Encrypting MySQL passwords and accessing

[RooZ]

Hello,

I have a website which I'm the "global admin" but others contribute to the coding as well. The only problem with this is the MySQL password which is in plain text on each page. What I'm hoping to do is to be able to have the password md5'd or similar, but that's where I hit a snag and I'm not too sure how to get MySQL to accept the password in md5 form.

Is it possible to have the password fully encrypted, or will I have to use another tactic?

Cheers

[phpSensei]

What?

 

<?php


$example_password = "I am Sensei";
$example_password = md5($example_password);

mysql_query("INSERT INTO table (password) VALUES ('$example_password')");

?>

 

 

Your password field has to be VARCHAR(225)

[RooZ]

Oh, sorry. I was talking about the actual MySQL user password, the root password.

[corbin]

Your password field has to be VARCHAR(225)

 

 

md5 hashes are always 32 characters, so why 225?

 

Hmmm RooZ, I would think that mysql passwords are encrypted.....  You mean the ones in the mysql database that like you use to connect to mysql with right?

[RooZ]

Okay, I don't think I was very clear, what I mean is:

if (!@mysql_connect("localhost", "root", "thispassword")) { [..]

"thispassword" is in plain text, which I don't want. I was hoping it would be possible to get the md5 hash, so it was:

if (!@mysql_connect("localhost", "root", "f6a0f3655b26fe4e058a59b4757f6019")) { [..]

And still be able to connect to the database.

Cheers

[corbin]

If someone has access to your PHP files, you should be able to trust them with your MySQL info....

 

 

As far as I know, the password has to be passed to mysql_connect in plain text....

 

You could always do mysql_connect(,, decrypt(<hash>)), but someone could simply do echo decrypt(<hash>).

 

Unless there's a way to send mysql the encrypted password and have it know what it is (I'm gonna go Googling in a sec), it has to be plain text in your PHP files.

[RooZ]

If someone has access to your PHP files, you should be able to trust them with your MySQL info....

That's true, but I've come across a few sites where the Apache conf got messed or corrupted up and .php files we're printed entirely as a .txt, which is a bit worrying.

Might be a bit excessive, but I rather be secure than hacked

[corbin]

You could get a commercial script encrypter, and that would encrypt everything....  A php script encoded with Zend Guard for example looks like gibberish....  But, php encrypting things are expensive.

 

I doubt your httpd.conf is going to get corrupted if that's your only fear.

 

Also, your mysql could be set to only accept local connections, meaning unless someone could upload php or use something like SSH, you would be fine MySQL wise even if someone did find out your password.

 

I assumed you were trying to hide the password from people who were supposed to have access to your PHP sources.

[anon]

I know this may be a tad off-topic, but how do i change the main password and username to mySQL. As in, the main password you use to log in to the mySQL server?

[phpSensei]

I know this may be a tad off-topic, but how do i change the main password and username to mySQL. As in, the main password you use to log in to the mySQL server?

 

Um, maybe your webserver control panel.

[anon]

I the password for Cpanel the same as the one for the mySQL server?

[phpSensei]

I the password for Cpanel the same as the one for the mySQL server?

 

All the information for this is provided in your admin panel, or probably in a email or something.

[anon]

Nevermind. You're right. Back on to the original topic now... How would i secure the bit at the top of PHP code, the bit which connects to the DB.

 

I heard that you can store this in a file, and call it in later. TRUE or FALSE

[corbin]

Any form data is used in inside of a php script is accessible.

 

Example:

 

$hash = '9asd9390af8972D9q34K';
do_something(decrypt_hash($hash));

 

Obviously if someone could get in the PHP file they could just echo the return from decrypt_hash x.x.

 

If it has to be passed as plain text to mysql_connect, there's no way to stop someone from seeing the password.

 

Right as I said that I got an idea.....

 

You could use a class, located out of the access levels of anyone who would view php files....  In this class, the hash would be decrypted, but passed inside of the class, so no one could see it outside....

 

 

Lemme code an example...

[corbin]

Let's pretend the siteroot is /html/, and that you're the only person with FTP access to /.

 

/secret_mysql.php

class secret_mysql {

public function connect($host, $user, $pass, $db) {
	return mysql_connect($host, $user, $this->decrypt($pass), $db);
}

private function decrypt($pass) {
	return base64_decode($pass);
}

/* public function makehash($pass) {
	return base64_encode($pass);
} */
//example hash making fucntion

}

 

/html/example.php

require '../secret_mysql.php';
$c = new secret_mysql;
//lets pretend for this example that the mysql username is root and the password is 'corbin'
$link = $c->connect('localhost', 'root', 'Y29yYmlu', 'somedb'); //base64_encode return of 'corbin', the example password

 

That would work, and at no point could anyone output the password even if they could include and use secret_mysql.php.

 

The only problem with that (besides the obvious base64_encode as the encryption), is that someone could do this:

 

echo file_get_contents('../secret_mysql.php');

 

And then run it somewhere else showing the output of decrypt.....

 

 

Hmmmm....  I guess it's really not possible to protect data from its owner script lol ;p.