de-crypt... crypt

[asg]

Does anyone know if there is a way to de-crypt using...
$field = crypt ($field, $salt);
any help is appreciated.
regards

 

[takarov2003]

Does anyone know if there is a way to de-crypt using...
$field = crypt ($field, $salt);
any help is appreciated.
regards

generaly, by exhaustive trial. crypt is one-way.

 

[Brian Wakem]

Does anyone know if there is a way to de-crypt using...
$field = crypt ($field, $salt);
any help is appreciated.
regards

Crypt is one way, but if you have enough time or the password is poor (I
assume we are talking usernames/passwords here) then you can do it.


# perl -e 'print "username:" . crypt("password","username") . "\n"' > file
# ./john file
Loaded 1 password (Standard DES [24/32 4K])
password (username)
guesses: 1 time: 0:00:00:00 100% (2) c/s: 336 trying: 12345 - robert


'john' craked it in under a second.

See http://www.openwall.com/john/ for more.

 

[usenet]

Does anyone know if there is a way to de-crypt using...
$field = crypt ($field, $salt);

There's not an "uncrypt" function or any such thing. One of the
"problems" is that many (infinite, I believe) different strings can
produce the same encrypted hash value. Since a crypt value is only a
few bytes long, but it must be able to represent values which are
longer, it is obvious that there must be a many-to-one relationship
between plaintext strings and encrypted values.

As others have pointed out, a brute-force approach may work. Oddly
enough, it's possible to find a plaintext password which will "work"
but not actually be the same password that was used to create the
hashed value!