1

I have hashed email Ids and I want to implement some process so that I can reverse hash string.
I just tried this approach using python hashlib and pycrypto modules, but unfortunately I failed , and also I read many posts on the same topic but none worked for me and fortunately I found something on google which says it do decrypt and encrypt which isn't true in case of HASHING, but it does the job. URL is https://md5decrypt.net/en/Sha256.
I was wondering how this website manage to do that.

Using hashlib I get

import hashlib
hashlib.sha256("[email protected]".encode())
<sha256 HASH object @ 0x7f55e30c3b20>
_.hexdigest()
'3ad0c9ce5b036587d08b4a13e7478ea4472ec32de04854bc37dcfed1baf760cc'

and from that website when i opted out for Encrypt I got 

Sha256([email protected]) = 3ad0c9ce5b036587d08b4a13e7478ea4472ec32de04854bc37dcfed1baf760cc

similarly when I used Decrypt option i got 

3ad0c9ce5b036587d08b4a13e7478ea4472ec32de04854bc37dcfed1baf760cc : [email protected]

so its a kind request from one who is willing to down vote. please analyse it before going ahead with down vote button.

I know hashing isn't reversible process, and I am curious about that website, if its not then how they are doing it?

Thank You.

Improve this question
6
  • Encryption is reversible. Hashing is not. Commented Nov 1, 2019 at 11:21
  • 1
    If hashes were reversible, they would not be useful. According to the information on the website you linked, it has a big database of computed hashes that it can look them up in. But given a hash it hasn't previously found, it cannot reverse it. Commented Nov 1, 2019 at 11:22
  • 1
    Input for md5 has arbitrary length, output is fixed length. Ergo, multiple inputs WILL hash to the same output. Therefore, inverse operations are not possible. Commented Nov 1, 2019 at 11:23
  • Guyzz please visit the website i have mentioned above and do compare with haslib results and lastly if not possible then how that website does it? Commented Nov 1, 2019 at 11:25
  • 2
    Did you read the page? It clearly says how it does it: by precalculating hashes of billions of strings and storing them in a database, then comparing input. Make an unlikely string that it probably hasn't ever seen before (e.g. "last Wednesday's schnitzel"), make a SHA2 hash somewhere other than that database (e.g. "dbef13ba1bdc76bd006f4dc7bec86c7968470ef8e7519033964132e56eb4efd8"), and see how well the "decryption" works. Commented Nov 1, 2019 at 11:30

3 Answers 3

Reset to default
2

So what you want is to get the original string from a hash? The main reason we use hashes is that they are non-reversible, so I don't think that's possible. You may got confused with encryption, which can decrypted using a key.

Sorry I can't be more helpful!

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

2

Cryptographic hash functions like SHA2, SHA3, Shake, Blake2, etc. are all one-way functions. They can hash arbitrary length inputs to a fixed size like 256 in SHA-256. Due to the pigeon principle, there are collisions and they are inevitable. But we expect to find if hard. We expect them to have;

  • preimage-resistance — for essentially all pre-specified outputs, it is computationally infeasible to find any input which hashes to that output, i.e., to find any preimage x' such that h(x') = y when given any y for which a corresponding input is not known.
  • 2nd-preimage resistance, weak-collision — it is computationally infeasible to find any second input which has the same output as any specified input, i.e., given x, to find a 2nd-preimage x' != x such that h(x) = h(x').
  • collision resistance, strong-collision — it is computationally infeasible to find any two distinct inputs x, x' which hash to the same output, i.e., such that h(x) = h(x').

In your case, it is the pre-image attack. Generic pre-image attacks on cryptographic hash functions have O(2^x)-time complexity where x is the output length of the hash function. In SHA-256 O(2^256)

The web site you have mentioned has a trick, then you want to SHA256 hash some text, they immediately store it on their database. When you asked about the hash value that you got from their site, they search for it on their database. It exists since they store it when you asked the hash value. So, you helped them to increase the hashes of their DB. They only have 6,128,202,407 sha256 hash database which is a tiny amount compared to possible outputs od SHA-256 that is 2^256

Side note: hashing is not encryption.

Improve this answer

Comments

1

Although you cannot find a unique mapping from a hashing and the data it was generated to, you can still maintain a database describing mappings between certain data and their hash. By doing a reverse research on the hash, you can find instances of data that would produce the particular hash you are looking for (if you get a match in your database).

Of course the database could have no match or contain multiple matches of the hash, because of the mathematical definition of a hash as being unilateral.

That is exactly how sites such as the one you provided work.

It is also the same mechanism used in hash tables.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.