Decrypt a admin password (with salt)

[madhuri godade]

Hello,

I want decrypt a password which is encrypted by MD5.
there are 4 functions which i am using :

# Encrypts some data with the salt.
def self.encrypt(password, salt)
Digest::SHA1.hexdigest("--#{salt}--#{password}--")
end

# Encrypts the password with the user salt
def encrypt(password)
self.class.encrypt(password, salt)
end

def authenticated?(password)
crypted_password = encrypt(password)
end

def encrypt_password
self.salt = Digest::SHA1.hexdigest("--#{Time.now.to_s}--#
{login}--") if new_record?
self.crypted_password = encrypt(password)
end

please do tell me...

[Amol Hatwar]

On Nov 9, 2009, at 4:18 PM, madhuri godade wrote:

> Hello,
>
> I want decrypt a password which is encrypted by MD5.
> there are 4 functions which i am using :
>
> # Encrypts some data with the salt.
> def self.encrypt(password, salt)
> Digest::SHA1.hexdigest("--#{salt}--#{password}--")
> end

* Chop *

Madhuri, this is list is called "Rails Core", meaning code, problems and issues
relating to Rails code itself. Perhaps, you should try some other lists for your code
which is unrelated to Rails itself in the future.

In any case, MD5 is a hashing algorithm and a one-way function. Meaning, once
you get a hash, there is no way to get the original data back.

Also, in the code snippets that you gave, you are using SHA1: which is completely
different from MD5.

Cheers,

Amol Hatwar

[Matt Jones]

On Nov 9, 2009, at 5:48 AM, madhuri godade wrote:

> Hello,
>
> I want decrypt a password which is encrypted by MD5.
> there are 4 functions which i am using :

[snip]

> please do tell me...

OK. First, it's not possible. The only reason you'd want to do this if
you have access to the DB is if you're a hacker.

Second, this isn't a list for this kind of question - that's what
rails-talk is for.

--Matt Jones