Moderator
Jan Dembowski
(@jdembowski)
Forum Moderator and Brute Squad
How the passwords can be decrypted?
They can’t. They are being coded using a one way hash and you cannot get the passwords from those hashes (see one way part).
Since there’s never a real reason to get those passwords. What are you trying to accomplish as an end point?
Hey Rajesh,
The idea of encryption on the passwords is that it’s generally one directional..
you may be interested in this post from 2 years ago that the lovely esmi helped with http://ww.wp.xz.cn/support/topic/encryption-algorithm-used-for-passwords-in-wp_users-db-table?replies=4
in it she links to this article http://www.cedricve.me/2011/07/18/how-to-make-use-of-wordpress-passwords/
I have also found this particularly useful for understanding the basics of password encryption, hashing and salting http://thomashunter.name/blog/password-encryption-hashing-salting-explained/
with regards to decryption though.. that would be an answer for someone else.. i would imagine even with the salt from the wp_config file, you’d still need to run the encrypted password through some kind of dictionary cracker.. ive not had much experience with that side of the password stuff
