Author Topic: Prevent password reversing.  (Read 2689 times)

Offline Delete mine too

  • Death Knight
  • *********
  • Posts: 2652
  • http://meatspin.com
    • View Profile
    • http://meatspin.com
Prevent password reversing.
« on: June 15, 2015, 03:43:12 PM »
I'm testing this now I'm going to setup my pvpgn and see how it's takes this password.
<?php passwordhere(); ?>

It's broke the output on the reversing sites and also didn't return results for 13 billion possible.

Offline Delete mine too

  • Death Knight
  • *********
  • Posts: 2652
  • http://meatspin.com
    • View Profile
    • http://meatspin.com
Re: Prevent password reversing.
« Reply #1 on: June 15, 2015, 04:40:50 PM »
There you go that's how you contribute instead of take.

Offline xboi209

  • Grunt
  • ***
  • Posts: 80
    • View Profile
Re: Prevent password reversing.
« Reply #2 on: June 15, 2015, 10:41:23 PM »
Please don't confuse the two terms encryption and hash. I know that StarCraft uses a broken version of SHA-1, which is known as XSHA-1, but I don't know about WarCraft 2 so I'll assume that they both use XSHA-1 for the rest of this post.
XSHA-1 hashes can be reversed and based on the allowed characters for passwords, the original password can be deduced. After deducing the original password, just handle it as any other modern server would.
You can also just use some combination of multiple rounds of SHA-2 and salt on the XSHA-1 hashes themselves.
« Last Edit: June 15, 2015, 10:45:50 PM by xboi209 »

Offline Warchief Lightbringer-

  • Server Admin
  • Axe Thrower
  • *****
  • Posts: 428
    • View Profile
Re: Prevent password reversing.
« Reply #3 on: June 16, 2015, 01:10:34 AM »
Removed 3 posts from archer in this sub forum.
aka DeaDLyGaMeS