Ninjakreborn Posted July 19, 2006 Share Posted July 19, 2006 Ok this is a standard php function cryptIt's not part of the mcrypt library it's just a standard php function, I studied this for awhile, and I was going to do this, but I don't know if it's documented but I think I might have found an error in this, I am going to report it as an error to php.netbased on the manual, and everyoen I have asked, the traditional way to use crypt is to have them create a username and password, at the beginning take the username and password, and salt the password with the first 2 letters of the username like thisnote, this is assuming they already submitted the form, there username is whatever they choose, as well as there password[code]$salt = substr($username, 0, 2);$password = crypt($password, $salt);[/code]Ok this takes the password they entered, and encrypts it with the salt, then it stores it back into the password, then you feed that to the database, and it saves it.Done with encryption.Now you can't decrypt this, it's 1 way encryption.But the way you are supposed to be able to authenticate the user, or check the password he enters against his password is when they try to sign in they enter a username and passwordwhen you get the data, you do the following with whatever password they put in[code]$salt = substr($username, 0, 2);$password = crypt($password, $salt);[/code]The username is now the username they entered and the password is the encrypted form of the password they entered into the form, then you take that encrypted password, and username, run it against the database, if this encrypted password in non-encryption form was the same as there other passsword they match, if you crypt 2 words with the same salt, they are suppose to be the same, as far as the manual says. Now so if they enter another password than there own, when it encrypts using those 2 letters it will be different than there original password, so it returns false.I found a loophole, that I want to report, not sure if it's known or notIf you take some characters, and change it around it stillr eturns true, if you enter the same password for both, it returns to, great, then playing around if you change just 1 letter, or 2 letters, int eh right way, it changes it and makes it true anyway even though it wasn't suppose to be an exact match,Just trying to leave a deep warning for people using crypt for authentification, you can even try it for yourself, make the first password you create when you register952103902then when you check it later in another script from the password, using the username try 952103902 and it returns true, then if you decide to go ahead and test it using a few different letters just throw a random letter at the end, or change one int eh middle it's still true, insstead of false like it should befair warning. Quote Link to comment https://forums.phpfreaks.com/topic/15080-standard-function-error/ Share on other sites More sharing options...
trq Posted July 19, 2006 Share Posted July 19, 2006 As it clearly states in the manual.[quote]You should pass the entire results of crypt() as the salt for comparing a password, to avoid problems when different hashing algorithms are used[/quote] Quote Link to comment https://forums.phpfreaks.com/topic/15080-standard-function-error/#findComment-60686 Share on other sites More sharing options...
litebearer Posted July 20, 2006 Share Posted July 20, 2006 Also from the manual[quote]The standard DES-based encryption crypt() returns the salt as the first two characters of the output. It also only uses the first eight characters of str, so longer strings that start with the same eight characters will generate the same result (when the same salt is used). [/quote] Which would seem to indicate that user:michaeljordan02 password: 123456789a would ultimately give same result as user:michaeljordan99 password: 123456789bx3dOr will it? (too early to set up a test script, coffee has NOT kicked in yet)Lite... Quote Link to comment https://forums.phpfreaks.com/topic/15080-standard-function-error/#findComment-60948 Share on other sites More sharing options...
Ninjakreborn Posted July 20, 2006 Author Share Posted July 20, 2006 ah ok, thanks Quote Link to comment https://forums.phpfreaks.com/topic/15080-standard-function-error/#findComment-60968 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.