<? /* Release: MD5 DarkDBProject v1.2 Credits: DarkFig (gmdarkfig@gmail.com) ----------------------------------------------- ...........Structure de la table md5........... ----------------------------------------------- CREATE TABLE `md5` ( `id` varchar(32) NOT NULL default '', `md5` varchar(32) NOT NULL default '', `plaintext` varchar(32) NOT NULL default '' ) ENGINE=MyISAM DEFAULT CHARSET=latin1; ----------------------------------------------- */ // Configuration $dbhost = 'localhost'; //Host $dbname = 'md5project'; //Database $dblogi = 'root'; //Login $dbpass = ''; //Password $dbtabl = 'md5'; //Table (md5 par défaut) // Erreur $msger0 = "\n<br>Impossible de se logguer sur le serveur sql"; $msger1 = "\n<br>Impossible de sélectionner la base de donnée"; $msger2 = "\n<br>Tentative de full path disclosure"; $msger3 = "\n<br>La chaine précisé existe déja dans notre base de donnée"; $msger4 = "\n<br>Aucun résultat pour la chaine recherchée"; $msger5 = "\n<br>Chaine ne correspondant pas à un hash md5"; $msger6 = "\n<br>Impossible d'executer la requète SQL"; mysql_connect($dbhost, $dblogi, $dbpass) or die($msger0); mysql_select_db($dbname) or die($msger1); // Stats $req = mysql_query("SELECT COUNT(*) AS id FROM $dbtabl") or die($msger6); $data = mysql_fetch_array($req); $nbhash = htmlentities($data['id']); $newid = $nbhash + 1; // Interaction echo "\n<html><head><title>MD5 DarkDBProject v1.0</title></head><body>\n"; echo "<!-- Coded by DarkFig (gmdarkfig@gmail.com), acid-root.new.fr -->\n"; echo "Currently $nbhash entries in our database.\n"; echo "<form action=\"$PHP_SELF\" method=\"POST\">\n"; echo "<input type=\"text\" name=\"hash\" maxlength=\"32\">\n"; echo "<select name=\"method\">\n"; echo "<option value=\"search\" selected>Search</option>\n"; echo "<option value=\"add\">Insert</option>\n"; echo "<option value=\"crypt\">Crypt</option>\n"; echo "</select><input type=\"submit\" value=\"Submit\">\n"; echo "</body></html>\n"; if(!isset($_POST['method']) | !isset($_POST['hash']) | empty($_POST['method']) | empty($_POST['hash'])) { exit; } if(!is_string($_POST['hash']) | !is_string($_POST['method'])) { die($msger2); } $hash = htmlentities($_POST['hash']); $method = $_POST['method']; // Succès $msgsu0 = "<br/>\nPlaintext trouvé pour le hash $hash"; $msgsu1 = "<br/>\nChaine $hash ajouté avec succès "; $msgsu2 = "<br/>\nHash correspondant à $hash "; if(get_magic_quotes_gpc() == 0) { $hash = addslashes($_POST['hash']); } else { $hash = $_POST['hash']; } // Search if($method == "search") { if(strlen($hash) != 32) { die($msger5); } $req = mysql_query("SELECT * FROM $dbtabl WHERE md5='$hash'") or die($msger6); $data = mysql_fetch_array($req); $fdhash = htmlentities($data['plaintext']); if($fdhash == "") { echo $msger4; } else { echo $msgsu0.': '.$fdhash; }} // Add if($method == "add") { $string = $hash; $result = htmlentities(md5($hash)); $req = mysql_query("SELECT * FROM $dbtabl WHERE md5='$result'") or die($msger6); $data = mysql_fetch_array($req); $fdhash = htmlentities($data['plaintext']); if($fdhash != "") { echo $msger3; } else { $req = mysql_query("INSERT INTO $dbtabl VALUES('$newid', '$result', '$string')") or die($msger6); echo $msgsu1.': '.$result; }} // Crypt if($method == "crypt") { $result = htmlentities(md5($hash)); echo $msgsu2.': '.$result; } ?>