Kirjautuminen

Haku

Tehtävät

Keskustelu: Koodit: PHP: super_hash(); 1024bit decrypt

Sivun loppuun

Juhis [06.02.2004 19:35:01]

#

super_hash( string var [, string mode] )


var = stringi joka halutaan kryptata.
mode, text tai file.

jos file niin var pitää olla tiedoston nimi/sijainti serverillä

<?php
/*

 super hash function by juha tauriainen 6.2.2004
 0.02b ;-)

 made with simple php functions:
 https://www.php.net/manual/en/function.md5.php  ( this is the most important )
 https://www.php.net/manual/en/function.md5-file.php  ( if hashing a file, we need this )
 https://www.php.net/manual/en/function.sha1.php  ( if PHP version is 4.3.0 or higher, sha1 will be used also )
 https://www.php.net/manual/en/function.sha1-file.php  ( if hashing file and PHP version is 4.3.0 or higher, sha1_file will be used also )
 https://www.php.net/manual/en/function.substr.php ( lets get the length of the string that we want to hash )
 https://www.php.net/manual/en/function.empty.php ( only a check, not so important )
 https://www.php.net/manual/en/function.phpversion.php ( print the php version )
 https://www.php.net/manual/en/function.list.php ( just to make a list out of php version )
 https://www.php.net/manual/en/function.file-exists.php ( checking if file exists, if $mode == file )
 https://www.php.net/manual/en/function.exit.php ( if any errors accures, exit and echo error )
 https://www.php.net/manual/en/function.unset.php ( deleting the variables, freeing memory )

 and lets not forget for loops ;-)
 https://www.php.net/manual/en/control-structures.for.php



 usage $pass = super_hash("salakala", "text");
 results 1024 bit string made with md5
 so salakala becomes the string below

011ecee7d295c066ae68d4396215c3d01c7be95b83f1702fbd8486c88df333a6263f16504c2ff916abe37ae2567571613fcc907615ea0bf3e0120f5a7998a93937e06e7fee60e66ff1e862e1c48e825649225a4a22c00c4ed45291658db9159961adc8ffcae5f69d65749c5d597c345af584360daf124ceea6219de17133d9e07500b4178f8b0436af384b9c107dee0e913d2a2e7c4ece116bd5cae0b830928017fe96ede6f288e55ba53a50df3588d3b2796ae06e587a84b6fec5e3818104c27930779c35f273aa8a76cabfec4439d7053e1129011a02627fcad2d30dcd1f398ae575ca98d9fa3638909496f05c15a22d754b92d3bece8e327a9c6840527267df5ff491a2b0b02e1b50e5629952737c317c0af3de34df66946b9a8fce08a55b3e6692a04935e943c9e909ff8da10e4aef749c9711f5cd982866f1a737b663b978512a720097f5d4dfc84f63f6d4030a68b26b5bdc2e8849f636b7ed5b0b99eaeedf6d2205e56dd020b0c310029e6a836c2642e281a0524a3709164ab75ca8c62bccf77718605d43efda3a657543c0e015227a765c3fa867c3ebc750675c082d430343a8e8d9d0a56a450491db4a9fa309752db9bc4197388a5baa9d0b03b89d58c1aef3cde8b5c8b42d85eaee41d8f4047cbeb3c2afc84a9d2f1dccf3240eec4c0d13d3ad6cc317017872e51d01b23874be16979710d4c4e7c6647856088456

 you need to have PHP 3 or higher to get this working.
 the best result will be with the latest version of PHP
 if upgraded from <4.2.0, hashes made with this wont return the same string.
 you can get this to work how ever you want to, it's really simple.
 this only for demonstrating. if you find this useful, please go ahead and use it.
 but i strongly suggest that you modify this for your needs!

 use as you will

*/

function super_hash($var, $mode="") {
if(empty($var)) { exit("There's nothing to encrypt"); }

/*
 if php version is greater than 4.3.0, we're going to use sha1 also.
 +4.3.0
 first we make 40 character string out of $var
 after that we make md5 hash out of sha1 hash and then another md5 hash out of the first md5 hash
 this is just for better security ;-)
 -4.3.0
 first we make 32 character string out of $var with md5 and then hash it again with md5
*/
	$php_v = phpversion(); // find out what version of php we are using...
	list($upper,$major,$minor) = explode(".",$php_v); // ... and then make a nice list out of the results

if($mode == "file") {
	if($upper >= 4 && $major >= 2 && $minor >= 0) {

		if(file_exists($var)) {

			if($upper >= 4 && $major >= 3 && $minor >= 0) {
				$var = md5_file(md5_file(sha1_file($var))); /* there is some trouble with md5_file */
			} else { $var = md5_file(md5_file($var)); }

