Jump to content
MaxCheaters Official Group on X
MaxCheaters Official Group on Discord
--> Place your ad text here <--

Create a password account

duartegabriel
 Share

Recommended Posts

duartegabriel Newbie

duartegabriel

Posted
Posted

Hello everyone;

 

I'm starting in the world of Lineage 2 OFF (interlude) and would like to know some things ... (if you can).

I am developing a panel and I want to create the account for it, but I can not create the user password in the binary value that is needed.

How do I create the user password in the format required to be able to enter the game?

I am using PHP on my panel.

 

Thanks...

DenArt Designs Newbie

DenArt Designs

Posted
Posted

this is not an secure way to make queries in database but in short you check database for username and password since there is no function to verify a password you just check if its the same so you have to recreate it

if you execute the following query it will return the user's data so you can check later if you have a row > 0 you set the session variables and you make the login action

"SELECT * FROM user_auth WHERE account='" . $login . "' AND password=" . encrypt($pass);

about the query to make it safe google prepared statements and how to bind a variable.

 

take from here some ideas

 

Function to encrypt password in PHP 

function encrypt($str)
	{
		$key = array ();
		$dst = array ();
		$i = 0;

		$nBytes = strlen($str);
		while ($i < $nBytes)
		{
			$i ++;
			$key[$i] = ord(substr($str, $i - 1, 1));
			$dst[$i] = $key[$i];
		}
		for ($i = 1; $i <= 16; $i ++)
		{
			if (! isset($key[$i]))
			{
				$key[$i] = 0;
			}
			if (! isset($dst[$i]))
			{
				$dst[$i] = 0;
			}
		}

		$rslt = $key[1] + $key[2] * 256 + $key[3] * 65536 + $key[4] * 16777216;
		$one = $rslt * 213119 + 2529077;
		$one = $one - intval($one / 4294967296) * 4294967296;

		$rslt = $key[5] + $key[6] * 256 + $key[7] * 65536 + $key[8] * 16777216;
		$two = $rslt * 213247 + 2529089;
		$two = $two - intval($two / 4294967296) * 4294967296;

		$rslt = $key[9] + $key[10] * 256 + $key[11] * 65536 + $key[12] * 16777216;
		$three = $rslt * 213203 + 2529589;
		$three = $three - intval($three / 4294967296) * 4294967296;

		$rslt = $key[13] + $key[14] * 256 + $key[15] * 65536 + $key[16] * 16777216;
		$four = $rslt * 213821 + 2529997;
		$four = $four - intval($four / 4294967296) * 4294967296;

		$key[1] = $one & 0xFF;
		$key[2] = ($one >> 8) & 0xFF;
		$key[3] = ($one >> 16) & 0xFF;
		$key[4] = ($one >> 24) & 0xFF;

		$key[5] = $two & 0xFF;
		$key[6] = ($two >> 8) & 0xFF;
		$key[7] = ($two >> 16) & 0xFF;
		$key[8] = ($two >> 24) & 0xFF;

		$key[9] = $three & 0xFF;
		$key[10] = ($three >> 8) & 0xFF;
		$key[11] = ($three >> 16) & 0xFF;
		$key[12] = ($three >> 24) & 0xFF;

		$key[13] = $four & 0xFF;
		$key[14] = ($four >> 8) & 0xFF;
		$key[15] = ($four >> 16) & 0xFF;
		$key[16] = ($four >> 24) & 0xFF;

		$dst[1] = $dst[1] ^ $key[1];

		$i = 1;
		while ($i < 16)
		{
			$i ++;
			$dst[$i] = $dst[$i] ^ $dst[$i - 1] ^ $key[$i];
		}

		$i = 0;
		while ($i < 16)
		{
			$i ++;
			if ($dst[$i] == 0)
			{
				$dst[$i] = 102;
			}
		}

		$encrypt = "0x";
		$i = 0;
		while ($i < 16)
		{
			$i ++;
			if ($dst[$i] < 16)
			{
				$encrypt = $encrypt . "0" . dechex($dst[$i]);
			}
			else
			{
				$encrypt = $encrypt . dechex($dst[$i]);
			}
		}
		return $encrypt;
	}

