vb.org Archive
Page 2 of 4 1 2 34
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vBulletin 3.0 Full Releases (https://vborg.vbsupport.ru/forumdisplay.php?f=33)
-   -   PM Encryption - Encrypt all your PMS! (https://vborg.vbsupport.ru/showthread.php?t=79484)

Trigunflame 04-06-2005 06:36 PM
Zach, it does not matter which type you use. Whatever is used to has to translate the message back into plaintext, thus there is no point to this hack whatsoever.

Zachery 04-06-2005 06:41 PM
Quote:
Originally Posted by Trigunflame
Zach, it does not matter which type you use. Whatever is used to has to translate the message back into plaintext, thus there is no point to this hack whatsoever.
You could store the key and the encryption type in the database or in a file somewhere. Or even make it an extra option for two users to create their own keys to be shared with eachother.

Its more than possible to encrypt them so an external source who may gain access to your database will not be able to read their contents.

Deaths 04-06-2005 06:43 PM
How is a user going to tell which encryption (or whatever you want to call it) you're using?

Ofcourse, anyone can translate it back, else this hack wouldn't even be possible.

Zachery 04-06-2005 06:44 PM
Quote:
Originally Posted by Deaths
How is a user going to tell which encryption (or whatever you want to call it) you're using?

Ofcourse, anyone can translate it back, else this hack wouldn't even be possible.
I didn't say it was easy, just possible.

Deaths 04-06-2005 06:45 PM
@Zach thats a very nice guide, but users would need to install it first, wouldn't they?

EDIT I'm too slow today :/

Deaths 04-06-2005 06:47 PM
I was replying to Trigunflame's post, but you just reply too fast :)

Trigunflame 04-06-2005 06:47 PM
Quote:
Originally Posted by Zachery
You could store the key and the encryption type in the database or in a file somewhere. Or even make it an extra option for two users to create their own keys to be shared with eachother.

Its more than possible to encrypt them so an external source who may gain access to your database will not be able to read their contents.
That's my point. If a person got access to the db, what is to prevent them from using the key itself.

All they would have to do is try different variations of encryptions, and arragements of the keys in relation to the data encrypted.

Whats worse, if they were a member at vbulletin.org, they will Know the arrangement of the keys, just by viewing this hack.

Zachery 04-06-2005 06:48 PM
Quote:
Originally Posted by Trigunflame
That's my point. If a person got access to the db, what is to prevent them from using the key itself.
Like I said, It does not need to be stored in the database. I would assume if someone needs something like that encrypted they will give the second user the key so they can decrypt it.

Deaths 04-06-2005 06:49 PM
But would the user installing this hack also need to install Mcrypt, or did I just read that wrong?

Trigunflame 04-06-2005 06:51 PM
Quote:
Originally Posted by Deaths
But would the user installing this hack also need to install Mcrypt, or did I just read that wrong?
Mcrypt is compiled in most installations on *Nix.

And yes they would need it... however, there is no point to it. If you did use a key encryption, I would do it somewhat like;

encryption(plaintext password . PMData . passwordHashinVbulletin)

there has to be some form of user input, or they would be no point; as zach mentioned.


All times are GMT. The time now is 01:47 PM.
Page 2 of 4 1 2 34
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01207 seconds
  • Memory Usage 1,737KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (5)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (3)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete