Hello!
I've been trying recently to create a login application that connects to a MySQL database and authenticates the user data.
I have managed to encrypt the password with a simple MD5 encryption but the database I want to connect to is used by PHPBB that uses a different kind of encryption.
Here is the encrypt function of PHPBB (in PHP):
PHP Code:
function phpbb_hash($password)
{
$itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
$random_state = unique_id();
$random = '';
$count = 6;
if (($fh = @fopen('/dev/urandom', 'rb')))
{
$random = fread($fh, $count);
fclose($fh);
}
if (strlen($random) < $count)
{
$random = '';
for ($i = 0; $i < $count; $i += 16)
{
$random_state = md5(unique_id() . $random_state);
$random .= pack('H*', md5($random_state));
}
$random = substr($random, 0, $count);
}
$hash = _hash_crypt_private($password, _hash_gensalt_private($random, $itoa64), $itoa64);
if (strlen($hash) == 34)
{
return $hash;
}
return md5($password);
}
And here is my Project Code:
Code:
Imports System.Text
Imports System.Security.Cryptography
Imports System.IO
Imports MySql.Data
Imports MySql.Data.MySqlClient
Public Class Form1
Dim conn As MySqlConnection
Dim myCommand As New MySqlCommand
Dim myAdapter As New MySqlDataAdapter
Dim myData As MySqlDataReader
Dim md5pass As String
Public Shared Function MD5Encrypt(ByVal str As String) As String
Dim md5 As MD5CryptoServiceProvider
Dim bytValue() As Byte
Dim bytHash() As Byte
Dim strOutput As String
Dim i As Integer
md5 = New MD5CryptoServiceProvider
bytValue = System.Text.Encoding.UTF8.GetBytes(str)
bytHash = md5.ComputeHash(bytValue)
md5.Clear()
For i = 0 To bytHash.Length - 1
strOutput &= bytHash(i).ToString("x").PadLeft(2, "0")
Next
MD5Encrypt = strOutput
End Function
Private Sub NButton1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles NButton1.Click
userbox.Enabled = False
passbox.Enabled = False
md5pass = MD5Encrypt(passbox.Text)
conn = New MySqlConnection()
conn.ConnectionString = "server=XXXXX;" _
& "user id=XXXXX;" _
& "password=XXXXX;" _
& "database=XXXXX;"
conn.Open()
Dim sqlquery = "SELECT * FROM phpbb_users WHERE username_clean = '" + userbox.Text + "' AND user_password = '" + md5pass + "'"
myCommand.Connection = conn
myCommand.CommandText = sqlquery
myAdapter.SelectCommand = myCommand
myData = myCommand.ExecuteReader()
If myData.HasRows = 0 Then
userbox.Enabled = True
passbox.Enabled = True
conn.Close()
conn.Open()
Else
conn.Close()
MsgBox("Success!", MsgBoxStyle.Information, "KEWL!")
End If
End Sub
End Class
Thanks in advance!
04-23-2009, 5:42 PM
PHPBB MD5 Encryption in VB
Linear Mode
