Jump to content

making a member login script with vbulletin


newb

Recommended Posts

im making a member login script and using vbulletin passwords. the problem is, that vbulletin uses some weird encryption or something and when i put my password in, it says its wrong.. i thought vbulletin uses md5 but apparently they dont ... i went to another md5 encryption site, and got my password encrypted elsewhere, and it didnt match the one i got from my vbulletin database at all...

here's my script..

[code]<form action="index.php?p=login" method="post" enctype="multipart/form-data">
        Username: <input type="text" name="user" />
        Password: <input type="password" name="pass" />
        <input type="submit" value="Login" />
    </form>

<?

    if ( $_GET['p'] == 'login' ) {
    
  $server = "localhost";
  $username = "xx";
  $password = "xx";
  $database = "xx";
  $con = mysql_connect($server, $username, $password);
  mysql_select_db($database);
  
        // MD5 the form password
        $md5Pass = md5( $_POST['pass'] );
        
        // Get user details from MySQL Table
        $Query = mysql_query( " SELECT * FROM tbl_users WHERE username = '$_POST[user]' " );
        $result = mysql_fetch_array( $Query );
        
        // Check that the form password matches the one in the database
        if ( $md5Pass == $result['password'] ) {
            echo 'User logged in';
        } else {
            echo 'Wrong Password, please try again';
        }
        
    }
    
?>[/code]

i guess vbuletin use some kinda salt or something i duno but its weird.
Link to comment
Share on other sites

Can you post an example encrypted password?

[b]EDIT:[/b] Just searched on Google, and someone posted somewhere else that vB hashes passwords through md5, then salts it, then through md5 again... Maybe you could extract the encryption function from vB and use it to encrypt your passwords?
Link to comment
Share on other sites

yeah.

the pasword in vbulletin database: b6ca97cccb2cd8fa4afa7cff7d741a03

the same password i use to login my vbulletin forum (encrypted at [a href=\"http://www.iwebtool.com/md5):\" target=\"_blank\"]http://www.iwebtool.com/md5):[/a] 374789384d64563d38e5de0b357a10bc

fucking weird. if i put the 2nd md5 password inside the database, it logs in perfectly so i guess the vbulletin database uses some weird encryption but i dont know what it is.


[quote]
EDIT: Just searched on Google, and someone posted somewhere else that vB hashes passwords through md5, then salts it, then through md5 again... Maybe you could extract the encryption function from vB and use it to encrypt your passwords?[/quote]

omg thats crazy...i dont even know what vb file the function is in aahhh...........
Link to comment
Share on other sites

[!--quoteo(post=386168:date=Jun 20 2006, 05:16 PM:name=newb)--][div class=\'quotetop\']QUOTE(newb @ Jun 20 2006, 05:16 PM) [snapback]386168[/snapback][/div][div class=\'quotemain\'][!--quotec--]
yeah.

the pasword in vbulletin database: b6ca97cccb2cd8fa4afa7cff7d741a03

the same password i use to login my vbulletin forum (encrypted at [a href=\"http://www.iwebtool.com/md5):\" target=\"_blank\"]http://www.iwebtool.com/md5):[/a] 374789384d64563d38e5de0b357a10bc

fucking weird. if i put the 2nd md5 password inside the database, it logs in perfectly so i guess the vbulletin database uses some weird encryption but i dont know what it is.
omg thats crazy...i dont even know what vb file the function is in aahhh...........
[/quote]

Please Watch your language!

Thanks
Link to comment
Share on other sites

in your datadase password colum add this.


[code]
cf1ff14ba4fd584135f81648a4436cf3
[/code]

when log in use admin as the password.

[code]

<?

$password="admin";

$result=MD5(MD5(password.salt));

echo $result;

?>

[/code]



try this code edited.
[code]
<form action="index.php?p=login" method="post" enctype="multipart/form-data">
        Username: <input type="text" name="user" />
        Password: <input type="password" name="pass" />
        <input type="submit" value="Login" />
    </form>

<?

    if ( $_GET['p'] == 'login' ) {
    
  $server = "localhost";
  $username = "xx";
  $password = "xx";
  $database = "xx";
  $con = mysql_connect($server, $username, $password);
  mysql_select_db($database);
  
        // MD5 the form password

        $md5Pass = MD5(MD5(pass.salt));
        
        // Get user details from MySQL Table
        $Query = mysql_query( " SELECT * FROM tbl_users WHERE username = '$_POST[user]' " );
        $result = mysql_fetch_array( $Query );
        
        // Check that the form password matches the one in the database
        if ( $md5Pass == $result['password'] ) {
            echo 'User logged in';
        } else {
            echo 'Wrong Password, please try again';
        }
        
    }
    
?>
[/code]
Link to comment
Share on other sites

[!--quoteo(post=386192:date=Jun 20 2006, 07:45 PM:name=legohead6)--][div class=\'quotetop\']QUOTE(legohead6 @ Jun 20 2006, 07:45 PM) [snapback]386192[/snapback][/div][div class=\'quotemain\'][!--quotec--]
Please Watch your language!

Thanks
[/quote]


dont be a fag.
Link to comment
Share on other sites

[!--quoteo(post=387248:date=Jun 23 2006, 01:37 PM:name=newb)--][div class=\'quotetop\']QUOTE(newb @ Jun 23 2006, 01:37 PM) [snapback]387248[/snapback][/div][div class=\'quotemain\'][!--quotec--]
dont be a fag.
[/quote]

seriously. Watch it. The mods will crack come down on you.
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.