Import it as a depencency, this is a release for developers.
Should be self explanatory on how to use.
FiveM-MD5.zip (4.0 KB)
Enjoy.
2 Likes
Great Release. I’ll mess around with this a bit later.
1 Like
What would be a use for MD5 hashing in GTA V?
1 Like
If someone has made a UCP panel within the game with the option to type password and username when entering that’d be good, until then. it will be useless for others because you have auto-log through the license key.
While just tossing a ZIP is nice, what is MUCH better is to grab a github account (if you don’t have one) and link it instead. Then people can see your code before blindly downloading a ZIP.
Not to mention, if you used the Lua-implementation of MD5 that I had linked to you in Discord when you were asking about this, you need to properly credit it according to the license issued for that code.
“Do it nice or do it twice.”
1 Like
It is literally an exact replica of that, the license is in there. The only change made is that he removed the functions from the table… not completely sure why.
To add to this resource: don’t use it to hash sensitive data, big chance that people can decrypt the md5 hash using an online decrypter tool, not good.
From a publicly available website:
We have a total of just over 829.726 billion unique decrypted MD5 hashes since August 2007.
Using some hashing algorithm from the SHA (preferring Keccak) family would be way more secure, but the tradeoff it’s more difficult to implement.
1 Like
perhaps actually looking at the file, you would see that the MIT license accreditation is already there.
Why would you want to use MD5. I don’t think there is really a use for it.
A checksum to validate submitted data with a server event?? Only use case I can think of for md5. But anyone that half way knows what they’re doing when cheating/hax0ring could just md5 it themselves.
1 Like
I wouldn’t use MD5 regardless of what you would be using it for its just too old/weak for any modern day use. If anything use something like bcrypt, scrypt, or argon2.
Generate a seed hash it, hash the password then save the seed alone and then add seed to password hash that that way you can save the password securely.
to save:
local seed = md5(generateseed())
local password = userpassword
mysql.save(seed)
mysql.save(md5(seed…password))
to retrieve:
local seed = mysql.fetch(md5savedseed)
local seededpass = mysql.fetch(md5seedpassword)
local password = getwhatuserenteredtopassword
if (md5(seed…password) == seededpass then loginsuccess() end
I am on mobile so this is the best I can do to explain how you can make md5 secure.
Yes that helps, but let’s face facts: md5 isn’t secure. You can salt it all you want. It’s still a defunct hash. I’m not saying there’s not a use case for md5, but I’d certainly not consider password storage one of them.
Well if you salt it enough unless the guy who gets hold of your data has a supercomputer with tons of raw processing power, it should be secure enough. In the end no system is secure, at least thats our motto right?.. As pen-testers?
You are correct. If it’s an acceptable risk for you, that’s all that matters. 
Certainly better than some of the plain text solutions that are on this forum.
2 Likes
I have used this for example, to create a one time “code” that users can use to link their ingame account to my own website’s panel, to use as a one time identification code that links up with the generated code on the website to make sure that the ingame account is linked to the website account. For example, SteamID(MD5+salted) is displayed to the user ingame as a “auth code” that the user can go onto the website and sign into steam/manually enter his steamid along with the authentication code. once this code has been used the code is placed into a blacklist and the website account is linked to the ingame player’s account.
Saving the password seed in the database doesn’t make sense. Instead, calculate the seed based on the given password.