HASH

[mommytellme]

Hello, I would like to ask how they are encoded password, I wanted to move all accounts to mysql, so I have to change the system login.

[myonlake]

I would probably start with this: https://wiki.multitheftauto.com/wiki/Hash.

[mommytellme]

no, no hashes do not match

[botder]

https://code.google.com/p/mtasa-blue/so ... ssword.cpp

There is the hashing. I hope you understand C++.

[mommytellme]

How to convert it to lua?

[mommytellme]

Or how convert hash's to MD5?

[myonlake]

no, no hashes do not match

I don't understand. This function is the only thing that you can use, excluding custom scripts.

[mommytellme]

no, no hashes do not match

I don't understand. This function is the only thing that you can use, excluding custom scripts.

I compared stored in the database password is not encrypted password encrypt all possible hashami, and none of them was the same as in the database.

[myonlake]

no, no hashes do not match

I don't understand. This function is the only thing that you can use, excluding custom scripts.

I compared stored in the database password is not encrypted password encrypt all possible hashami, and none of them was the same as in the database.

Maybe you are not using the same hashing technique / you are using a different salt?

[mommytellme]

._. And if you can convert hash to a clean md5?

[myonlake]

._. And if you can convert hash to a clean md5?

Well, if you are going to use different salt / hashing technique now than what you did before, no, you have to ask all users to change their password somehow. Just saying, if you have access to the source code you used to make the passwords, you should be able to use the same mechanism in your new script - otherwise it's no use to change the system.

[mommytellme]

I understand. But I still do not know how I can convert that code to Lua

[myonlake]

I understand. But I still do not know how I can convert that code to Lua

You can't. That code has nothing to do with end-user scripting. That's MTA core code and has nothing to do with this.

[Mr_Moose]

Have you tried SHA2(password+salt), I think I tried that long ago and got the same result as the stored password.

[mommytellme]

Have you tried SHA2(password+salt), I think I tried that long ago and got the same result as the stored password.

SHA2? Are you sure?

[Mr_Moose]

Not at all, just a guess from an old memory, all I remember is that it was a hard to crack algorithm, plus salt on top of that. There aren't lot's of hash algorithms available anyway so you could also count the bits and try the algorithms with the same length. That's a great thing about hash algorithms, the result length is always the same.

[botder]

I don't know if the algorithm is still working, but I found this piece of PHP code:

https://wiki.multitheftauto.com/wiki/Account_PHP

[mommytellme]

I don't know if the algorithm is still working, but I found this piece of PHP code:

https://wiki.multitheftauto.com/wiki/Account_PHP

Thank you, that I was looking for! God has sent you to me! : D

[botder]

Well, the MTA source code also shows you the same piece of code, but in C++.

// SHA256 + salt + type 
m_strSha256 = strPassword.SubStr( 0, 64 ); 
m_strType = strPassword.SubStr( 64, 1 ); 
m_strSalt = strPassword.SubStr( 65, 32 ); 

//-- SHA256 + type + salt 
$strSha256 = substr( $hash, 0, 64 ); 
$strType = substr( $hash, 64, 1 ); 
$strSalt = substr( $hash, 65, 32 );