[Moglizorz.]

pawn Код:

case 1:
        {
            if(!response)
            {
                SendClientMessage(playerid, COLOR_BRIGHTRED, "You selected exit, therefore you were kicked.");
                Kick(playerid);
            }
            else if(strlen(inputtext) == 0)
            {
                SendClientMessage(playerid, COLOR_BRIGHTRED, "You must input the password to your account! If this is not your account, come back with a new name!");
                ShowPlayerDialog(playerid, 1, DIALOG_STYLE_INPUT, "Login / Authentication Process", "Hello there!\n\nPlease enter your password to authenticate.", "Login", "Cancel");
            }
            else
            {
                new name[24], Escape[2][128];
                GetPlayerName(playerid, name, 24);
                mysql_real_escape_string(name, Escape[0]); // This function makes sure you don't get MySQL injected. Read about it by searching it on ******.
                mysql_real_escape_string(inputtext, Escape[1]);
                format(Query, sizeof(Query), "SELECT * FROM phpbb_users WHERE username = '%s' AND user_password = md5('%s')", Escape[0], Escape[1]);
                mysql_query(Query);
                mysql_store_result();

                if(mysql_num_rows())
                {
                    PlayerStats[playerid][pAuth] = 1;
                    LoadAccountVariables(playerid);

                    format(string, sizeof(string), "|- Welcome, %s! You have successfully logged in! -|", GetName(playerid));
                    SendClientMessage(playerid, COLOR_LIGHTGREEN, string);

                    TogglePlayerSpectating(playerid, false);

                    SetSpawnInfo(playerid, 0, 0, 0.0, 0.0, 0.0, 0.0, 0, 0, 0, 0, 0, 0);
                    SpawnPlayer(playerid);

                    // -----[Let's Show Some TD's]----- //

                    TextDrawShowForPlayer(playerid, Textdraw0);
                }
                else
                {
                    SendClientMessage(playerid, COLOR_WHITE, "Incorrect password. Please try again!");
                    ShowPlayerDialog(playerid, 1, DIALOG_STYLE_INPUT, "Login / Authentication Process", "Hello there!\n\nPlease enter your password to authenticate.", "Login", "Cancel");
                }
            }
        }

Getting wrong password no matter what I do, something wrong with this code? Compiles correctly.

Thanks,
Ryan

[TheXIII]

Please use indention and [ pawn] tags [/ pawn].
It's just pain to read this.

Edit: You sure you use indentical encryption to your phpbb board?

[The_Gangstas]

try selecting the user, then select the password with inputtext. and make a password var if u understand what i said..

[Moglizorz.]

Quote:

Originally Posted by TheXIII Please use indention and [ pawn] tags [/ pawn]. It's just pain to read this. Edit: You sure you use indentical encryption to your phpbb board?

Hm, on further inspection it seems that it is a Salted MD5 hash.
http://www.phpbb.com/community/viewt...7342#p12880534

Is there any way of using this as a method in SA-MP? Can't find any.

[Lenny the Cup]

Ignore, I was wrong

[TheXIII]

Found this on another forum, assuming you use phpBB3. Posted by Sc00bz. Might help?

Quote:

phpBB3's default setting is to do 2049 ((2^11)+1) MD5 hashes per password. First one is hash = MD5(salt + pw), then all the others are hash = md5(hash + pw). The output of md5() is in binary so 16 bytes "16 characters." So for each hash there are 4 extra adds and you can't reverse more than a few steps on the last MD5. For a plain MD5 hash you only need to do 44 out of 64 steps (I think that's right 64-16-3-2/2) but for this you need to do 2049 full md5s minus a few steps on the last. So theoretically it should be around 2980.4 (2049/(44/64)) times slower. Insidepro's passwordspro might not be using 3x interlaced SSE2 or there's something I'm missing. Anyway since phpBB3 hashes have salts you can only crack one hash at a time so this will be much slower than plain MD5 if you have a bunch of hashes. phpBB3 hashes are one of the strongest that you'll find it is even better than $1$ hashes which is 1000 MD5s with a salt. Well phpBB3 hashes might have 513 MD5s per hash if the version of PHP is less than 5. Also note that phpBB3 hashes can use (2^n)+1 MD5s where 7 <= n <= 30. So in short your IT friend is misinformed. He probably thinks this because phpBB.com got hacked and their DB got dumped and there were a lot of old password hashes from version 2 that were just unsalted MD5.

Quote:

Originally Posted by Moglizorz. Hm, on further inspection it seems that it is a Salted MD5 hash. http://www.phpbb.com/community/viewt...7342#p12880534 Is there any way of using this as a method in SA-MP? Can't find any.

