General Question

livejamie's avatar

How would this be decoded?

Asked by livejamie (111points) February 4th, 2008


Observing members: 0 Composing members: 0

4 Answers

paulc's avatar

Looks like an MD5 hash (32 character hexadecimal) which is one-way encryption. Its used a lot for passwords but can be broken (with some difficulty) though you’ll likely never know the original input that produced it (MD5 breaking involves forcing a collision of two values that produce the same hash).

paulc's avatar

Also, just in case you were wondering, the value you’ve given doesn’t decode to any type of legible string. If you’ve got ruby installed you can see for yourself:

“9b3ab017822c2925dd19ad94dce68fed”.scan(/.{2}/).each { |c| puts c.hex.chr }

I also found a site that claims to do reverse lookups of MD5 strings.

bpeoples's avatar

And, if it was salted, you may not be able to find the “original” plaintext.

That is, if my password is “piano”, the md5 sum would be

However, if the password program is at all intelligent, they have salted their sums. For instance, if the salt is… well… “salt”, then the md5 sum for my password would be (“pianosalt”):

Now, let’s pretend that the word saltwatertaffey also has the md5 sum 783…934a (it doesn’t, but for the sake of argument)

So, the problem is now that if I crack the second string by some method that finds the collision saltwatertaffey, I don’t have a valid password. Only if I find a collision that ends in the word “salt” or the original plaintext (ending in the word “salt”) have I found the actual password.

A much easier way to crack the password is to figure out what the salt it—typically based on each program’s implementation, and then run a dictionary attack against the md5 table.

And, while you’re waiting, call random people and ask them what their passwords are.

livejamie's avatar

I’m not being malicious or anything, somebody just posted this on a forum I’m on in their “location” field and has challenged people to figure it out. So far 2 people have.

Answer this question




to answer.

This question is in the General Section. Responses must be helpful and on-topic.

Your answer will be saved while you login or join.

Have a question? Ask Fluther!

What do you know more about?
Knowledge Networking @ Fluther