 

Nightw0lf Experienced

Nightw0lf

Posted
Posted (edited)
On 9/17/2019 at 9:27 AM, DenArt Designs said:

"SELECT * FROM user_auth WHERE account='" . $login . "' AND password=" . encrypt($pass);

On 9/17/2019 at 9:27 AM, DenArt Designs said:

this is not an secure way to make queries in database

On 9/18/2019 at 12:20 AM, duartegabriel said:

It worked.

read more about sql injection in google because login can do harm on your database

https://en.wikipedia.org/wiki/SQL_injection

use PDO or if you have old PHP

$login = mysql_real_escape_string($login);

or

$login = preg_replace("/[^a-zA-Z]/", "", $login);// this leaves only letters from a to z + capital

for numbers a-zA-Z0-9

Edited by Nightw0lf
  • 3 weeks later...
eressea Newbie

eressea

Posted
Posted

Also, if you can, use hauthd and MD5 passwords. NCsoft hash isn't really cryptographic and can be easily reversed to original password (or different string, but it works too, there are lot of collisions in results of this hashing function) so if anybody manages to steal your database, they'll be able to get passwords from it very quickly.

guytis Contributor

guytis

Posted
Posted
7 hours ago, eressea said:

Also, if you can, use hauthd and MD5 passwords. NCsoft hash isn't really cryptographic and can be easily reversed to original password (or different string, but it works too, there are lot of collisions in results of this hashing function) so if anybody manages to steal your database, they'll be able to get passwords from it very quickly.

 

intval(10 / 3)

 

reverse 3*3 = 10  good

Nightw0lf Experienced

Nightw0lf

Posted
Posted
23 hours ago, eressea said:

so if anybody manages to steal your database

depends on the permissions you give and the connection method you use (ofc how bad/old is the code).

PDO's hard to get pass through, proper sanitize, know what to expect on data but most panels have holes because creators never sanitize properly, few know how to make it but nobody does it.

15 hours ago, guytis said:

 

intval(10 / 3)

 

reverse 3*3 = 10  good

in case we have a password 123456789 yes its perfect

in case we have a password abc1234 you have a big error

your commend is not valid in any possible way regarding lineage or user/pass protection.

guytis Contributor

guytis

Posted
Posted
1 hour ago, Nightw0lf said:

depends on the permissions you give and the connection method you use (ofc how bad/old is the code).

PDO's hard to get pass through, proper sanitize, know what to expect on data but most panels have holes because creators never sanitize properly, few know how to make it but nobody does it.

in case we have a password 123456789 yes its perfect

in case we have a password abc1234 you have a big error

your commend is not valid in any possible way regarding lineage or user/pass protection.

its logic 3 * 3 not 10
its sarcasm...

Nightw0lf Experienced

Nightw0lf

Posted
Posted (edited)
1 hour ago, guytis said:

its logic 3 * 3 not 10
its sarcasm...

if you think that with this commend I meant that 3*3 = 10 you must be really stupid, prove me wrong with your full thought behind " intval " and "reverse check"

when i type my password: %$1'"53"(51)_$'hackcommand

Edited by Nightw0lf
guytis Contributor

guytis

Posted
Posted
On 10/10/2019 at 6:38 AM, Nightw0lf said:

if you think that with this commend I meant that 3*3 = 10 you must be really stupid, prove me wrong with your full thought behind " intval " and "reverse check"

when i type my password: %$1'"53"(51)_$'hackcommand

i say

 

int A =10;

int Z = inval(A / 3 );

int U = Z x 3;

 

//U === 9

 

If you think I'm wrong, grab a book first.
Donkey

Nightw0lf Experienced

Nightw0lf

Posted
Posted
1 hour ago, guytis said:

i say

 

int A =10;

int Z = inval(A / 3 );

int U = Z x 3;

 

//U === 9

 

If you think I'm wrong, grab a book first.
Donkey

Best sanitize of the year award goes to you.

