de-crypt... crypt

Discussion in 'Perl Misc' started by asg, Dec 23, 2005.

  1. asg

    asg Guest

    Does anyone know if there is a way to de-crypt using...
    $field = crypt ($field, $salt);
    any help is appreciated.
    regards
    asg, Dec 23, 2005
    #1
    1. Advertising

  2. asg

    Guest

    asg wrote:
    > Does anyone know if there is a way to de-crypt using...
    > $field = crypt ($field, $salt);
    > any help is appreciated.
    > regards


    generaly, by exhaustive trial. crypt is one-way.
    , Dec 23, 2005
    #2
    1. Advertising

  3. asg

    Brian Wakem Guest

    asg wrote:

    > Does anyone know if there is a way to de-crypt using...
    > $field = crypt ($field, $salt);
    > any help is appreciated.
    > regards



    Crypt is one way, but if you have enough time or the password is poor (I
    assume we are talking usernames/passwords here) then you can do it.


    # perl -e 'print "username:" . crypt("password","username") . "\n"' > file
    # ./john file
    Loaded 1 password (Standard DES [24/32 4K])
    password (username)
    guesses: 1 time: 0:00:00:00 100% (2) c/s: 336 trying: 12345 - robert


    'john' craked it in under a second.

    See http://www.openwall.com/john/ for more.



    --
    Brian Wakem
    Email: http://homepage.ntlworld.com/b.wakem/myemail.png
    Brian Wakem, Dec 23, 2005
    #3
  4. asg

    Guest

    asg wrote:
    > Does anyone know if there is a way to de-crypt using...
    > $field = crypt ($field, $salt);


    There's not an "uncrypt" function or any such thing. One of the
    "problems" is that many (infinite, I believe) different strings can
    produce the same encrypted hash value. Since a crypt value is only a
    few bytes long, but it must be able to represent values which are
    longer, it is obvious that there must be a many-to-one relationship
    between plaintext strings and encrypted values.

    As others have pointed out, a brute-force approach may work. Oddly
    enough, it's possible to find a plaintext password which will "work"
    but not actually be the same password that was used to create the
    hashed value!
    , Dec 23, 2005
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. AdrianK
    Replies:
    0
    Views:
    1,521
    AdrianK
    Jul 9, 2003
  2. John Bergstrom
    Replies:
    0
    Views:
    1,207
    John Bergstrom
    Aug 3, 2003
  3. Jonas
    Replies:
    0
    Views:
    622
    Jonas
    Oct 10, 2003
  4. JD Vernon

    LWP, Crypt-SSLeay, CLI vs. WWW

    JD Vernon, Feb 24, 2004, in forum: Perl
    Replies:
    0
    Views:
    476
    JD Vernon
    Feb 24, 2004
  5. Cosmia Luna
    Replies:
    4
    Views:
    317
    Cosmia Luna
    Mar 11, 2012
Loading...

Share This Page