Decode num_hash in php - Printable Version
+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Scripting and Plugins (https://sampforum.blast.hk/forumdisplay.php?fid=8)
+--- Forum: Scripting Help (https://sampforum.blast.hk/forumdisplay.php?fid=12)
+--- Thread: Decode num_hash in php (/showthread.php?tid=436677)
+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Scripting and Plugins (https://sampforum.blast.hk/forumdisplay.php?fid=8)
+--- Forum: Scripting Help (https://sampforum.blast.hk/forumdisplay.php?fid=12)
+--- Thread: Decode num_hash in php (/showthread.php?tid=436677)
Decode num_hash in php - jakejohnsonusa - 12.05.2013
I am making a ACP for my website. The only thing I'm having an issue with, is getting the player account passwords to convert to what they should be, in the profiles they are encoded (via the num_hash in the dutils include).
So in php how can I get num_hash encoded passwords back to what they would be (So that they player can log on)?
Thanks for any support: Jake Johnson
Re: Decode num_hash in php - Vince - 12.05.2013
Hashes are not meant to be decoded/decrypted/hacked. That's the point of hashes. They're one way only. If you need to compare passwords, then hash the input password and compare it with what's stored in the database.
That said, num_hash (a.k.a. Adler32) can't be considered a decent form of security. It is in fact a checksum algorithm rather than a hashing algorithm. If you're just a little bit serious about security then you should rid yourself of dini and dutils. I don't know whether you're using files or MySQL, but both systems have far better hashing algorithms available. For a file based system you can use Whirlpool, for a MySQL based system you can use (a combination of) md5, sha1 or sha2.
Re: Decode num_hash in php - jakejohnsonusa - 12.05.2013
Thanks for the tip!
+1 Rep