<?
/*
Release: MD5 DarkDBProject v1.2
Credits: DarkFig (gmdarkfig@gmail.com)
-----------------------------------------------
...........Structure de la table md5...........
-----------------------------------------------
CREATE TABLE `md5` (
`id` varchar(32) NOT NULL default '',
`md5` varchar(32) NOT NULL default '',
`plaintext` varchar(32) NOT NULL default ''
) ENGINE=MyISAM DEFAULT CHARSET=latin1;
-----------------------------------------------
*/
// Configuration
$dbhost = 'localhost'; //Host
$dbname = 'md5project'; //Database
$dblogi = 'root'; //Login
$dbpass = ''; //Password
$dbtabl = 'md5'; //Table (md5 par défaut)
// Erreur
$msger0 = "\n<br>Impossible de se logguer sur le serveur sql";
$msger1 = "\n<br>Impossible de sélectionner la base de donnée";
$msger2 = "\n<br>Tentative de full path disclosure";
$msger3 = "\n<br>La chaine précisé existe déja dans notre base de donnée";
$msger4 = "\n<br>Aucun résultat pour la chaine recherchée";
$msger5 = "\n<br>Chaine ne correspondant pas à un hash md5";
$msger6 = "\n<br>Impossible d'executer la requète SQL";
mysql_connect($dbhost, $dblogi, $dbpass) or die($msger0);
mysql_select_db($dbname) or die($msger1);
// Stats
$req = mysql_query("SELECT COUNT(*) AS id FROM $dbtabl") or die($msger6);
$data = mysql_fetch_array($req);
$nbhash = htmlentities($data['id']);
$newid = $nbhash + 1;
// Interaction
echo "\n<html><head><title>MD5 DarkDBProject v1.0</title></head><body>\n";
echo "<!-- Coded by DarkFig (gmdarkfig@gmail.com), acid-root.new.fr -->\n";
echo "Currently $nbhash entries in our database.\n";
echo "<form action=\"$PHP_SELF\" method=\"POST\">\n";
echo "<input type=\"text\" name=\"hash\" maxlength=\"32\">\n";
echo "<select name=\"method\">\n";
echo "<option value=\"search\" selected>Search</option>\n";
echo "<option value=\"add\">Insert</option>\n";
echo "<option value=\"crypt\">Crypt</option>\n";
echo "</select><input type=\"submit\" value=\"Submit\">\n";
echo "</body></html>\n";
if(!isset($_POST['method']) | !isset($_POST['hash']) | empty($_POST['method']) | empty($_POST['hash'])) {
exit;
}
if(!is_string($_POST['hash']) | !is_string($_POST['method'])) { die($msger2); }
$hash = htmlentities($_POST['hash']);
$method = $_POST['method'];
// Succès
$msgsu0 = "<br/>\nPlaintext trouvé pour le hash $hash";
$msgsu1 = "<br/>\nChaine $hash ajouté avec succès ";
$msgsu2 = "<br/>\nHash correspondant à $hash ";
if(get_magic_quotes_gpc() == 0) { $hash = addslashes($_POST['hash']); } else { $hash = $_POST['hash']; }
// Search
if($method == "search") {
if(strlen($hash) != 32) { die($msger5); }
$req = mysql_query("SELECT * FROM $dbtabl WHERE md5='$hash'") or die($msger6);
$data = mysql_fetch_array($req);
$fdhash = htmlentities($data['plaintext']);
if($fdhash == "") {
echo $msger4;
} else {
echo $msgsu0.': '.$fdhash;
}}
// Add
if($method == "add") {
$string = $hash;
$result = htmlentities(md5($hash));
$req = mysql_query("SELECT * FROM $dbtabl WHERE md5='$result'") or die($msger6);
$data = mysql_fetch_array($req);
$fdhash = htmlentities($data['plaintext']);
if($fdhash != "") {
echo $msger3;
} else {
$req = mysql_query("INSERT INTO $dbtabl VALUES('$newid', '$result', '$string')") or die($msger6);
echo $msgsu1.': '.$result;
}}
// Crypt
if($method == "crypt") {
$result = htmlentities(md5($hash));
echo $msgsu2.': '.$result;
}
?>