 

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing


  • Posts

    • snowbird
      Top 5 Strategies for Earning Stubs in MLB The Show 25

      By snowbird · Posted

      This post originally appeared on zupyak.   If you're diving into MLB The Show 25, you know how essential stubs are for building a powerhouse team. Whether you're aiming to snag elite players, upgrade your roster, or stock up on packs, stubs are the key to success. The good news? You don't need to spend real money to earn them. With a little strategy and effort, you can rake in stubs and dominate the diamond.  Here are the top five strategies to maximize your MLB The Show stub earnings and create the ultimate team without breaking the bank.    1. Earning Stubs with Diamond Quest Diamond Quest is a goldmine for stubs. By completing challenges in this mode, you can earn Diamond cards, which often have high sell values. Once you've earned these cards, sell them in the in-game Marketplace for a quick influx of stubs. Additionally, the packs you earn from Diamond Quest can be opened for more cards to sell or use in collections.   2. Completing Conquest Maps Conquest Maps are another excellent way to rack up stubs. Focus on capturing territories and completing map-specific goals. Many maps offer hidden rewards, including packs and stubs, which can significantly boost your earnings. You don't always need to conquer Strongholds—simply taking over territories can yield great rewards.   3. Flipping Cards in the Marketplace The Marketplace is your playground for flipping cards. Look for cards with a significant gap between their "Buy Now" and "Sell Now" prices. Place a Buy Order slightly above the current "Sell Now" price, then list the card for a "Sell Order" just below the "Buy Now" price. After the 10% Marketplace tax, you'll still make a profit. This strategy works best with high-value cards but requires patience and consistency.     4. Leveraging Player Exchanges Player Exchanges are an underrated method for earning stubs. Purchase cheap Silver cards near their quick-sell value, then exchange them for Gold players. These Gold players can either be used in your lineup or sold for a profit. This method is especially effective early in the game when Gold cards hold higher value.   5. Selling Things You Don't Need Don't let unused items clutter your inventory. Regularly check for duplicate cards, equipment, or other items you don't need. Sell these through the Marketplace to free up space and earn extra stubs. Even Bronze and Silver cards can add up over time, so don't overlook them. With these strategies, you'll be well on your way to building a dream team without spending real money. Let me know if you'd like to dive deeper into any of these methods!   Final Thoughts Building your dream team in MLB The Show 25 doesn't have to cost real money. With these five strategies—earning rewards through Diamond Quest, conquering Conquest Maps, flipping cards in the Marketplace, leveraging Player Exchanges, and selling unused items—you'll be well on your way to amassing stubs and creating a roster that rivals even the best in the game. Remember, consistency is key! Whether you're grinding through challenges or flipping cards daily, every little bit adds up over time. Stick with these methods, and soon enough, you'll have the stubs you need to dominate the diamond. Let us know which strategy works best for you—or if you've discovered any additional tips that deserve a spot on this list! Happy grinding!   
    • Splicho
      ⚜ Custom UPDATER / LAUNCHER ⚜

      By Splicho · Posted

      I don't see that ur account got unbanned https://maxcheaters.com/profile/80641-∽ave∽/  
    • rookie23
      L2J Gracia Epilogue-Gracia Final

      By rookie23 · Posted

      Looking for gracia final/gracia epilogue server files including source.
    • Ave
      ⚜ Custom UPDATER / LAUNCHER ⚜

      By Ave · Posted

      Got banned for ALLEGED scamm. Unbaned because I never scammed anyone - I either deliver or refund. So You can cry as much as You like, post as much idiotic and chidlish emotes as You like, but I'm not a scammer. So...get a life kid, and fuck off Cuntw0lf. There is a reason You have "0" in Your nickname. You are a zero 😎
    • Nightw0lf
      ⚜ Custom UPDATER / LAUNCHER ⚜

      By Nightw0lf · Posted

      talk in the mirror 🖕  🤏 in some of those urls you are banned for scam     definition of scam for you is not include delivery we all know scammer once scammer always i cant understand why you talk to me only and ignore the others? why nobody else triggers you like that

  • Topics

×
×
  • Create New...