Indeed it is possible. If it uses random salt, in which case the salt must be stored in the


EDIT: Actually, try this. Still have to get salt yourself thou

pawn Код:

#define PHPBB3enc_STR_SIZE 128 // no idea what the optimal would be. (Max salt size + Max password size.. or 16 + Max password size)
stock phpBB3_Encrypt(password[], salt[])
{
    new str[PHPBB3enc_STR_SIZE];
    format(str, sizeof(str), "%s%s", salt, password);
    str = MD5_Hash(str);
    for( new i; i < 2048; i++ )
    {
        format(str, sizeof(str), "%s%s", str, password);
        str = MD5_Hash(str);
    }
    return str;
}
/*----------------------------------------------------------------------------*-
                    ===========================
                    Y Sever Includes - MD5 Core
                    Stripped. All credits for
                    converting to PAWN goes to
                                ******
                    ===========================

-*----------------------------------------------------------------------------*/

enum E_MD5_CONTEXT
{
    E_MD5_CONTEXT_BUF[4],
    E_MD5_CONTEXT_BITS[2],
    E_MD5_CONTEXT_IN[64 char]
}

#define MD5_F1(%1,%2,%3) (%3 ^ (%1 & (%2 ^ %3)))
#define MD5_F2(%1,%2,%3) MD5_F1(%3, %1, %2)
#define MD5_F3(%1,%2,%3) (%1 ^ %2 ^ %3)
#define MD5_F4(%1,%2,%3) (%2 ^ (%1 | ~%3))


stock MD5_Hash(str[])
{
    new
        md5Data[E_MD5_CONTEXT],
        done,
        digest[34],
        len = strlen(str);
    MD5_Init(md5Data);
    len -= 64;
    while (done < len)
    {
        MD5_Update(md5Data, str[done], 64);
        done += 64;
    }
    len = (len + 64) - done;
    if (len)
    {
        MD5_Update(md5Data, str[done], len);
    }
    digest = MD5_Final(md5Data, true);
    return digest;
}
stock MD5_Init(ctx[E_MD5_CONTEXT])
{
    ctx[E_MD5_CONTEXT_BUF][0] = 0x67452301;
    ctx[E_MD5_CONTEXT_BUF][1] = 0xEFCDAB89;
    ctx[E_MD5_CONTEXT_BUF][2] = 0x98BADCFE;
    ctx[E_MD5_CONTEXT_BUF][3] = 0x10325476;
    ctx[E_MD5_CONTEXT_BITS][0] = 0;
    ctx[E_MD5_CONTEXT_BITS][1] = 0;
}
stock MD5_Update(ctx[E_MD5_CONTEXT], data[], len)
{
    new
        t = ctx[E_MD5_CONTEXT_BITS][0],
        s,
        buf = 0;
    if ((ctx[E_MD5_CONTEXT_BITS][0] = t + (len << 3)) < t)
    {
        ctx[E_MD5_CONTEXT_BITS][1]++;
    }
    ctx[E_MD5_CONTEXT_BITS][1] += len >>> 29;
    t = (t >>> 3) & 0x3F;
    if (t)
    {
        s = 64 - t;
        if (len < s)
        {
            MD5_Copy(ctx[E_MD5_CONTEXT_IN], data, t, len);
            return;
        }
        MD5_Copy(ctx[E_MD5_CONTEXT_IN], data, t, s);
        MD5_Transform(ctx[E_MD5_CONTEXT_BUF], ctx[E_MD5_CONTEXT_IN]);
        buf += s;
        len -= s;
    }
    while (len >= 64)
    {
        MD5_Copy(ctx[E_MD5_CONTEXT_IN], data[buf], 0, 64);
        MD5_Transform(ctx[E_MD5_CONTEXT_BUF], ctx[E_MD5_CONTEXT_IN]);
        buf += 64;
        len -= 64;
    }
    MD5_Copy(ctx[E_MD5_CONTEXT_IN], data[buf], 0, len);
}
stock MD5_Copy(dest[], src[], start, len)
{
    new
        i = start >>> 2,
        j = 0,
        ch;
    while (j < len)
    {
        ch = src[j++] & 0xFF;
        switch (start++ & 0x03)
        {
            case 0:
            {
                dest[i] = ch;
            }
            case 1:
            {
                dest[i] |= ch << 8;
            }
            case 2:
            {
                dest[i] |= ch << 16;
            }
            case 3:
            {
                dest[i++] |= ch << 24;
            }
        }
    }
}

