• There is NO official Otland's Discord server and NO official Otland's server list. The Otland's Staff does not manage any Discord server or server list. Moderators or administrator of any Discord server or server lists have NO connection to the Otland's Staff. Do not get scammed!
  • 2026 staff recruitment is open! Check it out and consider applying!

Passwords Problem With "Sha1"

Hrsha

Hrsha

Member
Joined
May 30, 2010
Messages
450
Reaction score
21
Location
Egypt
Hi otland

i have problem with sha1 which i cant read passwords of accounts
and it deny to have full control as manager of ot

so is there any way to make full plain ot ? with acc ?
iam using modern acc 0.6.2 or is there a way to read sha1 passwords ?

.. thanks
 
Sort by date Sort by votes
Zisly said:
Why do you want to be able to read the passwords? gonna try hacking or what?...
there's no reason for the owner having the passwords in plain text.
Click to expand...

am i gonna hack my players ? lol
its not really important but its annoying
sometimes i want to give back an account to the owner which i know him in real xD
but i cant read its password although i can change it to other hashed working password
 
Upvote 0 Downvote
walkingdragon said:
Give up on me because I am a troll? But no seriously I've tried it on 2-3 different decoders and they all came out with the same output data.
Click to expand...

facepalm.jpg


Learn to read.
 
Upvote 0 Downvote
Sure, read:
If you still don't understand it I conclude you're either a troll or I'll give up on you.

It means:
IF you still don't understand it....
> then I conclude
>> you are either a troll
>> OR I'll plainly give up on you.
 
Upvote 0 Downvote
This thread has inspired me to update my encryption algorithm on my service incase someone wants to spend 10 years trying to decrypt a single sha512 encrypted password in my db

Here is what I am thinking of using:
PHP: 
base64_encode(hash("whirlpool", hash("sha512", "Enjoy being a massive faggot")) . substr(sha1(rand()), 0, 4));

Would someone mind giving constructive feed back on my decision?
 
Upvote 0 Downvote
Hrsha said:
am i gonna hack my players ? lol
its not really important but its annoying
sometimes i want to give back an account to the owner which i know him in real xD
but i cant read its password although i can change it to other hashed working password
Click to expand...
Yes, that's what I would assume because there's no reason for the owner having them in plain text. If someone forgets his/her password, they'd use the "lost password" interface in the AAC. If you do not use an AAC you can script this into the account manager I'd presume. Now the case is of your friend wanting the exact same password he forgot, simply give him a new one. Don't put the other player's security at unnecessary risk.


SlurpDerp said:
This thread has inspired me to update my encryption algorithm on my service incase someone wants to spend 10 years trying to decrypt a single sha512 encrypted password in my db

Here is what I am thinking of using:
PHP: 
base64_encode(hash("whirlpool", hash("sha512", "Enjoy being a massive faggot")) . substr(sha1(rand()), 0, 4));

Would someone mind giving constructive feed back on my decision?
Click to expand...

Rand()? you sure about that?
 
Upvote 0 Downvote
I don't want to be an asshole here.. but sha1 is not an encryption that can be decrypted to show exactly what it was before encryption?
Why?
for example:
habba = 82hs982jaj26ag27m
ölabar = 82hs982jaj26ag27m

82hs982jaj26ag27m = habba/ölabar/erifass/ido69/lolatthemk/stuffen/m.m
(As said, it's an example, the encryption doesn't mean exactly what I say it was)

say you multiply every letter in the password, if your password is "123", it will calculate "1*2*3", the outcome would be the encryption code.

so if one password is "45", and another is "54", the encryption code would be "20" in both cases. because in the math situation they end up being the same.

so if you understand what I'm saying, you will understand that 1 string of sha1 encryption can be 100 different passwords.
 
Upvote 0 Downvote
DannyXDXD said:
I don't want to be an asshole here.. but sha1 is not an encryption that can be decrypted to show exactly what it was before encryption?
Why?
for example:
habba = 82hs982jaj26ag27m
ölabar = 82hs982jaj26ag27m

82hs982jaj26ag27m = habba/ölabar/erifass/ido69/lolatthemk/stuffen/m.m
(As said, it's an example, the encryption doesn't mean exactly what I say it was)

say you multiply every letter in the password, if your password is "123", it will calculate "1*2*3", the outcome would be the encryption code.

so if one password is "45", and another is "54", the encryption code would be "20" in both cases. because in the math situation they end up being the same.

so if you understand what I'm saying, you will understand that 1 string of sha1 encryption can be 100 different passwords.
Click to expand...
A little late to the party.
 
Upvote 0 Downvote
Back
Top