sha1 -> whirlpool
#1

is there a way to convert all of the passwords in the database from sha1 to whirlpool not going them 1by1 because there are 1,100,000 users registered

please tell me how if possible
Reply
#2

basically the passwords in the mysql database are hashed with sha1 and i'm trying to make an ucp but i don't know how to load the account with sha1 hashed password... can anyone help?

PHP код:
<?php
if(!defined('AWM'))
    die(
'Nope.');
if(
Config::isLogged()) header('Location: ' Config::$_PAGE_URL 'profile');
if(isset(
$_POST['login_submit'])) {
    if(!
$_POST['login_username'] || !$_POST['login_password']) {
        echo 
'<font color="red"><b>Complete all fields.</b></font>';
    } else {
        
$q Config::$g_con->prepare('SELECT `reg_id` FROM `players` WHERE `name` = ? AND `pass` = ?');
        
$q->execute(array($_POST['login_username'], strtoupper(hash('whirlpool',$_POST['login_password']))));
        if(
$q->rowCount()) {
            
$row $q->fetch(PDO::FETCH_OBJ);
            
$_SESSION['awm_user'] = $row->playerID;
            echo 
'<font color="green"><b>You have successfully logged in. You will be redirected in <b>3</b> seconds.</b></font><br><br>';
            echo 
'<meta http-equiv="refresh" content="3;URL=\''.Config::$_PAGE_URL.'profile\'/>';
        }
        else echo 
'<font color="red"><b>Invalid username or password.</b></font>';
    }
}
?>
<link href="http://redpanel.bugged.ro/css/font-awesome.min.css" media="all" type="text/css" rel="stylesheet">
<br><br>
<form action="" method="post" >
    <input type="text" placeholder="Username" id="login_username" name="login_username" /> <br>
    <input type="password" placeholder="Password" id="login_password" name="login_password" /> <br>
    <input type="submit" value="Login" id="login_submit" name="login_submit">
</form>
PHP код:
$q->execute(array($_POST['login_username'], strtoupper(hash('whirlpool',$_POST['login_password'])))); 
this is the line that has to be changed i believe
Reply
#3

I don't know how you would do that without first knowing the original password because it is impossible to reverse a hash (brute force/rainbow tables excluded). You can only do the conversion once a player successfully logs in and you'd need to have a transition period where you have two columns in your database: one with the original hash and one with the new hash and you've have to write some extra code that actually does the conversion. Depending on how often your users log in that transition period might span multiple week or months. You can also change the algorithm right now but then all passwords will become useless instantly and no-one will be able to log in. So if you fancy sending a password reset link to a million users you can also try that.
Reply
#4

Quote:
Originally Posted by Vince
Посмотреть сообщение
I don't know how you would do that without first knowing the original password because it is impossible to reverse a hash (brute force/rainbow tables excluded). You can only do the conversion once a player successfully logs in and you'd need to have a transition period where you have two columns in your database: one with the original hash and one with the new hash and you've have to write some extra code that actually does the conversion. Depending on how often your users log in that transition period might span multiple week or months. You can also change the algorithm right now but then all passwords will become useless instantly and no-one will be able to log in. So if you fancy sending a password reset link to a million users you can also try that.
Alright I fixed this now, and there's another error. The database works normally now, I can login normally and all. but when I login and I click onto the player information tab it outputs this
Код:
This page isn’t working

*********.com is currently unable to handle this request.
HTTP ERROR 500
The code of the .php file:
PHP код:
<?php 
include 'includes/config.php'
include 
'includes/header.php';
checkForLogin();
if(!isset(
$_GET['id']))
{
    echo 
'<META HTTP-EQUIV="Refresh" Content="0; URL=../pages/index.php">';    
    exit;    
}
$charaID $_GET['id'];
$sesuID $_SESSION['uID'];
$query $con->prepare("SELECT * from players where reg_id = '$charaID'");
$query->execute();
$gData $query->fetch();
if(
$gData['reg_id'] != $sesuID)
{
    echo 
'<META HTTP-EQUIV="Refresh" Content="0; URL=../pages/index.php">';    
    exit;    
}
?>
                <div class="row">
                    <div class="col-md-12">
                        <h1 class="page-header">
                            <?php echo $gData['name']; ?>
                        </h1>
                    </div>
                </div>
            <div class="row">
                <div class="col-lg-2">
                    <img src="../skins/Skin_<?php echo $gData['saveskin']; ?>.png" style="height:300px;">
                </div>
                <div class="col-lg-8">
                    <div class="panel panel-default">
                        <div class="panel-body">
                            <div class="row">
                                <div class="col-lg-6">
                                Status: <?php if($gData['active'] == 1
                                            { 
                                                echo 
'<span style="color:#00FF00";>ONLINE</span>' 
                                            
