...

View Full Version : Coding a proxy URL into SHA1?



wildfire95
09-14-2009, 08:56 PM
Im doing a college project on "security exploits in the internet and modern appliances", and part of it is to create a secure enviroment for bypassing filtering systems.

Before i continue may i point out -
Im not some 14 year old kid wanting to access youtube.

If your going to assume the above, please, leave the thread and let people who wish to help reply. Lets keep it clean eh?

My main objective in this is that many systems block the encoding used in the URL of the page "proxified". E.g. MD5 etc. But, unless i am mistaken the encryption known as "SHA1" is yet to be decrypted.

Is there any way in PHP to encode a variable / factor to SHA1? Like they do currently to MD5 in URLs like that?

bacterozoid
09-14-2009, 09:28 PM
PHP has a sha1 function (http://php.net/sha1) just as they do MD5. It uses 40 characters instead of 32 and is harder to break than MD5.

I don't know that MD5 has been figured out...but there are a lot of rainbow tables out there that just contain a zillion input / hash combinations.

So, you could use sha1 to encode a variable in the URL, but don't leave it up chance that someone could use a rainbow table or brute force method to crack it.

Use a salt when you create your hash so your hash is unique. Just don't give it away :P



$salt = "324@ 52#QMFe3E222%%";
$hash = sha1($salt.md5($variable));



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum