Disclosure and limits Disclosure and limits of this Proof-of-concept you'd better read it before using the Proof of concept Read secure mysql against password crack   crack a MySQL pass in 1 minute Proof-of-concept of the MySQL Password crack by Philippe Vigier / iAPX Available after the delay MySQL AB asked for.   John-the-ripper vs. MyHack Compare John-the-ripper versus my own hack strengths and weaknesses of each one, and cracking mysql password benchmark...       Cracking old MySQL Passwords MySQL have 2 differents password storage scheme, the old-password scheme, that I crack, and the MySQL 4.1+ new scheme (a double SHA-1 that seems really robut at first sight). Albeit it's 5 years since new scheme has been launched, almost each and every web installation of MySQL seems to use to old-scheme, at least for some passwords. My crack is based on Chess-game concepts, and especially chessmate-search algorithm. Seems weird, but it actually work well using a mix of brute-force, search-extension, position analysis, no-ply evaluation, ...read the details My goal was to obtain a 8 or 9 MySQL password from it's fingerprint (stored in the user table of mysql database) within a day. Actually, you need a quad-core for it. (such as an Apple MacPro) Please read the disclosure page before cracking any pass. Thanks.

CC page under Creative Common Licence