How do I decrypt MD5

Question

1.00/5 (3 votes)

See more:

I have use the following code to encrypt password:

public static string GetMD5(string input)
{
    using(MD5CryptoServiceProvider MD5 = new MD5CryptoServiceProvider())
    {
        byte[] b = System.Text.Encoding.UTF8.GetBytes(input);
        b = MD5.ComputeHash(b);
        System.Text.StringBuilder sb = new System.Text.StringBuilder();
        foreach(byte x in b)

            sb.Append(x.ToString("x2"));

        return sb.ToString();
    }
}

Now I need to decrypt it

What I have tried:

Here is the code I used to decrypt password but it didn't work !

public static string decrypt(string input)
{
    try
    {
        var encoder = new System.Text.UTF8Encoding();
        System.Text.Decoder utf8Decode = encoder.GetDecoder();
        byte[] todecodeByte = Convert.FromBase64String(sData);
        int charCount = utf8Decode.GetCharCount(todecodeByte, 0, todecodeByte.Length);
        char[] decodedChar = new char[charCount];
        utf8Decode.GetChars(todecodeByte, 0, todecodeByte.Length, decodedChar, 0);
        string result = new String(decodedChar);
        return result;
    }
    catch (Exception ex)
    {
        throw new Exception("Error in base64Decode" + ex.Message);
    }
}

Posted 8-Apr-19 9:00am

Member 12919448

Updated 8-Apr-19 15:48pm

Add a Solution

Comments

[no name] 8-Apr-19 15:02pm

MD5 is a hash and you can't get the original message back from it. Think about MD5 like a complex checksum.

Read this:Cryptographic hash function - Wikipedia[^] and also this Quote:One-way function - Wikipedia[^]

Member 12919448 8-Apr-19 15:11pm

I don't think so, I used https://www.md5online.org/md5-decrypt.html to check and it gave me a plain text of the password

[no name] 8-Apr-19 15:15pm

Yes and what we can read there: "This algorithm is not reversible, it's normally impossible to find the original word from the MD5. Our tool uses a huge database in order to have the best chance of cracling the original word.
Just enter the hash in the MD5 decoder in the form above to try to decrypt it!
Words in the database: 1,154,869,575,613"

So please try this site with a GUID and test your luck ;)

[no name] 8-Apr-19 15:24pm

It's using a "table" of known hashes for given "words". Try something "longer".

alexcoder99 9-Apr-19 10:52am

Why do you want to decrypt it? If you are performing a password comparison you need to compare two hashed values (using the same hash method to encrypt the plain text password)

3 solutions

Solution 3

You don't.

All that you can do with a cryptographic hash is make a comparison.
If this was a password you would apply the same hashing algorithm to the user entry and see if it matches what is saved.
This not only applies to MD5, but also would apply to the SHA family, bCrypt (blowfish), and other popular routines.

As for MD5 itself; it is not safe for cryptographic use due to vulnerabilities. It is still considered safe for other purposes such as data integrity & checksums which generally are not intentionally corrupted

Posted 8-Apr-19 13:38pm

MadMyche

Solution 4

You Can't decrypt MD5
The link you mentioned it only decrypt MD5 which you encrypt there or someone else did
You try This String

a23ee3caaeef2cf08e96dde037a74df4

It will not decrypt but once you encrypt the original data it will decrypt data
you can try with this original data string as below

amount=1&currency=USD&fields=id,amount,notify_status,currency,time,reference,notify_id&id=3ea3b468735b81e1ef5536d91&notify_id=D0000036689-e915dc40b72c89e4ed55&notify_status=success&reference=190404184802PTM03498&time=20190404104820&token=AC12A68A47E1D4569A98688062F9860D0

Posted 8-Apr-19 15:49pm

AtulSharma609

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Dave Kreskowiak · Accepted Answer · 2019-04-08T09:30:00

Solution 1

You can't. MD5 is NOT an encryption. It's a cryptographic hash. You cannot "decrypt" a hash back to the original content.

The problem with what you linked to is that, because of collisions, you cannot guarantee that the text that technique comes up with is the only string that generated that hash. They used a dictionary of known hash values representing known strings. It's a "give us a hash value and we look up the string we used to generate that hash".

A collision is where more than one input string can generate the same hash value. MD5's hash result contains such a small number of bits (as far as hashes go), the chances of a collision is higher than other hashes using more bits.

Think about it. Is it possible to represent an unlimited number of possible strings in a limited, small number of bits? Nope.

Also, NEVER USE MD5 TO HASH PASSWORDS!! MD5 is considered broke because of the relatively small investment in computing power required to guess the string that generated the hash.

Posted 8-Apr-19 9:30am

Dave Kreskowiak

Updated 8-Apr-19 9:34am

v3

Comments

[no name] 8-Apr-19 15:54pm

A 5 for mention the collisions.
I'm a completely noob in this cryption things. So can you explain me why MD5 (128 Bit) is out and GUID (128 Bit) is still something we can rely on?
Thank you in advance.

Dave Kreskowiak 8-Apr-19 17:13pm

A GUID is a globally unique identifier. Basically, just a number arbitrarily assigned to a piece of information, like a record in a database. It's not an encryption at all. It's really not even "globally" unique as far as machines in the world are concerned. It's unique "enough" though. The chances of a collision are almost 0. It is possible for two machines somewhere in the world generate the same UUID.

In most cases, you don't even get the full 128-bits to use, limiting the number of possible combinations! The reason for that is in the various formats for versions of UUID or GUID (MS). Go read the version information on UUID at https://en.wikipedia.org/wiki/Universally_unique_identifier#Version_1_(date-time_and_MAC_address) to find out what data is used to make up various UUID values.

A cryptographic hash runs a stream of bytes through an algorithm that changes a resulting set of bits in some way. Since the result of MD5 is always 128 bits, you get a limited number of possible outcomes. The more you use MD5, or generate values from it, or any hashing algorithm for that matter, the higher the chance of a collision. The more bits the result contains, the lower the chance.

Soooo what did that just mean? Well, say you have a hashing algorithm that generates 32-bit values. That gives you 4.294 billion possible combinations, basically, a list of possible values. Now, throw a string of bytes at the algorithm and it'll give you one of those values from the list, essentially removing it from the list. Now give it another string of bytes, you get another hash value from the list. Keep going and the number of possible hash values keeps decreasing. There isn't an actual list. This is just probability analysis. If you want a really good description of what's going on, read this: Hash Collision Probabilities[^]

[no name] 9-Apr-19 3:03am

Thank you very very much for this.