Because I like SQL injection
I have tested many websites aspphpjsp
and found that they basically use the md5 encryption algorithm
They say that MD5 is irreversible and cannot be broken
MD5 is irreversible but can be violent To break
you only need to MD5 the commonly used passwords and put them in the database
Others only need to provide the MD5 password for database comparison to restore the password
Domestic www.cmd5.com Foreign www.xmd5.org
All provide online blasting
Have many webmasters been hacked? The biggest part is that the administrator password was leaked by SQL injection
and then went into the background to cause damage
I found that PHP’s built-in function crypt is very good
With MD5, it is even more invincible
$pass = '123456';
echo "MD5 encryption".md5($pass)."
"; //Unsafe
echo "crypt encryption".crypt($pass). "
"; // The messy password will change after refreshing
echo "crypt after complex encryption".crypt($pass,substr($pass,0,2))."
"; //Still unhappy
echo "After invincible encryption".md5(crypt($pass,substr($pass,0,2)))."
"; // Now let the hacker break this password? ? ?
?>
At first glance, the last password is 32 bits and I thought it was MD5 encryption
But no matter how huge the other party’s MD5 HASH value is, several terabytes of data cannot be cracked
Of course The above ideas can be used in some other languages such as asp, asp.net, jsp, etc.