Today, a friend asked me if the answer to a discuz security question could be forgiven. Or crack it. I noticed a password before, but I only remembered it was very short. I thought it was MD5 taken from substr. Finally, I looked at the source code for a long time and found that it was indeed MD5 encrypted. However, the encryption process was a bit confusing
< ;option value="0">No security question
The encryption process is to encrypt the value of value first. For example, my question is " The value of the "last four digits of the driver's license" value is 7. The MD5 of 7 is 8f14e45fceea167a5a36dedd4bea2543. My answer is "1v1.name". Here, the MD5 values of 1v1.name and 7 are put together, that is, "1v1.name8f14e45fceea167a5a36dedd4bea2543" The encrypted MD5 value is "f5d8e00a4ebc9ead4611c04706ae05fd" and then take the 8-digit password from 17th to 24th "4611c047" 4611c047 is the password in the database
Demo
7
8f14e45fceea167a 5a36dedd4bea2543
1v1.name8f14e45fceea167a5a36dedd4bea2543
f5d8e00a4ebc9ead4611c04706ae05fd
4611c047
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
