PDA

View Full Version : Text to MD5


sjsteve33171
06-04-2008, 04:20 PM
Hi guys,

What i need is to be able for people to convert text to md5 hash.

The aim is i'm using a auth system based of website registration and certain member id's and group id's. Now i'd like to be able for them to authenticate via website name and password typed in the notepad.

So the program inputs their text entrys into a sql statement hardcoded in, and send it off for results. One of those things required would be thier password but in MD5 has form.

Is this possible?

MoT3rror
06-04-2008, 08:36 PM
md5($text);

http://www.php.net/md5

Dismounted
06-05-2008, 07:23 AM
Note that vBulletin uses more than a straight MD5 hash.

sjsteve33171
06-05-2008, 12:26 PM
This is my problem. As its not a simple


md5( $var)


I need a method... Any ideas?

Opserty
06-05-2008, 01:18 PM
md5( md5($password) . $salt)

sjsteve33171
06-06-2008, 02:12 PM
md5( md5($password) . $salt)


Perfect sense, but salt is

$salt = "SOME_RANDOM_NUMBERS_HERE";

So i need need to know how you generate your salt code so i can match it up.

Dismounted
06-07-2008, 06:40 AM
The salt field is contained within the user table. It is three random characters generated at registration. You will need to use the salt from the user table to verify users.

sjsteve33171
06-09-2008, 06:36 AM
Thanks all for your input. I Got this working so thought i would post this php script incase anyone else wanted to use it. It basically asks for the users name fetches all required info from the db then asks for their password in text and prints the password in vBulletin md5 format.

Fill in your host + db info and the rest should be fine as long as your on vBulletin!

<?php
if( eregi( "md5.php",$PHP_SELF ) )
{
Header("Location: http://www.some_website_here.co.uk");
die( );
}

$WebsiteUsername = $_POST['Website_Username'];
$WebsitePassword = $_POST['Website_Password'];
$UserVerify = $_POST['User_Verify'];
$Website_Uauth = "Unauthenicated";
$ReadyForPass = false;

$DB_Host = "";
$DB_Name = "";
$DB_Username = "";
$DB_Password = "";
$ConnectWebsite = mysql_pconnect($DB_Host, $DB_Username, $DB_Password) or trigger_error(mysql_error(),E_USER_ERROR);

if ($ConnectWebsite)
{
mysql_select_db($DB_Name) or die("[ERROR]Could Not Select The Database ($DB_Name)");
}

if (isset($WebsiteUsername) && $WebsiteUsername != NULL && $UserVerify == "Verify_That")
{
$CustomerInfoSQL = "SELECT username FROM user WHERE username='$WebsiteUsername'";
$CustomerInfoQuery = mysql_query($CustomerInfoSQL, $ConnectWebsite) or die(mysql_error());
$CustomerInfoFetch = mysql_fetch_assoc($CustomerInfoQuery);
$CustomerVerifyRowCount = mysql_num_rows($CustomerInfoQuery);

if ($CustomerVerifyRowCount == 1)
{
$Website_Uauth = "Authenicated";
$ReadyForPass = true;
}
else
{
echo "<div align=\"center\"><b>UNKNOWN USER DETECTED</b></div>";
die();
}
}
elseif (isset($WebsiteUsername) && $WebsiteUsername != NULL && isset($WebsitePassword) && $WebsitePassword != NULL && $UserVerify == "Verify_Pass")
{
$CustomerInfoSQL = sprintf("SELECT username FROM user WHERE username='%s'",
get_magic_quotes_gpc() ? $WebsiteUsername : addslashes($WebsiteUsername));
$CustomerInfoQuery = mysql_query($CustomerInfoSQL, $ConnectWebsite) or die(mysql_error());
$CustomerInfoFetch = mysql_fetch_assoc($CustomerInfoQuery);
$CustomerVerifyRowCount = mysql_num_rows($CustomerInfoQuery);

if ($CustomerVerifyRowCount == 1)
{
$SaltInfoSQL = "SELECT salt FROM user WHERE username='$WebsiteUsername'";
$SaltInfoQuery = mysql_query($SaltInfoSQL, $ConnectWebsite) or die(mysql_error());
$SaltInfoFetch = mysql_fetch_assoc($SaltInfoQuery);
$SaltVerifyRowCount = mysql_num_rows($SaltInfoQuery);

if ($SaltVerifyRowCount >= 1)
{
$SaltFound = true;
$UsersSalt = $SaltInfoFetch['salt'];
}
}
else
{
echo "<div align=\"center\"><b>UNKNOWN USER DETECTED</b></div>";
die();
}

}

?>
<html>
<head>
<title>Text To vBulletin Password Converter</title>
</head>
<body>
<?php
if (!isset($WebsiteUsername) && $Website_Uauth == "Unauthenicated" && $ReadyForPass == false)
{
?>
<form method="post" action="<?php echo $_SERVER['PHP_SELF']?>">
<table border="1">
<tr>
<td>Enter your User:</td>
<td><input type="text" name="Website_Username" value="" maxlength="25"></td>
</tr>
<input type="hidden" name="User_Verify" value="Verify_That">
<tr>
<td align="center" colspan="2"><input type="submit" value="Verify User"></td>
</tr>

</form>

<?php
}
elseif (isset($WebsiteUsername) && $Website_Uauth == "Authenicated" && $ReadyForPass == true)
{?>
<form method="post" action="<?php echo $_SERVER['PHP_SELF']?>">
<table border="1">
<tr>
<td colspan="2">Valid User: <font color="#009900"><?php echo $WebsiteUsername?></font></td>
<input type="hidden" name="Website_Username" value="<?php echo $WebsiteUsername?>">
</tr>
<tr>
<td>Password:</td>
<td><input type="text" name="Website_Password" value=""></td>
</tr>
<input type="hidden" name="User_Verify" value="Verify_Pass">
<tr>
<td align="center" colspan="2"><input type="submit" value="Click To Create MD5 Value"></td>
</tr>

</form>
<?php
}
elseif($SaltFound == true && $UsersSalt != NULL)
{
$code = md5( md5( $WebsitePassword ) . $UsersSalt );
echo "The password you have entered is: ".$WebsitePassword."<br>";
echo "The md5 password is: ".$code."";
}
?>
</body>
</html>

Marco van Herwaarden
06-09-2008, 06:58 AM
I would not suggest anyone to use this script as it is vulnerable to SQL-Injections.

sjsteve33171
06-09-2008, 09:58 AM
Any suggestions then to make it secure?

It was more of a 'This is how i got it working' more than a 'Here's how to'. Im not up to date on high security as i'm still learning, Was hoping it may help some

Marco van Herwaarden
06-10-2008, 10:32 AM
The first i would suggest is to read up on the articles about creating secure scripts (see the articles section).

1 example of vulnerable code:

$WebsiteUsername = $_POST['Website_Username'];
.......
if (isset($WebsiteUsername) && $WebsiteUsername != NULL && $UserVerify == "Verify_That")
{
$CustomerInfoSQL = "SELECT username FROM user WHERE username='$WebsiteUsername'";
$WebsiteUsername is uncleaned user input. Should at least escaped before used in a query.

Opserty
06-10-2008, 12:33 PM
Googling "SQL Injections PHP Prevent" will probably yield some tutorials on how to secure the script.