notes.splitbrain.org

User Tools

Site Tools

Trace:
genwikihash.php

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
genwikihash.php [2006/11/09 19:04] – old revision restored andigenwikihash.php [2006/11/13 13:48] (current) – old revision restored andi
Line 1: Line 1:
 +From command line (using php-cli):
 +<code>
 +$ php genWikihash.php <clear text pass> [<crypt method (defaults to smd5)>]
 +</code>
 +
 +<code php>
 +<?php
 +// call it: php dokupass.php <clear text pass> <method (default smd5)>
 +// Tomas V.V.Cox <cox@idecnet.com>
 +
 +function msg($str) { die($str); }
 +
 +/**
 + * Encrypts a password using the given method and salt
 + *
 + * If the selected method needs a salt and none was given, a random one
 + * is chosen.
 + *
 + * The following methods are understood:
 + *
 +   smd5  - Salted MD5 hashing
 +   md5   - Simple MD5 hashing
 +   sha1  - SHA1 hashing
 +   ssha  - Salted SHA1 hashing
 +   crypt - Unix crypt
 +   mysql - MySQL password (old method)
 +   my411 - MySQL 4.1.1 password
 + *
 + * @author  Andreas Gohr <andi@splitbrain.org>
 + * @return  string  The crypted password
 + */
 +function auth_cryptPassword($clear,$method='',$salt=''){
 +  global $conf;
 +  if(empty($method)) $method = $conf['passcrypt'];
 +
 +  //prepare a salt
 +  if(empty($salt)) $salt = md5(uniqid(rand(), true));
 +
 +  switch(strtolower($method)){
 +    case 'smd5':
 +        return crypt($clear,'$1$'.substr($salt,0,8).'$');
 +    case 'md5':
 +      return md5($clear);
 +    case 'sha1':
 +      return sha1($clear);
 +    case 'ssha':
 +      $salt=substr($salt,0,4);
 +      return '{SSHA}'.base64_encode(pack("H*", sha1($clear.$salt)).$salt);
 +    case 'crypt':
 +      return crypt($clear,substr($salt,0,2));
 +    case 'mysql':
 +      //from http://www.php.net/mysql comment by <soren at byu dot edu>
 +      $nr=0x50305735;
 +      $nr2=0x12345671;
 +      $add=7;
 +      $charArr = preg_split("//", $clear);
 +      foreach ($charArr as $char) {
 +        if (($char == '') || ($char == ' ') || ($char == '\t')) continue;
 +        $charVal = ord($char);
 +        $nr ^= ((($nr & 63) + $add) * $charVal) + ($nr << 8);
 +        $nr2 += ($nr2 << 8) ^ $nr;
 +        $add += $charVal;
 +      }
 +      return sprintf("%08x%08x", ($nr & 0x7fffffff), ($nr2 & 0x7fffffff));
 +    case 'my411':
 +      return '*'.sha1(pack("H*", sha1($clear)));
 +    default:
 +      msg("Unsupported crypt method $method",-1);
 +  }
 +}
 +if (empty($_SERVER['argv'][1])) {
 +    die("Usage: php " . $_SERVER['argv'][0] . " <clear pass text> <method (default smd5)>\n");
 +}
 +$method = !empty($_SERVER['argv'][2]) ? $_SERVER['argv'][2] : 'smd5';
 +echo auth_cryptPassword($_SERVER['argv'][1], $method) . "\n";
 +
 +?>
 +</code>
 +
 +
 +== Comments ==
 +
 +Roland Eckert wrote 2006-Aug-06 16:41:16 CET:
 +
 +I also had luck generating a valid hash using the command line
 +
 +<code php>
 +php -r 'echo md5("mypassword")."\n";'
 +</code>
 +