SHA1 Crypt in RunUO2.0 to PHP ? - RunUO

Kaon · 05-27-2007, 11:38 AM

Hello all

I search a way to use website login sharing the same accounting information with runuo server.

I saw password are crypted in SHA1 with RunUO2.0, but I can't get the same result with the SHA1 php crypt function ( sha1(string) )

Here is the crypt function of runuo :

Code:

public static string HashSHA1( string phrase )
		{
			if ( m_SHA1HashProvider == null )
				m_SHA1HashProvider = new SHA1CryptoServiceProvider();

			if ( m_HashBuffer == null )
				m_HashBuffer = new byte[256];

			int length = Encoding.ASCII.GetBytes( phrase, 0, phrase.Length > 256 ? 256 : phrase.Length, m_HashBuffer, 0 );
			byte[] hashed = m_SHA1HashProvider.ComputeHash( m_HashBuffer, 0, length );

			return BitConverter.ToString( hashed );
		}

Someone know how I can get the same crypted result with PHP5?
Thanks

mordero · 05-27-2007, 09:11 PM

I havent looked at it for a while, but im pretty sure the string is the username + password. So you might trying that.

Kaon · 05-28-2007, 07:59 AM

you're right, I found this this morning

Works fine

Just an example of script for testing (working, but it's not really good

) :

Code:

$tocrypt = 'test';
$crypted = sha1($tocrypt, true);
$crypted_array = array();
echo $tocrypt.' => '.$crypted.'<br />';

for( $i=0; $i<strlen($crypted); ++$i) {
	$crypted_array[$i] = $crypted[$i];
}

for( $i=0; $i<count($crypted_array); ++$i) {
	echo bin2hex($crypted_array[$i]).'-';
}

**Mark** · 05-28-2007, 11:11 PM

We salt the password with the username to help prevent dictionary attacks if the account file is stolen.

Curuis · 06-17-2007, 12:03 PM

Would you explain how to do this?

I think thta it would be so nice to have a way to use UO passwords ro acess the website...

05-27-2007, 11:38 AM	#1 (permalink)
Kaon Forum Novice Join Date: Jan 2005 Age: 25 Posts: 124	SHA1 Crypt in RunUO2.0 to PHP ? Hello all I search a way to use website login sharing the same accounting information with runuo server. I saw password are crypted in SHA1 with RunUO2.0, but I can't get the same result with the SHA1 php crypt function ( sha1(string) ) Here is the crypt function of runuo : Code: public static string HashSHA1( string phrase ) { if ( m_SHA1HashProvider == null ) m_SHA1HashProvider = new SHA1CryptoServiceProvider(); if ( m_HashBuffer == null ) m_HashBuffer = new byte[256]; int length = Encoding.ASCII.GetBytes( phrase, 0, phrase.Length > 256 ? 256 : phrase.Length, m_HashBuffer, 0 ); byte[] hashed = m_SHA1HashProvider.ComputeHash( m_HashBuffer, 0, length ); return BitConverter.ToString( hashed ); } Someone know how I can get the same crypted result with PHP5? Thanks __________________

05-27-2007, 09:11 PM	#2 (permalink)
mordero Forum Expert Join Date: Nov 2003 Location: Illinois, USA Age: 21 Posts: 2,909	I havent looked at it for a while, but im pretty sure the string is the username + password. So you might trying that. __________________ Useful links (Use them or die in a fire!!!): Ultimate Little Guide, C# Tutorials & Docs, RunUO Basic Scripts, Run UO How to..., Configure server for connections, Scripting for Dummies, Common Problem Solutions, FAQ Forum, RunUO Wiki, Basic Generics, Xml Tutorial

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

05-28-2007, 11:11 PM	#4 (permalink)
Mark Forum Administrator Join Date: Jan 2003 Location: Northern Virginia Posts: 1,525	We salt the password with the username to help prevent dictionary attacks if the account file is stolen.

06-17-2007, 12:03 PM	#5 (permalink)
Curuis Forum Newbie Join Date: Sep 2006 Age: 50 Posts: 64	Would you explain how to do this? I think thta it would be so nice to have a way to use UO passwords ro acess the website...

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)