How to Break Mysql Hashes

Recently I came through an article where MD5 hashes can be decrypted…What about other hashes can they be decrypted

Really? Could you post the link to that article please?

Since there are trillions of trillions of bazillions of possible valies that will all produce the same hash there is no way whatever that you can tell from a hash just what the original value was.

The purpose of a hash is to make it easy to detect minor changes to the original since any minor change will produce an entirely different hash.

You do need to make sure that the original file and the hash are passed to the recipient in different ways since if they are passed the same way then whoever has access to tamper with the original will also have access to replace the hash with one that matches the updated content defeating the purpose of producing the hash in the first place.

If the original hasn’t been tampered with then rehashing it will produce the same hash as it did the first time and the two hashes will match. If it has been tampered with then the new hash will be different from the old hash and you will know that it has been tampered with. There is nothing to decrypt with a hash since the hash by itself is useless without the original content.

As far as using a hash as the value to store in a database instead of storing the plain text password is concerned - that is done to prevent the support staff who look after from being able to see what password someone is using (and possibly be able to tell if they use the same password for different sites that are all on servers they maintain). Using a ‘salt’ with their password is sufficient to ensure that the hash that gets saved will be different from if they used the same password elsewhere and the simple fact that it is hashed will prevent the support staff from accidentally discovering someone’s password. So a deliberate effort would be required on their part to determins e a password that might work on other sites if the person is silly enough to use the same password for multiple logins. Also making that effort would almost certainly cause them to lose their job.