character conversion -- what function is this??

[djr33]

I'm writing a page as an addition to my forum and I need to have a login on it.
The passwords are encrypted using the md5() function, then stored in the database. To login, it takes the submitted password, then uses the md5() on that and compares it to the stored value in the database. If it's a match, then the passwords were as well. Fairly standard procedure.

I've had success doing this before, but I just ran into trouble when using a password that had a symbol in it.

For testing purposes, I tried using the password:
!@#$%^&*()?abc123
and the result was:

HTML Code:

&`#33;@#&`#036;%^&*()?abc123

(NOTE: ignore the backticks-- ````, between the &/#. If I don't put something in there, the board displays the character (ie-- #33 becomes !, etc.)

What I can't do, however, is match that encoding. All I need to do to verify the password is:
if ($dbpassstored == md5(encodefunction($sentpass))) {}

But I don't know what "encodefunction" is.

So, can someone tell me what I could use to get that result?
I already tried htmlentities() and urlencode(), but the results are different.

Thanks.

[codeexploiter]

This is a program that i used to test your condition. Plz check this out i think you've missed something in your posing especially you haven't mentioned you used htmlentities() on your password.

If you apply md5() along it won't give you this result &`#33;@#&`#036;%^&*()?abc123

PHP Code:

<?php
//this program doesn't use database as you mentioned in your post. But i think you can find some fairly good idea from this program

//The password given for the testing purpose
$pass = "!@#$%^&*()?abc123";

//Display the value if we call the htmlentities()
echo "Value of $pass after applying htmlentities function : " .htmlentities($pass) ."<br><br>\n";
$htmlpass = htmlentities($pass);
//The output value you mentioned in your posting will be the output
//&`#33;@#&`#036;%^&amp;*()?abc123

//Applying hashing function on the password that has already been applied the HTML encoding
$pass_stored = md5($htmlpass);

//displaying the finaal password you stored in your db
echo "The password stored in your database: $pass_stored <br>\n";

//You want to check a user entered password is matching with the password stored
//I am assuming that we are dealing with this one password here

//The password from the user
$sent_password = "!@#$%^&*()?abc123";

//Applying html encoding on it
$sent_password = htmlentities($sent_password);

//applying hashing on the HTML encoded password from the user and comparing it with the password 
//that is in DB already hashed and HTML encoded
if($pass_stored == md5($sent_password))
    echo "Passwords are matching<br>\n";
else     
    echo "Passwrods are not matching<br>\n";

?>

If i run the above code I am getting an output Passwords are matching.

html_entity_decode() is the opposite of htmlentities() in that it converts all HTML entities to their applicable characters from string. If thats what you are looking for.

[djr33]

I know what md5 does, but the problem is that the password must match BEFORE it's put through the md5 function.

htmlentities didn't match the output that the forum gave when it encoded the password. (I added an echo to see what it output right before going through the md5() function.)

So... not sure how to get it to match that.



To rephrase, without all the extra info, what I need is to know which function makes
!@#$%^&*()?abc123
into:
&`#33;@#&`#036;%^&*()?abc123

(ignore the backticks-- ```, as above)


A simpler way to look at it is that I need a function that when ! is input, the output is &#33 ;

[Twey]

It doesn't really matter. As with MD5, all you need to know in order to use it in this case is that it will always return the same value for a given string.

[codeexploiter]

checkout the mb_convert_encoding() in php

[djr33]

Twey, I don't understand your response.
the problem is that in my script the input to md5 differs from the input to md5 in the forum's script, so the outputs differ, because the inputs differ.

codeexploiter, I get an error (undefined function) when calling that, and looking it up on php.net just gives info on converting from various character sets to each other.
Do you have a suggestion of which to use?

[Twey]

Oh, I see, sorry. My misjudgement.

(NOTE: ignore the backticks-- ````, between the &/#. If I don't put something in there, the board displays the character (ie-- #33 becomes !, etc.)

Try [b][/b].

The output certainly looks like urlencode(), but this could well be a search/replace operation. The only way to be sure of what's going on is to look up what happens in the board's code.

[djr33]

The board's code is insanely complex. There are dozens of pages, each with about 500 lines of code (or more).
I tried looking it up, but the only part I found was where it was converted to md5. The value is, at that point, stored as part of an array called "$input" and I coudln't find where anything was done to it. That's the interesting thing.... if there is a search/replace operation, I don't see the function, as it isn't where it should be.
The forum is all one page, index.php which then uses includes based on the operation to generate the pages. However, I can't find anything to do with the encoding on either the index page or the included page (Usercp.php), so it must be in one of the other included pages, but, again, it's a maze.

As for urlencode, the output I get from that is %21 for the !. It encodes for urls, not html. So... space=%20, not   etc. Any ideas?



Ah, [b] works well. Thanks.

[Twey]

The board's code is insanely complex. There are dozens of pages, each with about 500 lines of code (or more).

This is why we have grep

Code:

$ grep -r '$input' /var/www/localhost/boarddir

As for urlencode

I meant htmlentities(). >.<

[djr33]

htmlentities() doesn't encode an exclamation point, just quotes, ampersands, and other things that would affect the code. Since ! has no html function, it ignores that.

Grep? What's that?