Account Register web 99.62t

Printable View

01-06-06
Ronaldodavi

2 Attachment(s)

Account Register web 99.62t

After de people breaking head finally left with Aid of Sexpro and some contributors Our Friend Flopes Brazilian Boy VMAT Developers obtained an established page of web in the one of huy9010 had that to create one procedure established in the function of sexpro cod MD5

Procedure from Me_Muonline
[QUOTE= CREATE PROCEDURE Encripta
@btInStr VARCHAR(10),
@btInStrIndex VARCHAR(10)
AS

BEGIN
DECLARE @btOutVal BINARY(16)

EXEC master..XP_MD5_EncodeKeyVal @btInStr, @btInStrIndex, @btOutVal OUT

UPDATE MEMB_INFO SET memb__pwd = @btOutVal WHERE memb___id = @btInStrIndex
END
GO[/QUOTE]

Reg.php

Quote:

Originally Posted by <?php require("config.php");
$login = stripslashes($_GET['loginname'

);
$name = stripslashes($_GET['accountname']);
$email = stripslashes($_GET['email']);
$pw = stripslashes($_GET['password']);
$cpw = stripslashes($_GET['repassword']);

$sql_email_check = mssql_query("SELECT mail_addr FROM MEMB_INFO WHERE mail_addr='$email'");
$sql_username_check = mssql_query("SELECT memb___id FROM MEMB_INFO WHERE memb___id='$login'");
$email_check = mssql_num_rows($sql_email_check);
$username_check = mssql_num_rows($sql_username_check);

if (($email_check > 0) || ($username_check > 0) )
{
echo "<font color='red' size='5'> Error:</font><br />";

if (empty($login) || empty($name) || empty($email) || empty($pw) || empty($cpw))
{
echo "<h2>Hay dien day du thong tin.</h2>";
**elseif($email_check > 0){
echo "<h2>'$email' da co nguoi su dung!</h2><br />";
$Error=1;
**
elseif ($username_check > 0)
{
echo "<h2>'$login' da co nguoi su dung.</h2><br />";
$Error=1;
**elseif ($pw != $cpw)
{
echo "<br /><h2>Mat khau khong trung nhau.</h2>"; $Error=1;
**

**
else
{

//$msquery1 = "SET IDENTITY_INSERT MEMB_INFO ON";
$msquery2 = "INSERT INTO MEMB_INFO (memb___id,memb__pwd,memb_name,sno__numb,mail_addr,appl_days,modi_days,out__days,true_days,mail_chek,bloc_code,ctl1_code) VALUES ('$login',CONVERT(varbinary(16),'0x00'),'$name','1','$email','01/01/2006','01/01/2006','01/01/2006','01/01/2006','1','0','1')";
//$msresults= mssql_query($msquery1);
$msresults= mssql_query($msquery2);

// Executando procedure para atualizar senha
$a= "exec Encripta '".$pw."','".$login."'";
$b=mssql_query($a);

echo "<p align='center'>Accounts successfully created.</p> <br><p align='left'>
Login ID: $login<br>
Name: $name <br>
E-mail: $email<br>
ID Number: $idnumb<br>
Password: $pw<br>
Question: $sques<br>";
**

?>

Sorry Bad ingles ueheueuehue
01-06-06
elemer

Warning: mssql_connect() [function.mssql-connect]: Unable to connect to server: 192.168.1.106 in G:\xampp\xampp\htdocs\account\config.php on line 6

Warning: mssql_select_db(): supplied argument is not a valid MS SQL-Link resource in G:\xampp\xampp\htdocs\account\config.php on line 7

Warning: mssql_query() [function.mssql-query]: message: Invalid object name 'MEMB_INFO'. (severity 16) in G:\xampp\xampp\htdocs\account\reg.php on line 8

Warning: mssql_query() [function.mssql-query]: Query failed in G:\xampp\xampp\htdocs\account\reg.php on line 8

Warning: mssql_query() [function.mssql-query]: message: Invalid object name 'MEMB_INFO'. (severity 16) in G:\xampp\xampp\htdocs\account\reg.php on line 9

Warning: mssql_query() [function.mssql-query]: Query failed in G:\xampp\xampp\htdocs\account\reg.php on line 9

