Comments on: Hack the Password !!! http://www.sajithmr.me/hack-the-password Fri, 27 Jan 2012 16:09:46 +0000 hourly 1 http://wordpress.org/?v=3.2.1 By: ford http://www.sajithmr.me/hack-the-password/comment-page-1#comment-103826 ford Wed, 21 Apr 2010 06:50:52 +0000 http://www.sajithmr.com/hack-the-password/#comment-103826 Hi. EMAIL ME!!! I'm hacker. Can get you a myspace, facebook,yahoo,msn/hotmail, gmail, aol...etc password. I do charge money though,but will show proof i have it. Are you interested? please email me at fordtrucks90@live.com (I was formly known as fordf202006 on yahoo but my account was deleted) Hi. EMAIL ME!!! I’m hacker. Can get you a myspace, facebook,yahoo,msn/hotmail, gmail, aol…etc password. I do charge money though,but will show proof i have it. Are you interested? please email me at fordtrucks90@live.com (I was formly known as fordf202006 on yahoo but my account was deleted)

]]> By: Frank http://www.sajithmr.me/hack-the-password/comment-page-1#comment-103723 Frank Tue, 20 Apr 2010 15:09:55 +0000 http://www.sajithmr.com/hack-the-password/#comment-103723 Good article! Thanks a lot. Good article! Thanks a lot.

]]> By: Omkar Khair http://www.sajithmr.me/hack-the-password/comment-page-1#comment-99336 Omkar Khair Sun, 21 Mar 2010 06:37:35 +0000 http://www.sajithmr.com/hack-the-password/#comment-99336 Absence of salt would store the plain hashed password in the table. As mentioned in the post, if the table is extracted some how then the intruder can find a match for his hash. The chances of this happening is considerably low, but adding Salt would make a significant improvement in security. Absence of salt would store the plain hashed password in the table. As mentioned in the post, if the table is extracted some how then the intruder can find a match for his hash.

The chances of this happening is considerably low, but adding Salt would make a significant improvement in security.

]]> By: summary http://www.sajithmr.me/hack-the-password/comment-page-1#comment-81037 summary Wed, 26 Aug 2009 09:47:25 +0000 http://www.sajithmr.com/hack-the-password/#comment-81037 What if Salt value is not added to DB table ? What if Salt value is not added to DB table ?

]]> By: Chetan http://www.sajithmr.me/hack-the-password/comment-page-1#comment-31863 Chetan Sun, 30 Nov 2008 11:22:30 +0000 http://www.sajithmr.com/hack-the-password/#comment-31863 Currently databases are the most targeted objects by hackers, it is really important to keep them safe. Currently databases are the most targeted objects by hackers, it is really important to keep them safe.

]]> By: Ford http://www.sajithmr.me/hack-the-password/comment-page-1#comment-19697 Ford Mon, 18 Aug 2008 23:17:24 +0000 http://www.sajithmr.com/hack-the-password/#comment-19697 hi. I am a hacker. I can get you an aol,yahoo,myspace,facebook,gmail...etc password. I do charge a fee to get a password though. Once i do get password i'll show you proof i have it. Are you interested? E-mail me at Fordf202006@yahoo.com hi. I am a hacker. I can get you an aol,yahoo,myspace,facebook,gmail…etc password. I do charge a fee to get a password though. Once i do get password i’ll show you proof i have it. Are you interested? E-mail me at Fordf202006@yahoo.com

]]> By: peeto http://www.sajithmr.me/hack-the-password/comment-page-1#comment-10980 peeto Fri, 23 May 2008 00:40:03 +0000 http://www.sajithmr.com/hack-the-password/#comment-10980 select u.user from table as u where u.password=sha1(concat('access', u.salt, 'hackedglobalpattern')); select u.user from table as u where u.password=sha1(concat(‘access’, u.salt, ‘hackedglobalpattern’));

]]> By: Babu Syed http://www.sajithmr.me/hack-the-password/comment-page-1#comment-6188 Babu Syed Wed, 19 Mar 2008 12:25:18 +0000 http://www.sajithmr.com/hack-the-password/#comment-6188 like the window showing the visitor's location in map. how can i get it for my page? BS at psbabusyed@gmail.com like the window showing the visitor’s location in map. how can i get it for my page?
BS at psbabusyed@gmail.com

]]> By: Binny V A http://www.sajithmr.me/hack-the-password/comment-page-1#comment-4939 Binny V A Tue, 04 Mar 2008 09:25:06 +0000 http://www.sajithmr.com/hack-the-password/#comment-4939 Great! Thanks for clearing that up Great! Thanks for clearing that up

]]> By: Sajith M.R http://www.sajithmr.me/hack-the-password/comment-page-1#comment-4865 Sajith M.R Mon, 03 Mar 2008 19:06:56 +0000 http://www.sajithmr.com/hack-the-password/#comment-4865 Hi Binny, $md5_password was a mistake happened while copy-pasting . I edited that in article now. And about the checking in login, see below. The salt is created by random, but you have to save this salt in another filed into your database table (that i mentioned in this article). So when login check, what you have to do is: 1) Get the saved salt from database table. (Select salt from table where username = 'Sanjay'); 2) Recreate the hash from user entered password . say $password 3) Calculate the hash digest from the former formula. <?php $hash_password = sha1($password . $salt . auth::GlobalPattern()); ?> 4) Get the saved hash say $saved_hash from table (Select password from table where user='Sanjay'); 5) Compare both. $hash_password and $saved_hash 6) If both are equal login, else invalid password. Thanks Syth Hi Binny,
$md5_password was a mistake happened while copy-pasting . I edited that in article now. And about the checking in login, see below.

The salt is created by random, but you have to save this salt in another filed into your database table (that i mentioned in this article). So when login check, what you have to do is:
1) Get the saved salt from database table. (Select salt from table where username = ‘Sanjay’);

2) Recreate the hash from user entered password . say $password

3) Calculate the hash digest from the former formula.
< ?php $hash_password = sha1($password . $salt . auth::GlobalPattern()); ?>

4) Get the saved hash say $saved_hash from table (Select password from table where user=’Sanjay’);

5) Compare both. $hash_password and $saved_hash

6) If both are equal login, else invalid password.

Thanks
Syth

]]>