I recently used PHP, So I went online to find some information! I have accidentally read this article and recommended it to you.
I recently used PHP, So I went online to find some information! I have accidentally read this article and recommended it to you.
Because I prefer SQL injection.
Many websites, such as aspphpjsp, have been detected before, after, and after.
It is found that the md5 encryption algorithm is basically used.
It is said that MD5 cannot be undone.
MD5 cannot be reversed, but it can be cracked.
You only need to save the commonly used password MD5 to the database.
Others only need to provide the MD5 password for database comparison to restore the password.
Www.xmd5.org outside China
Both provide online cracking
Have many webmasters ever been infiltrated? The largest part is the leakage of the administrator password caused by SQL injection.
Then break into the background
I found the PHP built-in function crypt very good.
Cooperation with MD5 is more invincible
$ Pass = '000000 ';
Echo "after MD5 encryption". md5 ($ pass )."
"; // Insecure
Echo "after crypt encryption". crypt ($ pass )."
"; // The password will change after refreshing.
Echo "after crypt complex encryption". crypt ($ pass, substr ($ pass, 0, 2 ))."
"; // Still uncomfortable
Echo "unencrypted". md5 (crypt ($ pass, substr ($ pass )))."
"; // How can I break this password now ???
?>
The final password or 32-bit is regarded as MD5 encryption.
However, no matter how huge the MD5 HASH value of the other party is, a few terabytes of data cannot be cracked.
Of course, the above ideas can be used in some other languages, such as asp, asp.net, and jsp.
