md5 hash tuning

The following article may be the pinnacle of stupidity but as I always say I'm a better Admin than coder. Yesterday, while draŝeh the AJAX script and had to send some data which I use for their hash validation because the script does not share the $ _ SESSION array and things become slightly uncertain. That's why do the following mess all pameri submitted by POST or make them GET a md5 hash of konkateriranite parameters and then compare it. Overall not a bad scheme I think. Heširaŝi algorithms for this purpose Bowl MD5 , SHA, DESC and so on. Here things are clear to say, It will use the MD5 hash parameters (as in doing factual). We have 3 the parameter that is submitted in the GET i = 1 n = 2 m = 3 and say hešriane string is 123 What makes us the following MD5 hash 202cb962ac59075b964b07152d234b70. Nothing here who know what interesting. This hash will fall for a few seconds in any attack. Here's the simple salt and pepper my idea. Let's say I take the first and last character of the string and swap their places in this manner yields a 002cb962ac59075b964b07152d234b72 hash if someone already if I hadn't read the code us what idiocy makes bad hacking attempt. Real hash is another and even to be izsnifen is utterly useless. But why stop here, we can divide the hash of several blocks, in this case, MD5 is 32 If the symbol is divided into 4 blocks 8 characters and their move places becomes even more uncomfortable position. Далеч най приятния ефект е, че визуално си е стандартен md5 хеш и злия хахор може да си чупи докато има желание. Не съм добър по криптиране и не мога да пледирам за нещо кой знае колко фундаментално и прочие но ми допада колко е семпло като идея и реализация и съвременно надеждността е критично висока не като на нормалния MD5 които с една по грамотна видео карта се чупи за норматив.

Ето и примерен код за първата идея с размяната на първия и последния символ елементарен код от 3 реда 🙂


$hash = '202cb962ac59075b964b07152d234b70';

$first = substr($hash,0,1);
$last = substr($hash,-1);
$rest = substr($hash,1,30);
$hash = $last.$rest.$first;
echo "The real hash is : $str <br> inverted hash is : $hash";


leave a reply

Your email address will not be published. Required fields are marked *

anti SPAM *