Posted by Schraalhans Keukenmeester on 05/25/07 12:08

At Fri, 25 May 2007 02:24:46 -0700, Ravi let his monkeys type:

> we will take the mac address from the customer and adding the system
> date and time after encrypting it using Md5 keeping it some where else
> in my code that to encrypted...
>
> can u find out the logic
> JGNvZGVsb2NrX2NvZGU9IklDUnZkWFFnUFdGeWNtRjVLQ2s3RFFvZ1pYaGxZeWdpYVdaamIyNW1hV2NnTFdFZ1pYUm9NQ0lzSkc5MWRDazdJQTBLSUNSaGNuSWdQU0J6ZEhKeVpYWW9jM1J5ZEc5cktITjBjbkpsZGlna2IzVjBXekJkS1N3bklDY3BLVHNOQ2lBa1pIUnBiV1VnUFNBaU1qVXdOVEl3TURjeE1UZ3dNRGMzTURRMElqc05DaUFrWm5BZ1BTQm1hV3hsS0NKTWFXTmxibU5sTG1SaGRDSXBPdz09IjsgJGNvZGVsb2NrX2NvZGU9c3RyX3JlcGxhY2UoIkAiLCJDQWciLCAkY29kZWxvY2tfY29kZSk7ICRjb2RlbG9ja19jb2RlPXN0cl9yZXBsYWNlKCIhIiwgIlc1IiwgJGNvZGVsb2NrX2NvZGUpOyAkY29kZWxvY2tfY29kZT1zdHJfcmVwbGFjZSgiKiIsICJDQWdJIiwgJGNvZGVsb2NrX2NvZGUpOyAkY29kZWxvY2tfY29kZT1iYXNlNjRfZGVjb2RlKCRjb2RlbG9ja19jb2RlKTsgZXZhbCgkY29kZWxvY2tfY29kZSk7IAo=
>
> This is the actual code

You can make a contest out of this topic, but it won't get you further. I
think you are reinventing a broken wheel. A simple session based script
with a login and a decent password scheme beats your 'security' by miles.

Starting something based on wrong assumptions is called a mistake. All
people make mistakes.
Smart people learn from them and know when to abandon their original idea.
Stubbornly holding on to a flawed concept is no mistake, it's just plain
dumb.

Be smart, toss out the (time+MAC+whatevernon-random-stuff)-seeded
authentication gizmo and start afresh.

Sh.

[Back to original message]