		} else { exit("File does not exists"); }

	} else { $var = md5(md5($var)); }

} else if(($mode == "text" || empty($mode)) && $upper >= 4 && $major >= 3 && $minor >= 0) {
	$var = md5(md5(sha1($var)));
} else {
	$var = md5(md5($var));
}


		for($i=1;$i<=32;$i++) {
			/*
			below we take the md5($var) string and start making the super hash string.
			we start at line $i from the md5($var) string and take as many lines as $i contains.
			if there aren't anything left, it will take only one or zero
			*/
			$password = substr($var, $i, $i);
			# echo "$i $password<br>"; // remove the # if you want to see what the code below hash
			$super_pass .= md5(md5($password)); // let's do double md5 hash to the $password string
		}


	return $super_pass;
	/* lets destroy these so they don't take too much memory (this is not necessary) */
	unset($password, $var, $super_pass, $upper, $major, $minor, $php_v, $i);
}

// i'm 99% sure that you don't want to use this here, so just go ahead and delete the next row ;-)
echo super_hash("salakala");

// you can also use super_hash($var, $mode); where $mode is "text" or "file"
// if $mode is "file", you have to have PHP 4.2.0 or higher. And also the file have to exists (it's checked in the code)
?>

Juhis [08.02.2004 01:46:33]

#

Ja kyseessä on siis luonnollisesti encrypt, ei decrypt. Kirjoitin tuon nimen hiukan väsyneenä ;)

sooda [08.02.2004 12:42:54]

#

Huhhuhuhuhuhuuh! Aika pitkä häshi. Mihin tarvii noin tarkkaa? :P

Juhis [08.02.2004 20:10:22]

#

Vaikka turvallisiin ratkaisuihin ;)
Tuosta sen verran että tuo on vain opetuskäyttöön. Tuskin tuosta mitään järkevää saa aikaiseksi xD
Ja sitten vielä pikkasen lisää. Toi tekee eri PHP:n versioilla erilaiset hashit, mutta todella helposti saa jokaselle PHP:n versiolle PHP3:sta ylöspäin toimimaan samalla tavalla.

Kryil [09.02.2004 10:59:09]

#

Mikä vaatii niin turvallista ratkaisua, että pelkkä md5 ei siihen riitä? :)
Sitä ihmettä olenkin tässä odotellut että joku onnistuisi purkamaan md5-merkkijonoja. Tiedonpakkaus mullistuisi :)

Enemmän hyötyä tuosta löytyisi jos sen voisi vielä decryptata...

Meitzi [04.03.2004 13:50:42]

#

Kryil:
"Mikä vaatii niin turvallista ratkaisua, että pelkkä md5 ei siihen riitä? :)
Sitä ihmettä olenkin tässä odotellut että joku onnistuisi purkamaan md5-merkkijonoja."

Alla esimerkki md5 hashin "purkamisesta". Kyseessähän on bruteforce menetelmä. Salasanan testi purkamiseen meni 37 sekuntia.

********
Microsoft Windows XP [versio 5.1.2600]
(C) Copyright 1985 - 2001 Microsoft Corp.

C:\mdcrack.exe -M MD5 9627df7a4a5b849f67fce863e82adc71

<<System>> MDcrack v1.2 is starting.
<<System>> Using default charset : abcdefg­hijklm­nopqrs­tuvw­xyz0123456789ABC­DEFG­HIJKLM­NOPQRS­TUWXYZ
<<System>> Max pass size = 12 >> Entering MD5 Core 1.

Password size: 1

Password size: 2

Password size: 3

Password size: 4

Password size: 5


----------------------------------------
Collision found ! => testi


Collision(s) tested : 131341626 in 37 second(s), 203 millisec, 0 microsec.
Average of 3530404.2 hashes/sec.


C:\>

tsuriga [07.05.2004 18:39:08]

# 

<?php

if($upper >= 4 && $major >= 3 && $minor >= 0) {
// tuossa yllä ja tässä alla testataan samoja asioita, tuohan
// saisi lyhemmäksikin
} else if(($mode == "text" || empty($mode)) && $upper >= 4 && $major >= 3 && $minor >= 0) {

// emptyn käyttö on turhaa tuossa
?>

Ja tuo hash rikkoo ulkoasun, voisit jaotella sen.

Codeprofile [29.11.2006 14:22:10]

#

Mulle tulostuu pelkkä valtava yhden rivin sekava merkkijono.

EDIT: Oho. Testasin tota koodia äkkii kattomatta sen tarkotusta. Toimiihan tuo.

Sivun alkuun

Vastaus

Aihe on jo aika vanha, joten et voi enää vastata siihen.

Tietoa sivustosta