Hacking like this is fascinating to me. If you work at all on the server side, it’s your responsibility to be up-to-date with exploits in the code you write.
Over the years, it’s become obvious that many programmers rely on md5 in PHP for a number of reasons, the most common of which can be considered the ‘safe’ generation of a string hash for use either in database queries or command line executions. Turns out it’s not as safe as we may have thought. Taking a look at the exploit explanation reveals an extremely clever way of exploiting a password entry field using a brute force md5 algorithm. Neat stuff!