1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

MD5 Decryption or Wordpress via PHPMyAdmin

Discussion in 'Black Hat SEO' started by idlemind, Jan 26, 2017.

  1. idlemind

    idlemind Junior Member

    Joined:
    Jan 13, 2010
    Messages:
    175
    Likes Received:
    164
    Occupation:
    affiliate marketing, lead generating,design,printi
    So i have a client whom i've designed a website for using wordpress, and it was paid for. He is very satisfied with the website. Shortly after we began having problems, mostly with my client saying some colorful things about me to people who know me..word got back very fast. With that aside, he asked if I could do some updated on the website, which i happily did. Business is business. Now he changed my login information for the site and he still owe's me money for the updates. I still have access to godaddy and have reason to believe that he will attempt to not pay me for services rendered. Is there a way to see his updated password using PHPMyAdmin? I can see that he changed the email address for admin and obviously changed the password. The password in PHPMyAdmin is in MD5 encryption. I would like to be a step ahead in the event that he decides to not pay. AS this has happened in the past and I wouldnt transfer the website until it was paid for in full. Is there a way to decrypt the MD5? Or see the new admin password? In the event of non payment i would like to put up an under construction page or undo the work I did already....
     
  2. Fus3d

    Fus3d Registered Member

    Joined:
    Oct 27, 2016
    Messages:
    72
    Likes Received:
    31
    You can't decrypt hashes, you can change password from phpmyadmin however.

    I think best option is to do this and restrict access until payment is made.
     
    • Thanks Thanks x 1
  3. CyncUnany

    CyncUnany Registered Member

    Joined:
    Dec 28, 2011
    Messages:
    54
    Likes Received:
    8
    Occupation:
    Clicking a mouse
    Location:
    The Beach
    Or make another admin account in case you need to get back on it in the future.
     
    • Thanks Thanks x 1
  4. Zho999

    Zho999 Newbie

    Joined:
    Jul 13, 2016
    Messages:
    20
    Likes Received:
    6
    Gender:
    Male
    Unfortunately, MD5 is not actually encryption. That being said, it may be used in parts of encryption algorithms. MD5 is actually what is known as a hash function. More specifically it is a one way hash function. All this means is that the password is actually transformed and much or the original data is actually 'lost' or 'forgotten' as part of the transformation.

    For example: An MD5 is always 128 bits long. All this tells you is that there are 2128 possible hashes (of the MD5 assortment). That is a reasonably large number, and yet it is most definitely finite. And yet, there are an infinite number of possible inputs to a given hash function (and most of them contain more than 128 bits, or a measly 16 bytes). So there are actually an infinite number of possibilities for data that would hash to the same value. The thing that makes hashes interesting is that it is incredibly difficult to find two pieces of data that hash to the same value, and the chances of it happening by accident are basically 0.
     
    • Thanks Thanks x 1
  5. cloakcoder

    cloakcoder Newbie

    Joined:
    Jan 26, 2017
    Messages:
    4
    Likes Received:
    3
    Gender:
    Male
    As said before, MD5 is not encryption, and therefore cannot be decrypted. However you can brute force it if you're lucky with a tool like: crackstation dot net.

    However if the password is arbitrary or long enough, this won't help you, but you can give it a try.

    @Zho999: Nice stackoverflow copy paste mate!
     
    • Thanks Thanks x 1
    Last edited: Jan 26, 2017
  6. neu009

    neu009 Jr. VIP Jr. VIP

    Joined:
    Jul 29, 2009
    Messages:
    1,152
    Likes Received:
    309
    Easy peasy: Have another wp install ? Just copy that username and pass from phpmyadmin into that DB and voila .. Log in with the user and PW you know.
     
    • Thanks Thanks x 1
  7. cloakcoder

    cloakcoder Newbie

    Joined:
    Jan 26, 2017
    Messages:
    4
    Likes Received:
    3
    Gender:
    Male
    Referring to your own solution, yes you can change the password in phpmyadmin: just open the admin account record in the wp_users table, change the password, and make sure to select 'MD5' as 'function' in phpMyAdmin
     
    • Thanks Thanks x 1