stock MD5_Final(ctx[E_MD5_CONTEXT], string = false)
{
    new
        count,
        index,
        digest[33];
    count = (ctx[E_MD5_CONTEXT_BITS][0] >>> 3) & 0x3F;
    if (!(count & 0x03))
    {
        ctx[E_MD5_CONTEXT_IN][count / 4] = 0;
    }
    ctx[E_MD5_CONTEXT_IN][count / 4] |= (0x80 << (8 * (count & 0x03)));
    index = (count / 4) + 1;
    count = 64 - 1 - count;
    if (count < 8)
    {
        while (index < 64 char)
        {
            ctx[E_MD5_CONTEXT_IN][index++] = 0;
        }
        MD5_Transform(ctx[E_MD5_CONTEXT_BUF], ctx[E_MD5_CONTEXT_IN]);
        index = 0;
        while (index < 56 char)
        {
            ctx[E_MD5_CONTEXT_IN][index++] = 0;
        }
    }
    else
    {
        while (index < 56 char)
        {
            ctx[E_MD5_CONTEXT_IN][index++] = 0;
        }
    }
    ctx[E_MD5_CONTEXT_IN][14] = ctx[E_MD5_CONTEXT_BITS][0];
    ctx[E_MD5_CONTEXT_IN][15] = ctx[E_MD5_CONTEXT_BITS][1];
    MD5_Transform(ctx[E_MD5_CONTEXT_BUF], ctx[E_MD5_CONTEXT_IN]);
    if (string)
    {
        index = 0;
        do
        {
            format(digest, sizeof (digest), "%s%02x", digest, (ctx[E_MD5_CONTEXT_BUF][index / 4] >> ((index & 0x03) * 8)) & 0xFF);
        }
        while (++index < 16);
    }
    return digest;
}
#define MD5_Step(%1,%2,%3,%4,%5,%6,%7) \
    %2 += %1(%3, %4, %5) + %6, %2 = %2 << %7 | %2 >>> (32 - %7), %2 += %3

