You cannot convert the hashed password back to clear text with SQL or any other method. A hash is not encryption, it is a one-way conversion with no way back to the original text.Your best bet would be to hash the clear text passwords and compare this to the hashed passwords from the table.CODO ERGO SUM |
 |
|
|
pelegk2
Aged Yak Warrior
723 Posts |
Posted - 2007-12-15 : 06:02:35
|
| you can decrypt md5 password only if its a dictionary wordIsrael -the best place to live in aftr heaven 9but no one wan't to go there so fast -:) |
|
|
|
SwePeso
Patron Saint of Lost Yaks
30421 Posts |
Posted - 2007-12-15 : 16:44:50
|
Nice!Show me the link to the article and method that describes this.
E 12°55'05.25"N 56°04'39.16" |
|
|
|
jezemine
Master Smack Fu Yak Hacker
2886 Posts |
Posted - 2007-12-15 : 17:57:12
|
quote:
Originally posted by pelegk2
you can decrypt md5 password only if its a dictionary wordIsrael -the best place to live in aftr heaven 9but no one wan't to go there so fast -:)
I guess you mean that you can decrypt it if you happen to know the original text is 1 of N known possibilities? so your "decryption" is just to apply the hash on all N possibilities and compare? that's not what most people would call decryption. that's a brute force dictionary attack.
elsasoft.org |
|
|
|
|
|
|
decrypt MD5 password