Gossamer Forum
(Advanced Search)
for
Home : Products : Links 2.0 : Customization :

crypt passwords

Oct 24, 1999, 10:37 PM
Pasha1
User (207 posts)
Oct 24, 1999, 10:37 PM
Post #1 of 10
Views: 2116
Shortcut
Quote Reply
crypt passwords
It's a bit off topic, but it's related to my Links mod Smile

I understand how to crypt the passwords:
Code:
#!/usr/bin/perl -w
# 'password.txt' file contains only five numbers: 12345
open (FILE, "password.txt") | | &error("Oops!");
$INPUT{'password'} = <FILE>;
close (FILE);
$newpassword = crypt($INPUT{'password'}, aa);
print "Content-type: text/plain\n\n";
print "$newpassword";

But I didn't get how to do this job backwards. I need to get my file w/ crypted password, and then display the plain notcrypted "12345".

Anybody knows how to do this crypting backwards?

Thank you in advance.



------------------
Complete Index of Web Master's Resources: http://www.cellwarp.com
Oct 25, 1999, 4:49 AM
dan
Enthusiast (760 posts)
dan's avatar
Oct 25, 1999, 4:49 AM
Post #2 of 10
Views: 2094
Shortcut
Quote Reply
Re: crypt passwords In reply to
Sorry but for good reason it cannot be done -encrypted passwords cannot be restored. Your only alternative is to store the real passwords in another file (preferably not web-accessible).

Dan Smile
Oct 25, 1999, 6:44 AM
Pasha1
User (207 posts)
Oct 25, 1999, 6:44 AM
Post #3 of 10
Views: 2094
Shortcut
Quote Reply
Re: crypt passwords In reply to
Then how does the web server reads the passwords in .htpasswd file? As far as I know the encryption in .htpasswd is the same as in my example. There supposed to be a way of reverse engineering of some kind Smile

------------------
Complete Index of Web Master's Resources: http://www.cellwarp.com
Oct 25, 1999, 7:06 AM
dan
Enthusiast (760 posts)
dan's avatar
Oct 25, 1999, 7:06 AM
Post #4 of 10
Views: 2091
Shortcut
Quote Reply
Re: crypt passwords In reply to
If a decryption algorithm exists, it is not available publically. This question has been asked numerous times here and in a host of other Unix bulletin boards. Sorry but you are out of luck.

Dan Smile
Oct 25, 1999, 11:41 AM
DanO
User (82 posts)
Oct 25, 1999, 11:41 AM
Post #5 of 10
Views: 2116
Shortcut
Quote Reply
Re: crypt passwords In reply to
 
Quote:
Then how does the web server reads the passwords in .htpasswd file? As far as I know the encryption in .htpasswd is the same as in my example.

The server receives the password already encrypted and compares that against the encrypted password on file on .htpasswd

Dan O.

Oct 25, 1999, 12:33 PM
garadon
User (117 posts)
Oct 25, 1999, 12:33 PM
Post #6 of 10
Views: 2104
Shortcut
Quote Reply
Re: crypt passwords In reply to
If you want encrypted passwds, here's what you do:

$existing_password = crypt($INPUT{'password'}, aa);

later, you use

print "Authenticated" if ($existing_password == crypt($INPUT{'password'}, aa)); #or something along these lines

to verify the password.
To get information about decryption of 56-bit encryption, go to http://www.distributed.net here's the gist of it: if would take your computer about 1200 years to crack a 56-bit key encryption (or so... probably longer), and it took huge numbers of people's idle processor time to crack it in only 212 days... and we've been working on the 64-bit (RC5) key for 732 days, and only have 14% of the keyspace checked... that's 40,000 people actively working on it...

--Tom
Oct 25, 1999, 7:18 PM
widgetz
Veteran (2260 posts)
Oct 25, 1999, 7:18 PM
Post #7 of 10
Views: 2093
Shortcut
Quote Reply
Re: crypt passwords In reply to
hehe.. if you wanted to be able to decrypt passwords.. you can use HEX... Smile

i'm not sure if it works for every character though..

jerry
Jun 2, 2000, 7:28 AM
wizard
User (64 posts)
Jun 2, 2000, 7:28 AM
Post #8 of 10
Views: 2094
Shortcut
Quote Reply
Re: crypt passwords In reply to
Can I create my own algorithm so that the password can be decrypted? If so, how? Thank you!!


Jun 2, 2000, 9:15 AM
cK
Enthusiast (567 posts)
Jun 2, 2000, 9:15 AM
Post #9 of 10
Views: 2097
Shortcut
Quote Reply
Re: crypt passwords In reply to
Yes, check the Perl/CGI forum. I can remember reading something about it ones. I think round the start of this bb - in UBB version - (8/99 or sooner ?)

Jun 2, 2000, 12:54 PM
Stealth
Veteran (17240 posts)
Stealth's avatar
Jun 2, 2000, 12:54 PM
Post #10 of 10
Views: 2085
Shortcut
Quote Reply
Re: crypt passwords In reply to
Actually the decrpyt Thread was posted more recent than that in the Perl/CGI Forum, like around early April 2000.

Smile

Regards,

Eliot Lee