Radio DJ Panel v3 - Beta Testing

bad-dj · 22-03-2007, 06:47 AM

Originally Posted by Scriptz

The Beta Testers have been choosen, we currently have 4 users who are going to be testing our panel on their site. Links to each site are below:

JBrooks
http://www.airwavesfm.ca

bad-dj
n/a

hybride
http://www.habboring.com

RaveFM
http://www.habbohand.co.uk

Beta Testers were choosen based on their site, forum rep, and various other things. If you were not choosen then sorry, but March 30th is only 8 days away so keep watching this thread!

cool i am a betta tester ok i will test it untill it can not be tested no more oh ok i had to PM you there Scriptz.

QuickScriptz · 22-03-2007, 09:31 PM

@Lol - does that basically mean you will just try and hack the system and exploit it

Agnostic Bear · 23-03-2007, 05:34 AM

Originally Posted by Scriptz

@Lol - does that basically mean you will just try and hack the system and exploit it

Been there done that already on one of your beta testers

Managed to get the sql from the users table and display everyones password and username =D

QuickScriptz · 23-03-2007, 07:07 PM

Lol - nice

But this time I got smart and used encryption! See displaying the data from the tables is the easy part, its trying to break the irreversible md5 encryption that might give you a tough time

F32 · 23-03-2007, 07:15 PM

Originally Posted by bad-dj

cool i am a betta tester ok i will test it untill it can not be tested no more oh ok i had to PM you there Scriptz.

what's a betta tester?

QuickScriptz · 23-03-2007, 07:17 PM

Originally Posted by Xeoro

what's a betta tester?

hahaha... your so funny

anyways... ya....

@Lol - fyi if you find any vulnerabilities mind lettin me know? :rolleyes:

7 DAYS TILL PUBLIC RELEASE

Agnostic Bear · 23-03-2007, 07:34 PM

Originally Posted by Scriptz

hahaha... your so funny

anyways... ya....

@Lol - fyi if you find any vulnerabilities mind lettin me know? :rolleyes:

7 DAYS TILL PUBLIC RELEASE

Don't let people use php code anywhere in the panel, I got in, took the pass to an md5 cracking website and got it in like 2 seconds cause it was already stored >_>

Teh government moved away from sha1 and md5

Also, that could lead to people deleting the panel >_>

QuickScriptz · 23-03-2007, 07:40 PM

Hmm.... well we can't have that now can we? Lol... anyways would using crypt() be a better encryption option? And what do you mean by dont let people use php code anywhere in the panel? As of right now they can't?

Agnostic Bear · 23-03-2007, 07:51 PM

Originally Posted by Scriptz

Hmm.... well we can't have that now can we? Lol... anyways would using crypt() be a better encryption option? And what do you mean by dont let people use php code anywhere in the panel? As of right now they can't?

They can in the admin message if memory serves, and make a custom encryption like this:

PHP Code:


function encrypt($string)
{
    $string2 = strrev($string);
    $string = md5(sha1($string));
    $string2 = crc32($string2);
    $string = $string . $string2;
    $string = sha1($string);
    $string2 = strlen($string);
    $string2 = $string2 * 2;
    $string2 = crypt($string2);
    $string = sha1(md5(crc32(base64_encode(crypt($string . $string2)))));
    return $string;
}

LOL

QuickScriptz · 23-03-2007, 08:03 PM

Holy! I have never even heard of half the encryptions you used there! LMAO

But seriously would something like that but customized work? Just randomly encrypt the passwords so many times that it becomes just too confusing to try and decrypt it? So would something like this work....?

PHP Code:


function encrypt($string)
{
    $string = strrev($string);
    $string2 = md5(sha1($string));
    $string3 = strrev($string2);
    $string4 = base64_encode(md5($string3));
    $string5 = crypt($string4);
    return $string5;
}

Thread: Radio DJ Panel v3 - Beta Testing

Thread Tools

Posting Permissions