Read the MD5 Hashed Password

Got something cool to share with AppGini users? Feel free to post it here!
Post Reply
mohamed
Veteran Member
Posts: 80
Joined: 2020-04-19 16:18

Read the MD5 Hashed Password

Post by mohamed » 2022-10-02 18:54

Hello,

Is it possible to read the MD5Pass or Hased Password from the MySQL that is created by AppGini ?

Actually, I have created a simple Login.php page to read user name and password, but failed, as it is alwasy returning Invalid Password :(


Thank you ...
THANK YOU...
AppGini Pro 24.11 -
Calendar - Search Page Maker - Summary Reports - Mass Update - DataTalk -
bizzworxx AppGini Helper JabaScript Library - bizzworxx Inline Detail-View - bizzworxx Helper Pack - AppGini Helper Packaging Tool -
Udemy course

User avatar
jsetzer
AppGini Super Hero
AppGini Super Hero
Posts: 1807
Joined: 2018-07-06 06:03
Location: Kiel, Germany
Contact:

Re: Read the MD5 Hashed Password

Post by jsetzer » 2022-10-02 20:25

Reading the md5-encrypted passwords is definitely possible.

Decrypting

md5 can be cracked by brute force or rainbow tables, for example. Cracking SHA encrypted string should be much more complicated and more time consuming, if possible at all (depends on algorithm).

Your aim?
I'm wondering what for you need this. For login/password validation you can simply compare md5('password') and db-stored password. There is no need for decryption of stored password.

Maybe you should describe your aim.
Kind regards,
<js />

My AppGini Blog:
https://appgini.bizzworxx.de/blog

You can help us helping you:
Please always put code fragments inside [code]...[/code] blocks for better readability

AppGini 24.10 Revision 1579 + all AppGini Helper tools

mohamed
Veteran Member
Posts: 80
Joined: 2020-04-19 16:18

Re: Read the MD5 Hashed Password

Post by mohamed » 2022-10-03 18:28

Hello Jan,
Thanks for your comments..

Actually, I have ahieved the comaprison using Password_Verify() function

** CODE SAMPLE **

Code: Select all

<?php
    if (isset($_POST['submit'])) {
        $UserName = $_POST['username'];
        $Password = $_POST['password'];

        // run the query after the POST ...
        $sql        =   "SELECT * FROM membership_users WHERE memberID = '$UserName'";
        $result     =   $connection->query($sql);

        if ($row = mysqli_fetch_assoc($result)) { 

            if  (password_verify($Password, $row['passMD5'])) 
                {
                    header("location:home.php");
                } 
            else 
                echo "Invalid Password"; 
                }
            else
               echo "Invalid UserName";     
    }
?>
THANK YOU...
AppGini Pro 24.11 -
Calendar - Search Page Maker - Summary Reports - Mass Update - DataTalk -
bizzworxx AppGini Helper JabaScript Library - bizzworxx Inline Detail-View - bizzworxx Helper Pack - AppGini Helper Packaging Tool -
Udemy course

Post Reply