Because I prefer sql injection
I have tested many websites ASPPHPJSP
I found that the MD5 encryption algorithm is basically used
It is said that MD5 is irreversible and cannot be broken
MD5 is irreversible, but can be broken through violence
Just MD5 the commonly used passwords and put them in the database
Others only need to provide the MD5 password for database comparison to restore the password
Domestic www.cmd5.com Overseas www.xmd5.org
All provide online blasting
Have many webmasters been hacked? The biggest part is that the administrator password was leaked through SQL injection
Then go backstage and cause destruction
I found that PHP’s built-in function crypt is very good
Cooperate with MD5 to become more invincible
$pass = 123456;
echo "After MD5 encryption".md5($pass)."
"; //Unsafe
echo "crypt after encryption".crypt($pass)."
"; // The confusing password will change after refreshing
echo "crypt after complex encryption".crypt($pass,substr($pass,0,2))."
"; //Still unhappy
echo "After invincible encryption".md5(crypt($pass,substr($pass,0,2)))."
"; // How do hackers break this password now? ? ?
?>
The final password is still 32 bits. At first glance, I thought it was MD5 encryption
But no matter how huge the opponent’s MD5 HASH value is, several T of data cannot be cracked
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
