notes.splitbrain.org

User Tools

Site Tools

Trace: genwikihash.php
genwikihash.php

From command line (using php-cli): 

$ php genWikihash.php <clear text pass> [<crypt method (defaults to smd5)>]
<?php
// call it: php dokupass.php <clear text pass> <method (default smd5)>
// Tomas V.V.Cox <cox@idecnet.com>
 
function msg($str) { die($str); }
 
/**
 * Encrypts a password using the given method and salt
 *
 * If the selected method needs a salt and none was given, a random one
 * is chosen.
 *
 * The following methods are understood:
 *
 *   smd5  - Salted MD5 hashing
 *   md5   - Simple MD5 hashing
 *   sha1  - SHA1 hashing
 *   ssha  - Salted SHA1 hashing
 *   crypt - Unix crypt
 *   mysql - MySQL password (old method)
 *   my411 - MySQL 4.1.1 password
 *
 * @author  Andreas Gohr <andi@splitbrain.org>
 * @return  string  The crypted password
 */
function auth_cryptPassword($clear,$method='',$salt=''){
  global $conf;
  if(empty($method)) $method = $conf['passcrypt'];
 
  //prepare a salt
  if(empty($salt)) $salt = md5(uniqid(rand(), true));
 
  switch(strtolower($method)){
    case 'smd5':
        return crypt($clear,'$1$'.substr($salt,0,8).'$');
    case 'md5':
      return md5($clear);
    case 'sha1':
      return sha1($clear);
    case 'ssha':
      $salt=substr($salt,0,4);
      return '{SSHA}'.base64_encode(pack("H*", sha1($clear.$salt)).$salt);
    case 'crypt':
      return crypt($clear,substr($salt,0,2));
    case 'mysql':
      //from http://www.php.net/mysql comment by <soren at byu dot edu>
      $nr=0x50305735;
      $nr2=0x12345671;
      $add=7;
      $charArr = preg_split("//", $clear);
      foreach ($charArr as $char) {
        if (($char == '') || ($char == ' ') || ($char == '\t')) continue;
        $charVal = ord($char);
        $nr ^= ((($nr & 63) + $add) * $charVal) + ($nr << 8);
        $nr2 += ($nr2 << 8) ^ $nr;
        $add += $charVal;
      }
      return sprintf("%08x%08x", ($nr & 0x7fffffff), ($nr2 & 0x7fffffff));
    case 'my411':
      return '*'.sha1(pack("H*", sha1($clear)));
    default:
      msg("Unsupported crypt method $method",-1);
  }
}
if (empty($_SERVER['argv'][1])) {
    die("Usage: php " . $_SERVER['argv'][0] . " <clear pass text> <method (default smd5)>\n");
}
$method = !empty($_SERVER['argv'][2]) ? $_SERVER['argv'][2] : 'smd5';
echo auth_cryptPassword($_SERVER['argv'][1], $method) . "\n";
 
?>
Comments

Roland Eckert wrote 2006-Aug-06 16:41:16 CET:

I also had luck generating a valid hash using the command line 

php -r 'echo md5("mypassword")."\n";'
genwikihash.php.txt · Last modified: 2006/11/13 13:48 by andi