1. SA-MP Forums Archive
  2. SA-MP Scripting and Plugins
  3. Scripting Help

Threaded Mode
I need help with my UCP
nikotragedy
Big Clucker
***
Posts: 60
Threads: 17
Joined: Feb 2015
Reputation: 0
#1

30.03.2017, 04:27
I'm creating a UCP for my RP server. I can insert stuff into my DB but now I'm not sure how can I decrypt or use the hashed pw.
I've tried with md5 and SHA1 but it's not working and now I'm not sure what should I do or how to compare the inputtext with a hashed password.
Find
Reply
X337
Gangsta
*****
Posts: 872
Threads: 25
Joined: Sep 2014
Reputation: 0
#2

30.03.2017, 04:34
You can't decrypt hashes.
Just hash the inputtext and compare them.
Find
Reply
nikotragedy
Big Clucker
***
Posts: 60
Threads: 17
Joined: Feb 2015
Reputation: 0
#3

30.03.2017, 05:07
Quote:
Originally Posted by X337
Посмотреть сообщение
You can't decrypt hashes.
Just hash the inputtext and compare them.
That's what I don't know how to do it. And I found nothing on the SAMP wiki

I'm storing a MD5/SHA1 (pInfo[playerid][password]) into my DB, what's next?
Find
Reply
nikotragedy
Big Clucker
***
Posts: 60
Threads: 17
Joined: Feb 2015
Reputation: 0
#4

30.03.2017, 06:55
I solved almost anything but I'm having troubles now with the output of the hashed pw.

Ex.:

Original hash: b5021bbda761e7b6cde516f616a09f2e3ea5cb3dc48ccbd37a 8deeda94b56562
Hash generated on the GM: B5021BBDA761E7B6CDE516F616A09F2E3EA5CB3DC48CCBD37A 8DEEDA94B56562

As you can see, the string is the same but different so I can't compare a hash/password.


Solved!
If anyone is interested:

Код:
            new passwordLower[65];
            format(passwordLower, sizeof(passwordLower), "%s", YOURPASSWORDVARIABLE);
            for(new i, len = strlen(passwordLower); i < len; ++i)
			{
			    passwordLower[i] = tolower(passwordLower[i]);
			}


            for(new i, len = strlen(hashed_pass); i < len; ++i)
			{
			    hashed_pass[i] = tolower(hashed_pass[i]);
			}
Original hash: b5021bbda761e7b6cde516f616a09f2e3ea5cb3dc48ccbd37a 8deeda94b56562
Generated hash: b5021bbda761e7b6cde516f616a09f2e3ea5cb3dc48ccbd37a 8deeda94b56562
Find
Reply
BR3TT
Big Clucker
***
Posts: 101
Threads: 9
Joined: Sep 2012
Reputation: 0
#5

30.03.2017, 07:01
http://php.net/manual/en/function.password-verify.php

Have you tried using password_verify? Verifies a password with a hash.
Find
Reply
DobbysGamertag
Gangsta
*****
Posts: 807
Threads: 10
Joined: Jan 2013
Reputation: 0
#6

30.03.2017, 07:17
Don't use SHA1. Its unsecure. See here

Consider using SHA256, or some other variation (Whirlpool).

pawn Код:
mysql_format(connectionHandle, query, sizeof(query), "INSERT INTO `users` (`username`,`password`) VALUES('%e',SHA2('%e',256))", Name, inputtext); //SHA256. You could even use SA:MP's version. I haven't speed-tested it though, so unsure of the speed differences.
For whirlpool see this. To hash the user input on the website,

PHP код:
$password hash('whirlpool'$data_to_be_hashed); 
Find
Reply
« Next Oldest | Next Newest »


Forum Jump:


Users browsing this thread: 1 Guest(s)
  1. SA-MP Forums Archive
  2. SA-MP Scripting and Plugins
  3. Scripting Help