}
                                            else
                                            {
                                                echo 
'<span style="color:#FF0000";>OFFLINE</span>'
                                            
?>
                                <hr />
                                Playing Time: <?php echo($gData['hours']); ?> Hours, <?php echo($gData['minutes']); ?> Minutes and <?php echo($gData['seconds']); ?> Seconds
                                <hr />
                                Premium: <?php if($gData['premium'] == 1)
                                            {
                                                echo 
'<span style="color:#00FF00";>PREMIUM</span>' 
                                            
}
                                            else if(
$gData['premium'] == 2)
                                            {
                                                echo 
'<span style="color:#00FF00";>PREMIUM 2</span>' 
                                            
}
                                            else if(
$gData['premium'] == 3)
                                            {
                                                echo 
'<span style="color:#00FF00";>VIP</span>' 
                                            
}
                                            else if(
$gData['premium'] == 0)
                                            {
                                                echo 
'<span style="color:#FF0000";>NO</span>' 
                                            
?>
                                <hr />
                                Helper: <?php if($gData['helper'] == 1)
                                            {
                                                echo 
'<span style="color:#00FF00";>HELPER</span>' 
                                            
}
                                            else if(
$gData['helper'] == 2)
                                            {
                                                echo 
'<span style="color:#00FF00";>MAPPER</span>' 
                                            
}
                                            else if(
$gData['helper'] == 3)
                                            {
                                                echo 
'<span style="color:#00FF00";>DEVELOPER</span>' 
                                            
}
                                            else if(
$gData['helper'] == 0)
                                            {
                                                echo 
'<span style="color:#FF0000";>NO</span>'
                                            
?>
                                <hr />
                                Admin: <?php if($gData['adminlevel'] == 1)
                                            {
                                                echo 
'<span style="color:#00FF00";>MODERATOR</span>' 
                                            
}
                                            else if(
$gData['adminlevel'] == 2)
                                            {
                                                echo 
'<span style="color:#00FF00";>ADMIN</span>' 
                                            
}
                                            else if(
$gData['adminlevel'] == 3)
                                            {
                                                echo 
'<span style="color:#00FF00";>SENIOR ADMIN</span>' 
                                            
}
                                            else if(
$gData['adminlevel'] == 4)
                                            {
                                                echo 
'<span style="color:#00FF00";>HEAD ADMIN</span>' 
                                            
}
                                            else if(
$gData['adminlevel'] == 5)
                                            {
                                                echo 
'<span style="color:#00FF00";>SERVER OWNER</span>' 
                                            
}
                                            else if(
$gData['adminlevel'] == 0)
                                            {
                                                echo 
'<span style="color:#FF0000";>NO</span>'
                                            
?>
                                <hr />
                                Score: <?php echo number_format($gData['score']); ?>
                                <hr />
                                Cookies: <?php echo number_format($gData['cookies']); ?>
                                <hr />
                                Money: $<?php echo number_format($gData['money']); ?>
                                <hr />
                                Bank Money: $<?php echo number_format($gData['bmoney']); ?>
                                <hr />
                                Total Money: $<?php echo number_format($gData['money'] + $gData['bmoney']); ?>
                                <hr />
                                Group ID: <?php echo number_format($gData['group_id']); ?>
                                <hr />
                                Group Rank: <?php echo number_format($gData['group_rank']); ?>
                                <hr />
                                Member since: <?php echo $gData['reg_time']); ?>
                                <hr />
                                Last login: <?php echo $gData['last_time']); ?>
                                <hr />
                                Kills: <?php echo number_format($gData['kills']); ?>
                                <hr />
                                Deaths: <?php echo number_format($gData['deaths']); ?>
                                <hr />
                                Kill/Death Ratio: <?php echo number_format($gData['kills'] / $gData['kills']); ?>
                                <hr />
                                House ID: <?php echo number_format($gData['house_id']); ?>
                                <hr />
                                </div>
                            </div>
                        </div>
                    </div>
                </div>
            </div>
<?php
include 'includes/footer.php'
?>
Any ideas, my friend?
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)