md5 dehash

@# Quotes DB useful, funny, interesting




	Page: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 Comments: <0> arpad-: i even md5'ed the salt :P <1> </sarcasm> <2> oh you're right Xyphoid... while($RS) { Stuff; $RS = mysql_fetch_object($result); if(!$RS) { last loop } } <- that's it right? <0> StaZ[home]: is $RS defined? <3> Fushuing: No, that's not paranoid. That's stupid. Just stupid. <4> arpad-: I do <2> Fushuing yeah i'll define it before <0> Stormchaser: what do you suggest? <3> sha1() <0> blowfish and then md5 hash it twice? <0> or just blowfish? <4> arpad-: I use md5 <5> why do that? <5> use a salt <3> do you want to have retrievable p*word? <0> uuuh...no <6> Tarantulafudge: ok, just didn't look like it from what you pasted <4> arpad-: well, I forgot the md5() section <0> lost pword, contact the admin <0> so i know who is secure and who isn't -_- <0> why would you de-recommend md5()->blowfish->md5() ? <0> they all three have salts btw :) <0> of 11 characters <6> combining functions like that is dangerous <0> and the blowfish key is 50 characters ^_^ <7> what's the difference between uploading the pear directory manually and installing it via the go-pear gui? <0> arpad-: works fine over here :S <6> i'd just use a stronger hash <0> they would helluva time to decrypt/dehash it <0> to retrieve the original p*word, which most users use on the most sites where they are a member of -_- <5> I dont think a hacker would try to dehash it Fushuing <5> there are more interesting things to do <0> collide then <3> coughcollisions <5> yeah, they are more probable <1> It doesn't matter what you do before the md5, it doesn't improve the security <0> it at least keeps the original p*word safe :) <1> Probability of collision is pretty much the same anyway <0> but the ORIGINAL pword is still safe :P <0> i've seen md5 hashes being cracked in 10 minutes :S <0> but that was just plain luck ^_^ <1> You can't "crack" md5 <0> someone actually used the LETTER Z as a PWORD <6> more likely a rainbow table <1> All you can do is find collisions <5> I really dont think so <6> which is useless against salts <0> it was saltless <3> Dragnslcr: Sure you can. Brute force. <7> what are salts? <0> oh god.. <3> in the stores. <6> NaCl :\| <0> they spice up your food so it's EATABLE <0> so you don't taste the food <3> lol <7> and now seriously <0> i am serious :S <5> $hash = md5($salt.md5($_POST['pword'].$salt)); <0> now, time to implement BBCODE :) <3> atwhever: Salt is food spice. I use it daily for cooking... <5> thats a salt <0> danf_1979: vBulletin? <5> uhm? <0> you got that from vBulltin sourcecode, right? <5> Nope, I dont know vBulletin code <0> hrmm... <0> wanna see my example? <5> if you want <0> $crypt = new pcrypt(MODE_ECB, "BLOWFISH", $blowfishkey); $pword = md5(md5($crypt->encrypt(md5(md5($pword) . $salt))) . $salt); <0> stare in awe :) <6> through the tears <0> :P <0> you're jealous <7> what makes you think that i dont know what salt is? i was asking for those specific salts you are connecting with that md5 thingy <0> ... <0> that IS the salt <7> ah ok <8> !+md5 <9> MD5 is a message digest (one-way hash), it is typically used to create digital signatures and for preventing pwords from being stored in plain text. IT IS NOT ENCRYPTION. http://www.faqs.org/rfcs/rfc1321.html See also SHA1 for a stronger hashing method as vulnerabilities in MD5 have been discovered. Hint: if(md5($User_entered_pword) == $stored_user_p*word){} <5> there is a sha256 out there <5> on devnetwork <0> md5() has vurnerabilities? <6> and a sha512, and so on <0> danf_1979: is it free? <5> Yep <5> GPL <6> it's in mhash iirc <0> where can i get sha4096? <0> comeon :/ <6> lol <3> I have absolutely NO idea, weither I should start laughing or crying... <0> don't fail me now! <0> </SARCASM> <0> sjees :D <0> calm down jymmm <1> The rest of us have been crying for 15 minutes or so <8> Fushuing Yeah, tell me what to do will ya. <5> I haven't seen any implementation of sha512 and above, but sha256 is on devnetworks forums <5> for php4/5 <0> why am i not honoured in the topic? -_- <0> mentioned <10> ahh im getting spammed by the op! <10> :P <0> anyhow, about sha512...is there a PHP Cl* out there i can use right away and implement into my project on top of my current scheme? :) <8> Fushuing go google <0> google is open at the moment <5> Fushuing, sha256 is strong enough <8> Fushuing not a time to be *ing around <0> :( <0> comeon, i need to hide my site from the F B I <3> Fushuing: Don't push it... Just... Don't... <0> fine fine, i already found it on php :S <11> what's sha512? <0> now if only the link worked slaps himself on the forehead* <8> Monkey_b google <11> sorry <3> I thought yesterdays was BAD here... Today is worse <2> hm... what's wrong in there : echo '\n\t' it's actually printing \n\t !? <8> Stormchaser heavy sigh <3> !tell StaZ[home] about quotes <8> StaZ[home] you need to RTFM... <0> oh man, if you only knew how many webservers of UNIVERSITIES have phpinfo.php open to the public... <8> StaZ[home] and what was just msg'ed to you <12> I need something to store pairs of data consisting of a string and a number, eg {"foo",1},{"bar",2} and then be able to sort based on the number. Is a 2d array the best way to do this, or does PHP4 have something better? <2> oh... sorry i thought it was only $var that wasn't parsed no need to be disrespectul... <8> Carbuncle theres strings and theres arrays, pick one <13> if i have an array of objects and i want to retrieve an object based on one of the properties is the easiest way to foreach through the array? or is there an function that does that sort of thing? <8> StaZ[home]: It's VERY disrespectful to come in here and ask somethign that could have easily been asnwered if you had read the manual like we did. <12> Jymmm, what do you mean? I need to have descriptive names ***ociated with each value so I can sort on them <8> Carbuncle yes, arrays is what you want. <8> NEXT! <0> wrrryyy... <0> unable to load dynamic library >.< <0> while it's right there! <3> no it isn't <0> let me guess, i need to compile it under windows because the pre-built installations don't have mhash support? <3> does your PATH know it's there? <0> i have mysql support, don't i? <8> Fushuing: You're using php, trying to come up with some super duper decoder ring is a waste of time. <3> :) <0> still, it's interesting to see how many hashing/encrypting things i can put in a single line :D <8> Fushuing In the time you are taking to do this you could have been more productive masterbating - not that we what your DNA replicating or anything, but still. <5> LOL <14> ouch <11> :x <0> :P <0> is it so bad to go and discover what PHP can do until you break it? Name: Comments: Please enter the result of the sum 63 + 46 (to avoid spam): Return to #php or Go to some related logs: php not using scientific notation LiveCD fuse-NTFS error processing totem-xine wondershaper yast mke2fs ubunti vga 0x344 stop firewall yast2-firewall php socket_create no error example of pear quickform class useage #perl

Home | disclaimer | contact | submit quotes