Page 1 of 1
Read the MD5 Hashed Password
Posted: 2022-10-02 18:54
by mohamed
Hello,
Is it possible to read the MD5Pass or Hased Password from the MySQL that is created by AppGini ?
Actually, I have created a simple Login.php page to read user name and password, but failed, as it is alwasy returning Invalid Password
Thank you ...
Re: Read the MD5 Hashed Password
Posted: 2022-10-02 20:25
by jsetzer
Reading the md5-encrypted passwords is definitely possible.
Decrypting
md5 can be cracked by brute force or rainbow tables, for example. Cracking SHA encrypted string should be much more complicated and more time consuming, if possible at all (depends on algorithm).
Your aim?
I'm wondering what for you need this. For login/password validation you can simply compare md5('password') and db-stored password. There is no need for decryption of stored password.
Maybe you should describe your aim.
Re: Read the MD5 Hashed Password
Posted: 2022-10-03 18:28
by mohamed
Hello Jan,
Thanks for your comments..
Actually, I have ahieved the comaprison using
Password_Verify() function
** CODE SAMPLE **
Code: Select all
<?php
if (isset($_POST['submit'])) {
$UserName = $_POST['username'];
$Password = $_POST['password'];
// run the query after the POST ...
$sql = "SELECT * FROM membership_users WHERE memberID = '$UserName'";
$result = $connection->query($sql);
if ($row = mysqli_fetch_assoc($result)) {
if (password_verify($Password, $row['passMD5']))
{
header("location:home.php");
}
else
echo "Invalid Password";
}
else
echo "Invalid UserName";
}
?>