I’m creating a python script that logs into a website (in this case, it’s the url to update your IPv4 endpoint for Tunnelbroker.net), and it uses a hashed username and password.
My question is this. If I use echo mypassword | md5sum it gives me a different hash than a python script that I found (using hashlib and hashdigest to accomplish the task).
For example, if “mypass” is robots, echo robots | md5sum gives me 2cf61812c352ec4fd0dae8f52874701d but if I run it through the python script, I get 27f5e15b6af3223f1176293cd015771d
- the script that I’m using is found at http://wiki.python.org/moin/Md5Passwords
My question is simply this: Will the website be able to decrypt either of those and get “robots”? I ask this, because I want to include a variation of the python script for hashing the password (in case the end user is on Windows or another operating system that can’t generate a MD5 hash).
Thanks in advance, and have a great day:)
Patrick.
md5and passwords in the same sentence gives me chills..md5is a type of one-way hash function, which mean there should be no way to “decrypt” once hashed. It is not an encryption function. However, with rainbow table (and possibly other ways), you can recover some common strings from amd5hash, which makes the idea of usingmd5to encrypt password even worse.But anyway, here is the answer:
No, the Python script’s answer is the correct one. If you use
echo -n "robots" | md5sumyou will see they are the same:27f5e15b6af3223f1176293cd015771dThe reason is
echowill append a newline character at the end of the string it’s echoing (surprise!), adding-nwill not print the newline char and hence give you the right result.Alternatively, you can simply use
md5sum -s "robots"ormd5 -s "robots"to generate the hash without usingecho.Reference for
echo:What password hashing algorithm to use?