Results 1 to 5 of 5

Thread: PHP SQL username encrypted

  1. #1

    Unhappy PHP SQL username encrypted

    Hi Everybody .
    I've have a Bulleting forum , which is written in PHP and SQL database . It's has been hacked recently . I found out the reason that the hacker sniff in the process when PHP part authenticate with SQL part . I captured it myself and saw that the Admin username and password are sent in Clear text .
    I'm asking is there anyway we encrypt this ?

    Thanks guy . All helps are welcomed
    Let\'s go to Paramount Great America !!!! LFC (LookingForChick)

  2. #2
    Senior Member tampabay420's Avatar
    Join Date
    Aug 2002
    Posts
    953

    Talking Is this what you need?

    // Include common variables and message text
    // include 'zcommon.php';
    // Normally these would come from an include file. Since this is
    // an example, we'll just put them here:
    // db login parameters
    $dbhost = "YOURHOSTHERE";
    $dbuser = "YOURUSERHERE";
    $dbpassword = "YOURPASSHERE";
    $db = "YOURDBHERE";
    $sysadminemail = "sjohnson@fuzzygroup.com";
    // Connecting, selecting database
    $link = mysql_connect("$dbhost", "$dbuser", "$dbpassword")
    or die("Could not connect");
    //select the database
    mysql_select_db("$db")
    or die("Could not select database");
    //select the username and password so that we can modify them
    $query = "SELECT username, password FROM users";
    $result = mysql_query($query)
    or die("Query failed when selecting username, password from database.");

    //loop over the username and password with while statement modifying them
    while ($row = mysql_fetch_array($result))
    {
    //start a counter so that we can keep track of how many records we change
    $ctr++;

    //get username and password
    $username = $row["username"];
    $password = $row["password"];

    //encrypt the password
    $password = md5($password);

    //build a new database query to update the password for this user
    $query = "SET password = '$password' WHERE username = '$username'";
    $result = mysql_query($query)
    or die("Query failed when updating password to new encrypted password.");
    }
    print "Done. $ctr records modified with encrypted passwords.";

    ____________________________________

    The code above was taken from: http://www.fuzzygroup.net/writing/ph..._passwords.htm

    <edit>
    I'm not big on SQL or PHP but i did find this... I hope it helps :-)
    </edit>
    yeah, I\'m gonna need that by friday...

  3. #3
    Senior Member roswell1329's Avatar
    Join Date
    Jan 2002
    Posts
    670
    Actually, I don't believe there is any way you can encrypt data coming from a form with any scripting language without using a Secure Web Server. A secure web server is just like any other web server, but it uses a key to encrypt all incoming and outgoing data. Your browser recognizes this data and uses the key supplied by the web server and establishes a secure connection (when you see the little padlock in the lower right or left corner of your browser). From that point on all data transmissions are encrypted using the key. Without a secure server, all web traffic can be monitored -- CC numbers, personal information, passwords, etc. I don't think there are any web technologies out there currently that can create this sort of protection other than a secure server -- at least no technologies that don't require some sort of client-side download for you to run.
    /* You are not expected to understand this. */

  4. #4
    Senior Member
    Join Date
    Jan 2002
    Posts
    1,207
    If you believe that the hacker sniffed the password between the db client and server, run them on the same machine or a secure network where the attacker cannot gain physical access to sniff the password.

    MySQL nor other popular databases do not send cleartext passwords (but some attacks remain).

    I think it's much more likely that the attacker used a view-source vulnerability in your code (or web server, app server etc) to view the source code.

    The obvious solutions are:

    - don't run vulnerable code
    - don't run a vulnerable app server
    - don't run a vulnerable web server

    There are other ways that the security can be increased. Ensure that the database server is firewalled so that even if the attacker obtains the password, he still cannot connect. If the server supports it, use host-based authentication (like in MySQL) or trusted authentication (like MSSQL)

  5. #5
    Database Server and Web server are located on the same machine . It's a Sun server in US . I've just "guessed" that he sniffed my database , but i got no proof . But Hey , it's my mistake that i'haven't had the word $password = md5($password);

    Thanks guy . If my forum is hacked again , i'm gonna need you help again
    Let\'s go to Paramount Great America !!!! LFC (LookingForChick)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •