PHPBB Coding

[Disk-t]

phpBB encrypts its passwords when I try to view them using phpMyAdmin. Does anyone know how to decode them?

[Aes]

Oh, if you find out, can you tell me how it encrypts AND decrypts them? I'd be interested in learning how to encrypt and decrypt things with PHP and MySQL.

[DR_LaRRY_PEpPeR]

they're md5()'d. you can't decrypt them. they're encrypted using PHP's md5() function. to verify them, they just re-encrypt the entered passowrd and see if it matches the one in the DB.

[Defender1]

yea, and it says somewhere that you CANT retrieve the password.
when someone loses theres a new one is just created and re-encrypted into the db.

[TWTCommish]

Originally posted by Aes
Oh, if you find out, can you tell me how it encrypts AND decrypts them? I'd be interested in learning how to encrypt and decrypt things with PHP and MySQL.

This might be interesting to you: mcrypt().

[redemption]

disk-t, just wondering y u want to decrypt passwords for...

other that that... i'd also want to know if this is possible...

[mitsubishi]

I don't think it's impossible to decrypt md5, just not at all likely. It is a complex process so to undo it with iteration would take, well I don't know, but I heard that mod encryption would take every computer on earth 5 billion years to work out if the key was sufficiently long enough. Also the result of de-encypting md5 would leave an infinate range of answers, because every string put into it comes out as a 32(?I think) digit string.

[James]

Pretty much impossible then

Really, there is no feasible way to decrypt a password in phpBB - that's why they're encrypted

[Disk-t]

http://neworder.box.sk/showme.php3?id=4541

[Hartmann]

You can't really say that MD5 is encryption.... It always returns a 32bit string that can be recreated. MCrypt is one of the best PHP modules around. Use it if you can.