MD5 Can be Decrypted. Unbelievable!

**Schmoopy** · 04-12-2009, 06:22 PM

Shouldn't this site be banned? I mean all it does is allow a greater chance of a person gaining access to data, I don't see any benefits from this. Am I missing something?

And of course they can only get md5 hashes that have already been entered into the database, like I can see the benefits of the encrypter, just not the decrypter.

I suppose websites should use better security measures like adding a salt or using a different encryption but there is just no need for md5 decryption (unless I've missed something

).

**Snookerman** · 04-12-2009, 06:24 PM

Banned by whom?

**Schmoopy** · 04-12-2009, 06:26 PM

The company that hosts it.

**Snookerman** · 04-12-2009, 06:33 PM

Don't get me wrong, I agree that what they are doing is wrong but are there any rules on the web? Can't sites do anything they want almost? I mean, there needs to be some serious shieet in order for a site to be banned. For what it's worth, one benefit of this site is that it encourages people to create more secure encryption systems.

**Schmoopy** · 04-12-2009, 06:41 PM

Well I wasn't actually thinking about asking their host to take down the website or take any kind of action at all. I was more interested as to whether there were any benefits to having MD5 hashes decrypted. But you do have a point, this does make people want to make their sites more secure - but that's only the people who actually know this site exists.

**JasonDFR** · 04-12-2009, 07:00 PM

1) MD5 hashes can not be decrypted. Or encrypted for that matter. Encryption is a totally different thing.

2) The site in question is beneficial to whoever has access to the data it produces and wants to do a dictionary style reversal of a MD5 hash. See 3.

3) The site is not beneficial to anyone if the MD5 hash in question is not in the site's database.

4) For this site to be worth anything to anyone, someone needs to have access to a MD5 hash of something of known value and hope that 3 is not an issue.

To sum up: The site is stupid and I imagine that anyone doing any sort of serious hacking has access to and/or knowledge of much more dangerous stuff.

**Twey** · 04-13-2009, 01:13 PM

It's not stupid, but it's not immoral either. It's just a big MD5 dictionary. There's nothing wrong with it. It could even be used to generate some interesting statistics about MD5. With proper application of a salt, which is a basic security measure that everyone should follow, a dictionary attack is not a security issue.

**JasonDFR** · 04-13-2009, 03:04 PM

I hadn't thought about academic purposes. That could be a good use.

Thread: MD5 Can be Decrypted. Unbelievable!

Thread Tools

Search Thread

Tags for this Thread

Bookmarks

Bookmarks

Posting Permissions