Warning: mssql_num_rows(): supplied argument is not a valid MS SQL-result resource in G:\xampp\xampp\htdocs\account\reg.php on line 10

Warning: mssql_num_rows(): supplied argument is not a valid MS SQL-result resource in G:\xampp\xampp\htdocs\account\reg.php on line 11

Warning: mssql_query() [function.mssql-query]: message: Invalid object name 'MEMB_INFO'. (severity 16) in G:\xampp\xampp\htdocs\account\reg.php on line 42

Warning: mssql_query() [function.mssql-query]: Query failed in G:\xampp\xampp\htdocs\account\reg.php on line 42

Warning: mssql_query() [function.mssql-query]: message: Could not find stored procedure 'Encripta'. (severity 16) in G:\xampp\xampp\htdocs\account\reg.php on line 46

Warning: mssql_query() [function.mssql-query]: Query failed in G:\xampp\xampp\htdocs\account\reg.php on line 46

Accounts successfully created.

Login ID: elemer
Name: elemer
E-mail: adrian_biro2004@yahoo.com
ID Number:
Password: xxx
Question:

WHAT IS WROG?PLEASE HELP
01-06-06
icanfly

where to add procedure?
01-06-06
Ronaldodavi

Quote:

Originally Posted by elemer

Warning: mssql_connect() [function.mssql-connect]: Unable to connect to server: 192.168.1.106 in G:\xampp\xampp\htdocs\account\config.php on line 6

Warning: mssql_select_db(): supplied argument is not a valid MS SQL-Link resource in G:\xampp\xampp\htdocs\account\config.php on line 7

Warning: mssql_query() [function.mssql-query]: message: Invalid object name 'MEMB_INFO'. (severity 16) in G:\xampp\xampp\htdocs\account\reg.php on line 8

Warning: mssql_query() [function.mssql-query]: Query failed in G:\xampp\xampp\htdocs\account\reg.php on line 8

Warning: mssql_query() [function.mssql-query]: message: Invalid object name 'MEMB_INFO'. (severity 16) in G:\xampp\xampp\htdocs\account\reg.php on line 9

Warning: mssql_query() [function.mssql-query]: Query failed in G:\xampp\xampp\htdocs\account\reg.php on line 9

Warning: mssql_num_rows(): supplied argument is not a valid MS SQL-result resource in G:\xampp\xampp\htdocs\account\reg.php on line 10

Warning: mssql_num_rows(): supplied argument is not a valid MS SQL-result resource in G:\xampp\xampp\htdocs\account\reg.php on line 11

Warning: mssql_query() [function.mssql-query]: message: Invalid object name 'MEMB_INFO'. (severity 16) in G:\xampp\xampp\htdocs\account\reg.php on line 42

Warning: mssql_query() [function.mssql-query]: Query failed in G:\xampp\xampp\htdocs\account\reg.php on line 42

Warning: mssql_query() [function.mssql-query]: message: Could not find stored procedure 'Encripta'. (severity 16) in G:\xampp\xampp\htdocs\account\reg.php on line 46

Warning: mssql_query() [function.mssql-query]: Query failed in G:\xampp\xampp\htdocs\account\reg.php on line 46

Accounts successfully created.

Login ID: elemer
Name: elemer
E-mail: adrian_biro2004@yahoo.com
ID Number:
Password: xxx
Question:

WHAT IS WROG?PLEASE HELP

edit config.php

<?
$alogin = "your login";
$apass = "your password";
$host= "127.0.0.1";
$db = 'Me_MuOnline';
$msconnect=mssql_connect("$host","$alogin","$apass");
$msdb=mssql_select_db("$db",$msconnect);
?>

Quote:

Originally Posted by icanfly

where to add procedure?

Query Analiser From Me_Muonline DB
01-06-06
adanbr

Quote:

Originally Posted by Ronaldodavi

please people the forum has lingua English nat modifies pra all to be able to participate execut procedure that this la pointing with respect to Me_Muonline

Already I made this, but the error still remains
01-06-06
icanfly

hm QA:

Cannot add rows to sysdepends for the current stored procedure because it depends on the missing object 'master..XP_MD5_EncodeKeyVal'. The stored procedure will still be created.

