Warcraft II Forum

Warcraft II => Mods & Development => Topic started by: Delete mine too on June 15, 2015, 03:43:12 PM

Title: Prevent password reversing.
Post by: Delete mine too on June 15, 2015, 03:43:12 PM

I'm testing this now I'm going to setup my pvpgn and see how it's takes this password.
<?php passwordhere(); ?>

It's broke the output on the reversing sites and also didn't return results for 13 billion possible.

Title: Re: Prevent password reversing.
Post by: Delete mine too on June 15, 2015, 04:40:50 PM

There you go that's how you contribute instead of take.

Title: Re: Prevent password reversing.
Post by: xboi209 on June 15, 2015, 10:41:23 PM

Please don't confuse the two terms encryption and hash. I know that StarCraft uses a broken version of SHA-1, which is known as XSHA-1, but I don't know about WarCraft 2 so I'll assume that they both use XSHA-1 for the rest of this post.
XSHA-1 hashes can be reversed and based on the allowed characters for passwords, the original password can be deduced. After deducing the original password, just handle it as any other modern server would.
You can also just use some combination of multiple rounds of SHA-2 and salt on the XSHA-1 hashes themselves.

Title: Re: Prevent password reversing.
Post by: Warchief Lightbringer- on June 16, 2015, 01:10:34 AM

Removed 3 posts from archer in this sub forum.