Is there a way to convert sha256 to md5 hashing

Question

I'm trying to import users credentials from one database schema to another one without users needing to create a new password, So first user table (the one I need to import to the new site) uses sha256+salt(I think) and my new site is using md5+salt (I think) I have access to all files and stuff so I could locate the salt that's being used if I can somehow reverse engineer the sha256 to make it md5?

Is there a way to do this? if so how would I approach it? an example of the password would be:

old site: e3e922af8a36de975983b075b3bf5336bbb26c8008aa5d9b39aef8d85cb7eb32

new site: $S$Dbj.yBTjHV97QNLHwuoykWxzpNL9bxxFl4b8uoP1u1rJzCyDZb.e

I'll appreciate any input, Thank you!

Update: new site uses base64encode + salt which I know what is, just to be clear I'm not trying to actually be able to see their password in plain text, Can I convert sha256 -> base64encode with some mysql commands or something if I know the salt?

Answer 1

Simple answer: no.

Long answer: you could try cracking the hashed passwords, but this takes a lot of time and will only recover easily guessed passwords. However, you may be able to use the old hashed passwords in the new site.

First, let's talk about hash algorithms, encodings, and how passwords are stored.

Is there a way to convert sha256 to md5 hashing?

No, sha256 and md5 are hash algorithms which take any amount of data and produce a number. Change one bit of the data and you get a completely different number. Hashing algorithms are lossy, the number is much smaller than the data, there is no way to get the original data back. This is by design, you never store the actual password so if someone steals your hashed passwords they still don't have your passwords, but they can make very educated guesses.

Can I convert sha256 -> base64encode?

No, because they're two completely different things.

"base64encode" is not a hashing algorithm. Base 64 is a way to efficiently encode a number as text using 64 characters (A-Z, a-z, 0-9, +, /). "Hex" is another way to encode numbers as text, it uses 0-9 and a-f or base 16. It's very good at storing powers of 2 that computers like to work in. 11256099 (decimal) = abc123 (hex) = q8Ej (base64).

This is important, because as we'll see, your old site uses hex and your new site uses base64.

old site: e3e922af8a36de975983b075b3bf5336bbb26c8008aa5d9b39aef8d85cb7eb32

new site: $S$Dbj.yBTjHV97QNLHwuoykWxzpNL9bxxFl4b8uoP1u1rJzCyDZb.e

The old site encoded their hashed passwords in hex. 64 hex characters is exactly enough to store a 256 bit number (16^64 == 2^256) so it's likely hashed using sha256. There is no room for a salt.

The new site appears to be using some flavor of the passwd format. They generally follow a format like $id$salt$hashed. $1$aa$blahblahblah means the hashing algorithm was MD5, the salt was aa, and the base64 encoded hashed password is blahblahblah. I don't recognize what hash algorithm $S$ is, but that's not important to your question. The hashed password is base64 encoded as Dbj.yBTjHV97QNLHwuoykWxzpNL9bxxFl4b8uoP1u1rJzCyDZb.e... except for those dots. There is no salt.

This is good news! The passwd format on the new site is forward-compatible with new hash algorithms their passwords are stored in. You can convert your hex-encoded sha256 hashes to base64-encoded and then store them with the $5$ id for sha256.

For example, hex e3e922af8a36de975983b075b3bf5336bbb26c8008aa5d9b39aef8d85cb7eb32 is 4+kir4o23pdZg7B1s79TNruybIAIql2bOa742Fy36zI= in base64. The ID for sha256 is $5$ and there is no salt. Your new entry would be $5$4+kir4o23pdZg7B1s79TNruybIAIql2bOa742Fy36zI=.

You should ask your new site host exactly what format they're storing passwords in, because it's not quite standard passwd format.

Moving forward, new passwords should include a salt for better security. You should also use a more appropriate hashing algorithm such as bcrypt. There's nothing to be done about the old passwords except to ask your users to refresh their passwords and re-hash and salt them.

Answer 2

Unless you're prepared to crack their password, no, you can't convert as SHA2-256 hash to an MD5 one. You need to know the content that generated the hash in the first place.

When migrating from one hashing type to another the best plan is to normalize all your password hashes into a consistent form first and the Modular Crypt Format is the most widely supported.

If you can wrangle your old hashes into that form then you should be able to use them with password_verify. You can also update user passwords as they log-in by re-writing them with password_hash which uses Bcrypt by default.

Over time you can stomp out old SHA2-256 and MD5 passwords and limit your exposure.