Follow us on Twitter!
It is never to LATE to become what you never WERE.
Wednesday, April 23, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 31
Guests Online: 24
Members Online: 7

Registered Members: 82881
Newest Member: DARKLECTER
Latest Articles
View Thread

HellBound Hackers | Computer General | Web hacking

Page 2 of 2 < 1 2
Author

RE: Base64 in Database


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 04-06-09 17:05
AldarHawk wrote:
Why do you need to encrypt the username anyways?

Read thread from beginning, base 64 was his initial idea actually then people started talking about other things that he didn't yet know enough about and confused the hell outta him.
To MH-IA, thank you for proving my point.


Author

RE: Base64 in Database


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 04-06-09 18:20
I just rembered something: I had to make a program a couple of weeks ago (in C#). Had to make a login form and the password was encrypted stored and it was also decryptable. I used Rijndael for this. I've found this example, so I will try to do it this way.

[EDIT]
Got test.php:

Code
<?php
class RijndaelManager
{
    $mykey = "THISisMyKey";
   
   function linencrypt($pass)
   {
        $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
        $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
        $cryptedpass = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $this->$mykey, $pass, MCRYPT_MODE_ECB, $iv);
       return $cryptedpass;
    }

    function lindecrypt($enpass)
   {
        $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
        $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
        $decryptedpass = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $this->$mykey, $enpass, MCRYPT_MODE_ECB, $iv);
       return rtrim($decryptedpass);
    }
}
?>




and test2.php:

Code
<?php
require("test.php");
$r = new RijndaelManager();
$p = $r->linencrypt("test");
echo "Encrypted: " . $p . "<br>";
echo "Decrypted: " . $r->lindecrypt($p);
?>




but unfortunally, it's not working ... :S THink there is an error in test.php but I can't find it; everything seems OK?????
[/EDIT]




Edited by on 04-06-09 18:34
Author

RE: Base64 in Database

spyware
Member



Posts: 4192
Location: The Netherlands
Joined: 14.04.07
Rank:
God
Warn Level: 90
Posted on 04-06-09 21:17
Don't you need to reuse MCRYPT_RAND when decrypting instead of creating new random data :+

Edit: Apparently, MCRYPT_RAND is a built-in linear congruential generator, which sucks. Get your random from some other place is my advice.



img507.imageshack.us/img507/3580/spynewsig3il1.png
"The chowner of property." - Zeph
[small]
Widespread intellectual and moral docility may be convenient for leaders in the short term,
but it is suicidal for nations in the long term.
- Carl Sagan
“Since the grid is inescapable, what were the earlier lasers about? Does the corridor have a sense of humor?” - Ebert
[/s

Edited by spyware on 04-06-09 21:19
http://bitsofspy.net
Author

RE: Base64 in Database


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 04-06-09 21:32
mcrypt doesn't (yet) work on my website, so I have to install it first. I have to get libmcrypt.so or phpmcrypt.so somewhere,,,


Page 2 of 2 < 1 2