When i add: M:\muserver\MD5_EXSP_DLL\UserDefinedFunction.sql

i have:

Cannot add rows to sysdepends for the current stored procedure because it depends on the missing object 'master..XP_MD5_CheckValue'. The stored procedure will still be created.
Cannot add rows to sysdepends for the current stored procedure because it depends on the missing object 'master..XP_MD5_EncodeKeyVal'. The stored procedure will still be created.
01-06-06
adanbr

With me the same thing happened that is speaking in the previous message
01-06-06
phillips41

same here
01-06-06
huy9010

1 Attachment(s)

[guide]

Full guide to use this Website (Rolnaldodavi add this to Guide with your web ^^):
Before using these file you need server 0.99.60T Original file from Webzen. Or not i upload these file need here. First Copy WZ_MD5_MOD.dll to Program Files\Microsoft SQL Server\MSSQL\Binn. Then do these Step:

1> Open CMD (For who dont know: Open run then Type CMD -> OK)
2> type osql -U youruser -P yourpassword (MSSQL)
then type these line (After a line type Enter)
use master -> Enter
go -> Enter
sp_addextendedproc 'XP_MD5_EncodeKeyVal', 'WZ_MD5_MOD.dll' -> Enter
go -> Enter
sp_addextendedproc 'XP_MD5_CheckValue', 'WZ_MD5_MOD.dll' -> Enter
go -> Enter
exit -> Enter
3> Open MSSQL Query Manager (Start -> All Programs -> Microsoft SQL Server -> Query Analyzer
4> Chose Server (local) then type your MSSQL username and password
5> Near the top Chose DB Me_MuOnline (For who use my repack and DB is MuOnline)
6> Copy these code to Query

--
01-06-06
Ronaldodavi

[QUOTE=huy9010]Full guide to use this Website (Rolnaldodavi add this to Guide with your web ^^):
Before using these file you need server 0.99.60T Original file from Webzen. Or not i upload these file need here. First Copy WZ_MD5_MOD.dll to Program Files\Microsoft SQL Server\MSSQL\Binn. Then do these Step:

1> Open CMD (For who dont know: Open run then Type CMD -> OK)
2> type osql -U youruser -P yourpassword (MSSQL)
then type these line (After a line type Enter)
use master -> Enter
go -> Enter
sp_addextendedproc 'XP_MD5_EncodeKeyVal', 'WZ_MD5_MOD.dll' -> Enter
go -> Enter
sp_addextendedproc 'XP_MD5_CheckValue', 'WZ_MD5_MOD.dll' -> Enter
go -> Enter
exit -> Enter
3> Open MSSQL Query Manager (Start -> All Programs -> Microsoft SQL Server -> Query Analyzer
4> Chose Server (local) then type your MSSQL username and password
5> Near the top Chose DB Me_MuOnline (For who use my repack and DB is MuOnline)
6> Copy these code to Query

--
01-06-06
huy9010

hehe copy that and make a guide in Guide section

Uploaded my page (Added security ques and ans)
Credits:
- CacarBot (I used his sql_inject.php)
- Sexpro (For code)
- Ronaldodavi (Thx for his guide and file)
Webpage secure sql injection:
http://forum.ragezone.com/attachment...r?d=1149197262
02-06-06
parsy

Quote:

Originally Posted by huy9010

hehe copy that and make a guide in Guide section

Uploaded my page (Added security ques and ans)
Credits:
- CacarBot (I used his sql_inject.php)
- Sexpro (For code)
- Ronaldodavi (Thx for his guide and file)
Webpage secure sql injection:
http://forum.ragezone.com/attachment...r?d=1149197262

I am verry new in setting PHP plss Help
Where to put, from where to get web, what files or progs do i need and etc....
02-06-06
Napster

Quote:

Originally Posted by parsy

I am verry new in setting PHP plss Help
Where to put, from where to get web, what files or progs do i need and etc....

download appserv (Appache Server) install it then config files and put them in ../appserv/www/ open explorer and type http://127.0.0.1/ or http://localhost
02-06-06
flopes

1 Attachment(s)

Ae Ronaldodavi, o manual completo, ou como o povo aqui diz, FULLLL ^^

[mod]Use English[/mod]
02-06-06
dunkhowanything

Quote:

