.png)
Zero Identity Forums - Programming - Programming 5 - What the heck...?
Are you bored? Check out the unaswered threads!
| #1 What the heck...? on August 01 2008 14:59 | |
|
For some reason, this mission appears to be broken. I just can't seem to input the correct answer, and I'm absolutely sure that my futile attempts do not correlate with my programming ability; I completed the other programming missions with ease...
I'm going to assume at this point that I'm a retard. From what I infer, we're supposed to grab the string (easy enough), split the first and last characters in accordance to how it's meant to be salted, then md5 the salt+the original string+salt i.e, $answer=md5($salt+$string+$salt)? My whole format is as follows: salt=md5(last+first) answer=md5(salt+whole string+salt)? So uhh...wth? Please tell me that I just read it wrong. |
|
|
SkareCrow
 Member  Advanced Analyst Joined: 23.07.2008 Last Seen: 72 year(s) ago Experience: 0 Points: 830 |
|
| #2 RE: What the heck...? on August 01 2008 15:34 | |
|
Mission is kinda stupidly worded.
Doesn't really require you to know program. Not only that, but it isn't a very logical way of encrypting a user password. Lets just say the + don't seem to be what you might think. |
|
| #3 RE: What the heck...? on August 01 2008 17:05 | |
|
Quoted from SkareCrow: Lets just say the + don't seem to be what you might think. ...I'm guessing + is really supposed to mean concatenation then (obviously uses a different operator)? |
|
|
SkareCrow
Member Advanced Analyst Joined: 23.07.2008 Last Seen: 72 year(s) ago Experience: 0 Points: 830 |
|
| #4 RE: What the heck...? on August 02 2008 03:53 | |
|
Well, I will just tell you. the + is part of the string itself, not a symbol of concatenation which is seriously stupid in my eyes.
This mission is a trick that has nothing to do with programming imo. The title is `fragments` fragments are peices. When you add '+' 2 peices together they become 1. They are not seperated by a +. Who the hell would do this anyway? You already have a hella long hash value, wtf is 4 + gonna do? If someone were to brute force these passwords without the +, it would take them years and years and years. Adding the extra + are pointless. If the attacker managed to get the source, the entire encryption process would be pointless also so I just don't see any other logical reason of why the + are in there other then to throw people off which has nothing to do with programming. Not to mention that with a 65 char password you would most likely get an md5 collision before the true value. So using this for authentication would be pointless unless the password was stored in plain text on the end users machine. Every where you go with that you have more problems. |
|
Who is watching forums
| Users viewing this page: | Guests (1) |
| Users viewing the forum: | 0 |