md5 combined with cryp = invincible password
Author:Eve Cole
Update Time:2009-06-07 14:57:20
Because I like sql injection and have tested many websites ASPHPHPJSP.
I found that the MD5 encryption algorithm is basically used. They say that MD5 is irreversible and cannot be broken. MD5 is irreversible but can be broken violently. All you need to do is put the commonly used password in MD5 and then put it in the database. Others only need to provide the MD5 password for database comparison to restore the password. Domestic www .cmd5.com abroad www.xmd5.org
They all provide online blasting. Many webmasters have been hacked, right? The biggest part is that the administrator password was leaked by SQL injection and then went into the background to cause damage. I found that PHP's built-in function crypt is very good and works well with MD5, making it even more invincible.
<?php
$pass = '123456';
echo "MD5 encryption".md5($pass)."<br>"; //Unsafe
echo "crypt after encryption".crypt($pass)."<br>"; // The messy password will change after refreshing
echo "crypt after complex encryption".crypt($pass,substr($pass,0,2))."<br>"; //Still unhappy
echo "After invincible encryption".md5(crypt($pass,substr($pass,0,2)))."<br>"; // How do hackers break this password now? ? ?
?>
The final password is still 32 bits. At first glance, I thought it was MD5 encryption.
But no matter how huge the opponent's MD5 HASH value is, several T of data cannot be cracked.