1> Open CMD (For who dont know: Open run then Type CMD -> OK)
2> type osql -U youruser -P yourpassword (MSSQL)
then type these line (After a line type Enter)
use master -> Enter
go -> Enter
sp_addextendedproc 'XP_MD5_EncodeKeyVal', 'WZ_MD5_MOD.dll' -> Enter
go -> Enter
sp_addextendedproc 'XP_MD5_CheckValue', 'WZ_MD5_MOD.dll' -> Enter
go -> Enter
exit -> Enter
3> Open MSSQL Query Manager (Start -> All Programs -> Microsoft SQL Server -> Query Analyzer
4> Chose Server (local) then type your MSSQL username and password
5> Near the top Chose DB Me_MuOnline (For who use my repack and DB is MuOnline)
6> Copy these code to Query

Just open Query Analyzer and run this script

use master
go
sp_addextendedproc 'XP_MD5_EncodeKeyVal', 'WZ_MD5_MOD.dll'
go
sp_addextendedproc 'XP_MD5_CheckValue', 'WZ_MD5_MOD.dll'
go

You will get done...
02-06-06
Kurt

use muonline not master
02-06-06
icanfly

hm i have InvalidUsername when i try to login but in Databaese Account is exist, i was check by enterprise manager.
02-06-06
imhappy

Good ! All working...
02-06-06
The_Nightmare

anti sql inject, no yet..

easy, hack..
02-06-06
Ronaldodavi

Plis Translate Guid Flopes for Ingles excelent tutor
sorry my time in cyber is closed

Post Original por Flopes Forum VMAT

Tae galera, pra que precisar, usem e abusem

Manual Para Criar Contas via Web

1º) Devemos pegar a dll WZ_MD5_MOD.dll e colocar no diretório binn do msSql Server:
http://img456.imageshack.us/img456/7966/dll0ij.jpg

2º) Abra o Query Analizer e execute os seguintes comandos:
- exec sp_addextendedproc 'XP_MD5_EncodeKeyVal', 'WZ_MD5_MOD.dll'

- exec sp_addextendedproc 'XP_MD5_CheckValue', 'WZ_MD5_MOD.dll'
http://img217.imageshack.us/img217/9573/query0aa.jpg

3º) Agora temos que criar as funções corresponde as dlls. O arquivo com as funções já vem junto com o server, é o UserDefinedFunction.sql

if exists (select * from dbo.sysobjects where id = object_id(N'[dbo].[UFN_MD5_CHECKVALUE]') and xtype in (N'FN', N'IF', N'TF'))
drop function [dbo].[UFN_MD5_CHECKVALUE]
GO

if exists (select * from dbo.sysobjects where id = object_id(N'[dbo].[UFN_MD5_ENCODEVALUE]') and xtype in (N'FN', N'IF', N'TF'))
drop function [dbo].[UFN_MD5_ENCODEVALUE]
GO

SET QUOTED_IDENTIFIER ON
GO
SET ANSI_NULLS ON
GO

-- ÇÔ¼ö¸í : UFN_MD5_ENCODEVALUE()
-- ³»¿ë : Æ¯Á¤¹®ÀÚ¿°ú ÀÎµ¦½º¿Í MD5 °ªÀ» ºñ±³ÇÏ¿© ¸Â´ÂÁö Ã¼Å©
CREATE FUNCTION UFN_MD5_CHECKVALUE
(
@btInStr VARCHAR(10),
@btInStrIndex VARCHAR(10),
@btInVal BINARY(16)
)
RETURNS TINYINT
AS
BEGIN
DECLARE @iOutResult TINYINT

EXEC master..XP_MD5_CheckValue @btInStr, @btInVal, @btInStrIndex, @iOutResult OUT

RETURN @iOutResult
END

GO
SET QUOTED_IDENTIFIER OFF
GO
SET ANSI_NULLS ON
GO

SET QUOTED_IDENTIFIER ON
GO
SET ANSI_NULLS ON
GO

-- ÇÔ¼ö¸í : UFN_MD5_ENCODEVALUE()
-- ³»¿ë : Æ¯Á¤¹®ÀÚ¿°ú ÀÎµ¦½º¸¦ ÀÌ¿ëÇÏ¿© MD5 °ªÀ» »ý¼º
CREATE FUNCTION UFN_MD5_ENCODEVALUE
(
@btInStr VARCHAR(10),
@btInStrIndex VARCHAR(10)
)
RETURNS BINARY(16)
AS
BEGIN
DECLARE @btOutVal BINARY(16)