static stock MD5_Transform(buf[], in[])
{
    new
        a = buf[0],
        b = buf[1],
        c = buf[2],
        d = buf[3];
    #pragma tabsize 4
    MD5_Step(MD5_F1, a, b, c, d, in[0]  + 0xD76AA478, 7);
    MD5_Step(MD5_F1, d, a, b, c, in[1]  + 0xE8C7B756, 12);
    MD5_Step(MD5_F1, c, d, a, b, in[2]  + 0x242070DB, 17);
    MD5_Step(MD5_F1, b, c, d, a, in[3]  + 0xC1BDCEEE, 22);
    MD5_Step(MD5_F1, a, b, c, d, in[4]  + 0xF57C0FAF, 7);
    MD5_Step(MD5_F1, d, a, b, c, in[5]  + 0x4787C62A, 12);
    MD5_Step(MD5_F1, c, d, a, b, in[6]  + 0xA8304613, 17);
    MD5_Step(MD5_F1, b, c, d, a, in[7]  + 0xFD469501, 22);
    MD5_Step(MD5_F1, a, b, c, d, in[8]  + 0x698098D8, 7);
    MD5_Step(MD5_F1, d, a, b, c, in[9]  + 0x8B44F7AF, 12);
    MD5_Step(MD5_F1, c, d, a, b, in[10] + 0xFFFF5BB1, 17);
    MD5_Step(MD5_F1, b, c, d, a, in[11] + 0x895CD7BE, 22);
    MD5_Step(MD5_F1, a, b, c, d, in[12] + 0x6B901122, 7);
    MD5_Step(MD5_F1, d, a, b, c, in[13] + 0xFD987193, 12);
    MD5_Step(MD5_F1, c, d, a, b, in[14] + 0xA679438E, 17);
    MD5_Step(MD5_F1, b, c, d, a, in[15] + 0x49B40821, 22);
    MD5_Step(MD5_F2, a, b, c, d, in[1]  + 0xF61E2562, 5);
    MD5_Step(MD5_F2, d, a, b, c, in[6]  + 0xC040B340, 9);
    MD5_Step(MD5_F2, c, d, a, b, in[11] + 0x265E5A51, 14);
    MD5_Step(MD5_F2, b, c, d, a, in[0]  + 0xE9B6C7AA, 20);
    MD5_Step(MD5_F2, a, b, c, d, in[5]  + 0xD62F105D, 5);
    MD5_Step(MD5_F2, d, a, b, c, in[10] + 0x02441453, 9);
    MD5_Step(MD5_F2, c, d, a, b, in[15] + 0xD8A1E681, 14);
    MD5_Step(MD5_F2, b, c, d, a, in[4]  + 0xE7D3FBC8, 20);
    MD5_Step(MD5_F2, a, b, c, d, in[9]  + 0x21E1CDE6, 5);
    MD5_Step(MD5_F2, d, a, b, c, in[14] + 0xC33707D6, 9);
    MD5_Step(MD5_F2, c, d, a, b, in[3]  + 0xF4D50D87, 14);
    MD5_Step(MD5_F2, b, c, d, a, in[8]  + 0x455A14ED, 20);
    MD5_Step(MD5_F2, a, b, c, d, in[13] + 0xA9E3E905, 5);
    MD5_Step(MD5_F2, d, a, b, c, in[2]  + 0xFCEFA3F8, 9);
    MD5_Step(MD5_F2, c, d, a, b, in[7]  + 0x676F02D9, 14);
    MD5_Step(MD5_F2, b, c, d, a, in[12] + 0x8D2A4C8A, 20);
    MD5_Step(MD5_F3, a, b, c, d, in[5]  + 0xFFFA3942, 4);
    MD5_Step(MD5_F3, d, a, b, c, in[8]  + 0x8771F681, 11);
    MD5_Step(MD5_F3, c, d, a, b, in[11] + 0x6D9D6122, 16);
    MD5_Step(MD5_F3, b, c, d, a, in[14] + 0xFDE5380C, 23);
    MD5_Step(MD5_F3, a, b, c, d, in[1]  + 0xA4BEEA44, 4);
    MD5_Step(MD5_F3, d, a, b, c, in[4]  + 0x4BDECFA9, 11);
    MD5_Step(MD5_F3, c, d, a, b, in[7]  + 0xF6BB4B60, 16);
    MD5_Step(MD5_F3, b, c, d, a, in[10] + 0xBEBFBC70, 23);
    MD5_Step(MD5_F3, a, b, c, d, in[13] + 0x289B7EC6, 4);
    MD5_Step(MD5_F3, d, a, b, c, in[0]  + 0xEAA127FA, 11);
    MD5_Step(MD5_F3, c, d, a, b, in[3]  + 0xD4EF3085, 16);
    MD5_Step(MD5_F3, b, c, d, a, in[6]  + 0x04881D05, 23);
    MD5_Step(MD5_F3, a, b, c, d, in[9]  + 0xD9D4D039, 4);
    MD5_Step(MD5_F3, d, a, b, c, in[12] + 0xE6DB99E5, 11);
    MD5_Step(MD5_F3, c, d, a, b, in[15] + 0x1FA27CF8, 16);
    MD5_Step(MD5_F3, b, c, d, a, in[2]  + 0xC4AC5665, 23);
    MD5_Step(MD5_F4, a, b, c, d, in[0]  + 0xF4292244, 6);
    MD5_Step(MD5_F4, d, a, b, c, in[7]  + 0x432AFF97, 10);
    MD5_Step(MD5_F4, c, d, a, b, in[14] + 0xAB9423A7, 15);
    MD5_Step(MD5_F4, b, c, d, a, in[5]  + 0xFC93A039, 21);
    MD5_Step(MD5_F4, a, b, c, d, in[12] + 0x655B59C3, 6);
    MD5_Step(MD5_F4, d, a, b, c, in[3]  + 0x8F0CCC92, 10);
    MD5_Step(MD5_F4, c, d, a, b, in[10] + 0xFFEFF47D, 15);
    MD5_Step(MD5_F4, b, c, d, a, in[1]  + 0x85845DD1, 21);
    MD5_Step(MD5_F4, a, b, c, d, in[8]  + 0x6FA87E4F, 6);
    MD5_Step(MD5_F4, d, a, b, c, in[15] + 0xFE2CE6E0, 10);
    MD5_Step(MD5_F4, c, d, a, b, in[6]  + 0xA3014314, 15);
    MD5_Step(MD5_F4, b, c, d, a, in[13] + 0x4E0811A1, 21);
    MD5_Step(MD5_F4, a, b, c, d, in[4]  + 0xF7537E82, 6);
    MD5_Step(MD5_F4, d, a, b, c, in[11] + 0xBD3AF235, 10);
    MD5_Step(MD5_F4, c, d, a, b, in[2]  + 0x2AD7D2BB, 15);
    MD5_Step(MD5_F4, b, c, d, a, in[9]  + 0xEB86D391, 21);
    #pragma tabsize 4
    buf[0] += a;
    buf[1] += b;
    buf[2] += c;
    buf[3] += d;
}