Follow us on Twitter!
Things are more like they are now than they have ever been before. - Dwight D. Eisenhower
Friday, April 18, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 27
Guests Online: 22
Members Online: 5

Registered Members: 82829
Newest Member: mmoclauq
Latest Articles
View Thread

HellBound Hackers | Computer General | Increasing Security

Author

Password


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-03-06 09:41
I made a personal website and i'm wondering what the best
password protection would be? it would be best if it was encrypted too.


thx alot.Grin
Author

RE: Password


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-03-06 10:19
You should tell us for what you need password (for some part of site, ligin sistem etc.)?
Author

RE: Password


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-03-06 14:15
i think he means for the database, just use this:

when u add them to database do it like this:

$username =$_POST['username'];
$password = md5($_POST['password'];

mysql_query("Insert into bla bla bla VALUES($username,$password)"Wink;

then when they log in...

$username =$_POST['username'];
$password = md5($_POST['password']);
$result = mysql_query("SELECT * FROM table where username=" . $username);
$dbpass = mysql_result($result,0,'field_name_for_pass'Wink;
if ( $dbpass == $password ) {
echo 'logged in';
} else {
echo 'denied';
}


That obviously wont work, just a basic structure to how most people do it.


Author

RE: Password


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-03-06 15:09
im not that good at writing php ... but i might suggest adding this to make sql injections harder..
Code

str_replace("'" , "\'" , $username );
str_replace("'" , "\'" , $password );








Edited by on 16-04-06 00:06
Author

RE: Password


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-03-06 15:28
Except srt_replace use mysql_real_escape_string, it is much more reliable.
Author

RE: Password


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-03-06 16:30
yeah what i meant was that as soon as you enter the main page a pop up would appear. and then a you would have too enter a password. but if you got it wrong the first time you would be redirected.
Author

RE: Password


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-03-06 17:43
like a .htpasswd ?


Author

RE: Password


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-03-06 18:29
yeah


that's exactly what i want

Edited by on 22-03-06 18:32
Author

RE: Password


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-03-06 18:40
http://www.flash.. . .-bin/pw.pl
check this out..


Author

RE: Password


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-03-06 18:51
i know about the encrypter but how do i actually use the .htaccess and .htpassword files in my website? and what do i put in the files.
im n00by at this so plaese help me.




EDIT: al i want is so that when i click on a link on my page that a prompt comes up and asks me for a password. i enter it, then i get in.
but i don't want anyone gettin in.

Edited by on 22-03-06 19:34
Author

RE: Password


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-03-06 21:36
Usually the most simple way to set password on directory is to secure this folder via cpanel. If your host doesn't have cpanel google for some htaccess tutorial.
Author

RE: Password


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 15-04-06 23:56
I reckon if you just leave a comment in the source giving a false password unencrypted. It will have 10000's of n00bs confused.

comment in source = <!--1337llama0wn5-->

noob1 - "why isn't this working"

noob2- "omg Its like a basic challenge or something"

noob1 - "I think its encrypted, what do you think"

noob2 - "Yeah it must be,try MD5"

heheWink


Author

RE: Password

SySTeM
Member

Your avatar

Posts: 1524
Location: England, UK
Joined: 27.07.05
Rank:
HBH Guru
Posted on 16-04-06 00:01
cubeman372 wrote:
I reckon if you just leave a comment in the source giving a false password unencrypted. It will have 10000's of n00bs confused.

comment in source = <!--1337llama0wn5-->

noob1 - "why isn't this working"

noob2- "omg Its like a basic challenge or something"

noob1 - "I think its encrypted, what do you think"

noob2 - "Yeah it must be,try MD5"

heheWink


HAHAHA THAT'S GREAT!

It's also very true!


img138.imageshack.us/img138/6527/sig2ak1.jpg
www.hellboundhackers.org/sig/r/2783.png

http://www.elites0ft.com/
Author

RE: Password


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 16-04-06 01:44
cubeman372 wrote:
I reckon if you just leave a comment in the source giving a false password unencrypted. It will have 10000's of n00bs confused.

comment in source = <!--1337llama0wn5-->

noob1 - "why isn't this working"

noob2- "omg Its like a basic challenge or something"

noob1 - "I think its encrypted, what do you think"

noob2 - "Yeah it must be,try MD5"

heheWink


LMAO that's great. I can see the fourm post now.
Author

RE: Password


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 16-04-06 01:45
cubeman372 wrote:
I reckon if you just leave a comment in the source giving a false password unencrypted. It will have 10000's of n00bs confused.

comment in source = <!--1337llama0wn5-->

noob1 - "why isn't this working"

noob2- "omg Its like a basic challenge or something"

noob1 - "I think its encrypted, what do you think"

noob2 - "Yeah it must be,try MD5"

heheWink


LMAO that's great. I can see the fourm post now.