EXEC master..XP_MD5_EncodeKeyVal @btInStr, @btInStrIndex, @btOutVal OUT

RETURN @btOutVal
END

GO
SET QUOTED_IDENTIFIER OFF
GO
SET ANSI_NULLS ON
GO

Selecione TUDO que está em laranja, dê um ctrl+c, abra o query analizer, dê um ctrl+v e execute com um F5. Pronto, funções criadas^^

4º) Agora é que vem o lance legal, eu pegue uma dessas funções e modifique para poder criar minha Store Procedure. Ainda no query analizer, execute o seguinte comando:

CREATE PROCEDURE Encripta
@btInStr VARCHAR(10),
@btInStrIndex VARCHAR(10)
AS

BEGIN
DECLARE @btOutVal BINARY(16)

EXEC master..XP_MD5_EncodeKeyVal @btInStr, @btInStrIndex, @btOutVal OUT

UPDATE MEMB_INFO SET memb__pwd = @btOutVal WHERE memb___id = @btInStrIndex
END
GO

Executando todo o comando em verde, vc cria a procedure necessária para encriptar a senha. Ateção para o banco de que vc está apontando, tem que estar no Me_MuOnline
http://img217.imageshack.us/img217/4995/query22ig.jpg

5º) Agora está muito fácil^^, é só vc pegar a página que está em anexo a este manual,disponibilizar na internet e testar seu cadastro.

Espero ter ajudado a vcs...

[]’s
FLOPES - VMAT Developers
02-06-06
phillips41

need to fix this so personal id number is encrpted also.becasye when you try to delete a chaarcter or dissolve a guild it wont take the personal id number
03-06-06
icanfly

i was creat account, account exist in table MEMB_INFO in MeMuOnline, but when i lunch Client and enter login its say Incorect Acount Name
04-06-06
RAZcrack

Quote:

Originally Posted by Kurt

use muonline not master

You are WRONG!!!
sp_addextendedproc can be applied in master database only ...
05-06-06
slayps4

BR (embaxo num ta mesma coisa nem a pau)
no meu fik tudo no MuOnline, misturei e fiz uma suruba soh

english
my database Me_muonline is work under the MuOnline **** kkkk
06-06-06
Reddy

Not Found
The requested URL /reg.php was not found on this server.
06-06-06
nhatnguyenboy

Error : http://img380.imageshack.us/img380/9947/error0mv.jpg
Helpme
06-06-06
huy9010

if u are using a pack with webserver, php, mysql (I dont know what to call, like easyphp) u need enable the function mssql

Edit: My Anti-SQL Inject dont work?
07-06-06
rodryggow

In the our test server of VMAT work that very well page.
Good work staff!
^^'
07-06-06
Napster

Warning: mssql_query(): message: Could not find stored procedure 'Encripta'. (severity 16) in c:\appserv\www\reg.php on line 46

Warning: mssql_query(): Query failed in c:\appserv\www\reg.php on line 46

wtf is it?
08-06-06
[Rayden]

thanks for the guide man
11-06-06
ale0790

plis help me i show

Warning: mssql_query(): message: Explicit value must be specified for identity column in table 'MEMB_INFO' when IDENTITY_INSERT is set to ON. (severity 16) in c:\appserv\www\registration_done.php on line 77

Warning: mssql_query(): Query failed in c:\appserv\www\registration_done.php on line 77

????
11-06-06
Request240

huy in russain it's the penis. ( censure )
12-06-06
cybersna

Quote:

Originally Posted by Napster

Warning: mssql_query(): message: Could not find stored procedure 'Encripta'. (severity 16) in c:\appserv\www\reg.php on line 46

Warning: mssql_query(): Query failed in c:\appserv\www\reg.php on line 46

wtf is it?

i get this problem too. need any idea to resolve.
13-06-06
huy9010

because u didnt run the sql query.... read my guide....

Edit: anyway this anti sql injection seem like dont work..... any idea?

Dont call my name like that -.-
13-06-06
argent2004

Quote:

Originally Posted by flopes

Ae Ronaldodavi, o manual completo, ou como o povo aqui diz, FULLLL ^^

[mod]Use English[/mod]

guia working 100%

Brasil Penta campeon Mundial de Futbol
Argentina Penta Presidente

saludos desde argentina

argent2004
13-06-06
cybersna

Quote:

Originally Posted by huy9010

because u didnt run the sql query.... read my guide....

Edit: anyway this anti sql injection seem like dont work..... any idea?

Dont call my name like that -.-

ok it work But i have problem in login account, Id account no problem but password make me fevor i don
13-06-06
huy9010

U cant change password for now.... because we dont know how to decrypt it to change password....... there must be a way let dev :D
14-06-06
cybersna

thank for you reply
15-06-06
MuServerHelp

notice (i use sql2005 dunno about sql2000):

GRANT EXECUTE ON [dbo].[XP_MD5_EncodeKeyVal] TO [public]
GRANT EXECUTE ON [dbo].[XP_MD5_CheckValue] TO [public]
21-07-06
clayton

Quote:

Originally Posted by argent2004

guia working 100%

Brasil Penta campeon Mundial de Futbol
Argentina Penta Presidente

saludos desde argentina

argent2004

me posta a odbc, mao veio com seu files :(
Monsters v99.62T By-Argent2004 dessa vs ( ODBC ) pliss

S
21-07-06
garmoheri

Warning: mssql_query() [function.mssql-query]: message: Could not find stored procedure 'Encripta'. (severity 16) in C:\AppServ\www\reg.php on line 46

Warning: mssql_query() [function.mssql-query]: Query failed in C:\AppServ\www\reg.php on line 46

--------------------------
01-08-06
genius007

lolx)
02-08-06
bddragonmax

Warning: mssql_query() [function.mssql-query]: message: Could not find stored procedure 'Encripta'. (severity 16) in D:\public_html\reg.php on line 50

Warning: mssql_query() [function.mssql-query]: Query failed in D:\public_html\reg.php on line 50

How fix it?

Quote:

Originally Posted by Napster

Warning: mssql_query(): message: Could not find stored procedure 'Encripta'. (severity 16) in c:\appserv\www\reg.php on line 46

Warning: mssql_query(): Query failed in c:\appserv\www\reg.php on line 46

wtf is it?

Open Query Analyzer db MuOnline or Me_Muonline

CREATE PROCEDURE Encripta
@btInStr VARCHAR(10),
@btInStrIndex VARCHAR(10)
AS

BEGIN
DECLARE @btOutVal BINARY(16)

EXEC master..XP_MD5_EncodeKeyVal @btInStr, @btInStrIndex, @btOutVal OUT

UPDATE MEMB_INFO SET memb__pwd = @btOutVal WHERE memb___id = @btInStrIndex
END
GO
06-08-06
aspire219

ok nowregistration is working but i have a new problem! when i create a character it wont show!

ex. i create a dk i put a name and i click ok, when i click ok the character that i create wont show or did not make!

can someone knows how to fix this problem?
06-08-06
bagaboanta

sombody can make some pictures and in inglesh ? :d
plss
08-08-06
eddy69

Hi all,
My server goes up.
account maker makes account
web site makes account ( Ive no errors by new account )
But by login invalid password
I look in sql enterp- Ive seen account but the password is still weird
Ive linked the ODBC MuOnlineJoinDB to Me_MuOnline
Ive done the Encrytia thing
Ive searched for over 12 hours now
Has any1 any ideas ?
08-08-06
KEMBL

You right, but nothing wrong there. Take a look:

1) Create hash with _direct_ req to SQL extend procedure

DECLARE @hash BINARY(16)
EXEC master.dbo.XP_MD5_EncodeKeyVal 'test1', 'test1', @hash OUT
Select @hash

produce:
--login---password-----hash--------
test1 test1 0xC57C4B1188D5B9A1C03200E3B8E1B85B

and server do not accept it

BUT

DECLARE @test varchar(10)
DECLARE @hash BINARY(16)
set @test = 'test1'
EXEC master.dbo.XP_MD5_EncodeKeyVal @test, @test, @hash OUT
Select @hash

Produce right value - 0x87AADB30D0E7E192E0BCAEA1EC8D5752

2) Create hash with MuAccountCreate.exe produce
0x87AADB30D0E7E192E0BCAEA1EC8D5752 for the same login/password

and game server accept it

Аs we can see 0xC57C4B1188D5B9A1C03200E3B8E1B85B != 0x87AADB30D0E7E192E0BCAEA1EC8D5752

so server do not accept hash from XP_MD5_EncodeKeyVal direct req ( without casting varibles as varchar 10)

