Decompiled?

**presidente** · 02-11-2009, 04:54 AM

He means a server side script that connects to the database and contents the password to access the my sql database.
It´s like the login here at the indigorose forum.
The password to access the sql-database is stored in a php script. this php-script opens the database and check if the user and password provided by you is correct. if your user exists in the database an the userpassword is correct the script grants you access.

**rexzooly** · 02-11-2009, 08:26 AM

Originally posted by presidente View Post

He means a server side script that connects to the database and contents the password to access the my sql database.
It´s like the login here at the indigorose forum.
The password to access the sql-database is stored in a php script. this php-script opens the database and check if the user and password provided by you is correct. if your user exists in the database an the userpassword is correct the script grants you access.

i think he understands this but how that works and hes right only would have to see what was going in and down to find out a way around it if they new what the app was asking of the php file they could bypass this.

@ Shadow i think people are right there is no True way of stopsing people
from doing this just md5 and encrpit it all or something more of a pain in the arss but gives them more work, end of the day hackers are hackers and
they are good at what they do lol.

**ShadowUK** · 02-11-2009, 09:45 AM

Originally posted by rexzooly View Post

i think he understands this but how that works and hes right only would have to see what was going in and down to find out a way around it if they new what the app was asking of the php file they could bypass this.

@ Shadow i think people are right there is no True way of stopsing people
from doing this just md5 and encrpit it all or something more of a pain in the arss but gives them more work, end of the day hackers are hackers and
they are good at what they do lol.

I already use MD5. The point is, This guy has managed to find the database password already. OR at least the hexed version or something.

**rexzooly** · 02-11-2009, 06:45 PM

Originally posted by ShadowUK View Post

I already use MD5. The point is, This guy has managed to find the database password already. OR at least the hexed version or something.

Well host a php file that conects to the data base and then if the php and the app are talking with the right info it will send the app the right data but i am not sure how you would do this.

**Imagine Programming** · 02-11-2009, 11:07 PM

Pre-encrypt the MySql username and password (and db name) and parse it to the php script?

Compare it and get stuff...

Decompiled?

Decompiled?

Comment

Comment

Comment

Comment

Comment