how to decrypt the crypt("name")
how开发者_如何学JAVA to decrypt the crypt("name")
You can't. From the documentation:
Note: There is no decrypt function, since
crypt()
uses a one-way algorithm.
Reading documentation helps ;)
crypt is one way hashing, you can't decrypt it.
If you want to compare it against another string you could crypt that too and then compare the two crypted strings.
crypt — One-way string hashing
use two way hashing
try with mcrypt
tutorial
Since crypt() produces a hash decrypting is not possible. If you need to guess the original data ("name") you can use a combination of a brute force algorithm and a huge dictionary.
I have find an example for mcrypt and create the two functions, for text or for binary files:
function MyDecrypt($input,$key){
/* Open module, and create IV */
$td = mcrypt_module_open('des', '', 'ecb', '');
$key = substr($key, 0, mcrypt_enc_get_key_size($td));
$iv_size = mcrypt_enc_get_iv_size($td);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
/* Initialize encryption handle */
if (mcrypt_generic_init($td, $key, $iv) != -1) {
/* 2 Reinitialize buffers for decryption */
mcrypt_generic_init($td, $key, $iv);
$p_t = mdecrypt_generic($td, $input);
return $p_t;
/* 3 Clean up */
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
}
} // end function Decrypt()
function MyCrypt($input, $key){
/* Open module, and create IV */
$td = mcrypt_module_open('des', '', 'ecb', '');
$key = substr($key, 0, mcrypt_enc_get_key_size($td));
$iv_size = mcrypt_enc_get_iv_size($td);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
/* Initialize encryption handle */
if (mcrypt_generic_init($td, $key, $iv) != -1) {
/* 1 Encrypt data */
$c_t = mcrypt_generic($td, $input);
mcrypt_generic_deinit($td);
return $c_t;
/* 3 Clean up */
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
}
}
For Example Crypt a string :
$original_text = "Hello world !";
$password = "abc123";
echo '<p>Original_text: '.$original_text.'</p>';
$crypted_text = MyCrypt($original_text,$password);
echo '<p>Crypted_text: '.$crypted_text.'</p>';
$decrypted_text= MyDecrypt($crypted_text,$password);
echo '<p>Decrypted_text: '.$decrypted_text.'</p>';
echo '<p>And if I try with a wrong password?</p>';
$wrong_decrypted_text= MyDecrypt($crypted_text,"wrong_pw");
echo '<p>Decrypted with wrong password: '.$wrong_decrypted_text.'</p>';
I hope helpful
You can't truly decrypt it, because there are (infinitely) many strings such that crypt($input) == crypt("name")
-- but you can, via brute-force trial-and-error, find some of those strings.
If you know or suspect that the original string is a short dictionary word, and you find a short dictionary word that produces the same output, chances are you have "decrypted" the original string.
md5 and many weaker hash functions are attacked in this way routinely.
<?php
$hashed_password = crypt('mypassword'); // let the salt be automatically generated
/* You should pass the entire results of crypt() as the salt for comparing a
password, to avoid problems when different hashing algorithms are used. (As
it says above, standard DES-based password hashing uses a 2-character salt,
but MD5-based hashing uses 12.) */
if (hash_equals($hashed_password, crypt($user_input, $hashed_password))) {
echo "Password verified!";
}
?>
精彩评论