3) Inderect req to XP_MD5_EncodeKeyVal through

CREATE FUNCTION [dbo].[fn_md5] (@data VARCHAR(10), @data2 VARCHAR(10))
RETURNS BINARY(16) AS
BEGIN
DECLARE @hash BINARY(16)
EXEC master.dbo.XP_MD5_EncodeKeyVal @data, @data2, @hash OUT
RETURN @hash
END

SELECT dbo.fn_md5('test1','test1')

Returns right hash value - 0x87AADB30D0E7E192E0BCAEA1EC8D5752

So - cast varibles first as proper type, then make requests.

--BTW--------------------

Who knows how MU md5 encoder mix login and password data when create hash?

I try variable ways, but no one out result like MuAccountCreate.exe did, look:

farm# md5 -s test1test1
MD5 ("test1test1") = 42b72f913c3201fc62660d512f5ac746

farm# md5 -s "test1 test1"
MD5 ("test1 test1") = 183900f4d50e6bd80b9c9e86163848ee

farm# md5 -s "test1,test1"
MD5 ("test1,test1") = 3ced1c42b511962dbe2dc12a10a014a8

farm# md5 -s "test1:test1"
MD5 ("test1:test1") = 723210cefac9372c968e5bfd98cb022b

farm# md5 -s "test1 test1"
MD5 ("test1 test1") = ca896c95faf692366b207515c28cea2a

farm# md5 -s "test1\ttest1"
MD5 ("test1\ttest1") = ee7f8fa31c9b8d10668423d7016c5765

farm# md5 -s "test1"
MD5 ("test1") = 5a105e8b9d40e1329780d62ea2265d8a

farm# md5 -s "test1.test1"
MD5 ("test1.test1") = 554545be418f316ec7c7cdf7b10ef7d5

tech# md5 -s "test1 test1 "
MD5 ("test1 test1 ") = 719a45230490d8745ab6e25d3c97a6b4

May be there needs some XOR, do not know, simple ways is wrong.
08-08-06
eddy69

As we can see something is not quite right but it only happens on SOME servers.
Can any1 say what I should do i.e: delete SQL and start over or is there a solution.
It seems that these SQL procedures are spead all this section some are different to others and to the untrained eye thats not good.
Any way of getting all this together in one place and finding out what works and what not ( I would do it but Im one of the untrained eyes ).
This md5 is not easy, is it realy needed if so for what ? ( protection )?
08-08-06
KEMBL

>As we can see something is not quite right but it only happens on SOME servers.

Yes, its happens when you use request to XP_MD5_EncodeKeyVal without right cast its arguments, like

EXEC master.dbo.XP_MD5_EncodeKeyVal 'test1', 'test1', @hash OUT

You need to use type cast first, like this:

DECLARE @test varchar(10)
DECLARE @hash BINARY(16)
set @test = 'test1'
EXEC master.dbo.XP_MD5_EncodeKeyVal @test, @test, @hash OUT
Select @hash

Or use function for hash opetations

>This md5 is not easy, is it realy needed if so for what ? ( protection )?

Yes:
1) Bad admins (or other ppl who have db access by some reason) cant give some third persons account passwords anymore. Only with hash replacement works.

2) If you steal account db, you needs to bruteforce password hashes before use it.
08-08-06
eddy69

I think I understand but Im still not sure how to use this infomation.
Could you write it step for step for me as Im fairly new to this :(

DECLARE @eddy69 varchar(10)
DECLARE @hash BINARY(16)
set @eddy69 = 'bandit'
EXEC master.dbo.XP_MD5_EncodeKeyVal @eddy69, @eddy69, @hash OUT
Select @hash

= 0x6EE017E17943FCA740EAA6CFDE810CF4

SELECT dbo.fn_md5('bandit','bandit')

=Server: Msg 208, Level 16, State 1, Line 1
Invalid object name 'dbo.fn_md5'.
09-08-06
eddy69

OK GOT MY SERVER RUNNING LAST NIGHT, I could login and play (LAN).
This morning I tryed to login and my password is blocked again !!!
Any ideas whats up ?