vb.org Archive
Page 2 of 3 1 2 3
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB3 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=111)
-   -   Password encryption method (https://vborg.vbsupport.ru/showthread.php?t=71482)

Marco van Herwaarden 11-08-2004 10:56 AM
Quote:
Originally Posted by Nakor
and yep $row['password'] is the password field from the database.
The password stored in teh database already is a md5 hash. You can not calculate back teh password from it if this is what you're trying.

Like Kirby said, you can with that formula calculate the hash of a userinputed password to compaire to the (hashed) password stored in the database, to see if it matches.

Link14716 11-08-2004 12:14 PM
Quote:
Originally Posted by MarcoH64
The password stored in teh database already is a md5 hash. You can not calculate back teh password from it if this is what you're trying.

Like Kirby said, you can with that formula calculate the hash of a userinputed password to compaire to the (hashed) password stored in the database, to see if it matches.
He's trying to match to cookie value, with is hashed again with the license number.

Marco van Herwaarden 11-08-2004 12:20 PM
Quote:
Originally Posted by Link14716
He's trying to match to cookie value, with is hashed again with the license number.
Yes that's what he try to do, but if i read back his last 2 posts:
Quote:
ok I tried it like this:
echo md5($row['password'] . 'LicenseID');
Yet it still doesnt match =(
Also I confirmed that this is definately my license ID and not my customer ID.
And
Quote:
and yep $row['password'] is the password field from the database.
It looks like he is trying the md5 on the pass stored in the database.

Oops re-read the whole thing again, and i think i made a mistake here. You're probably right that he already understood it correct.

Nakor 11-08-2004 07:31 PM
Nah I can't get it heh, I'm full on trying all combinations of the password and my license ID but I doesn't salt go in there somewhere? And yeah I'm trying to compare the set cookie with the persons password to see if they REALLY are logged in.

Link14716 11-08-2004 08:26 PM
As said, the password stored in the database is md5(md5(password) . salt).
The password stored in cookies is md5(md5(md5(password) . salt) . licensenumber).

Paul M 11-08-2004 09:21 PM
Sorry to go slightly off topic, but what is the "salt" bit ?

Zachery 11-08-2004 09:35 PM
Quote:
Originally Posted by Paul M
Sorry to go slightly off topic, but what is the "salt" bit ?
Its a random blurb of 3-4 characters generated when someone registereds to further remove the ability of bruteforcing passwords :)

Nakor 11-08-2004 10:08 PM
Ok got it working, thanks heaps for the help =)

the drifter 12-03-2004 07:15 AM
Quote:
Originally Posted by Nakor
Ok got it working, thanks heaps for the help =)
how did you get it working i am trying to do the same

GreeceMonkey 12-06-2004 10:33 AM
Hello people,
can somebody help me with my SQL. I have the same problems as above, and still cant get it working.

Here is mySQL syntax

SELECT MD5(CONCAT(MD5("6536e4053b7eb3375d3ef92acceab8e2") , "Lxxxxxxx"));
the hash above is the one found in my password column in the user table

I took the licence number out of the post, but it is the L number at the top of all my PHP pages, however I cant get this to match the cookie value for the userpassword.

Can any body help ?

Graham


All times are GMT. The time now is 04:02 PM.
Page 2 of 3 1 2 3
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01111 seconds
  • Memory Usage 1,738KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (7)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (2)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete