Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Problem of password management on mybb forum
Hello all member!

I'm working on a loader / client where my forum users will use their myBB information to login to my application. I know it's not good to have the database connection in the application. But I am also going to store their hwid on the database so I would need to connect to it anyway.

However, they store the passwords like this:

$hashedpsw = md5(md5($salt).md5($plainpassword));

And my attempt to recreate that passwords looks like this:

string salt = "D4UFUd6U"; // get salt from db
string password = "test!";// get password from user
MD5 md5 = new MD5CryptoServiceProvider();

// Create md5 hash of salt
byte[] saltBytes = Encoding.Default.GetBytes(salt);
byte[] saltHashBytes = md5.ComputeHash(salt);
string saltHash = System.BitConverter.ToString(saltHashBytes);

// Create your md5(password + md5(salt)) hash
byte[] passwordBytes = Encoding.Default.GetBytes(password + saltHash);
byte[] passwordHashBytes = md5.ComputeHash(salt);
string passwordHash = BitConverter.ToString(passwordHashBytes);

But I get the following error:

cannot convert from 'string' to 'System.IO.Stream'

Thanks for help!

Forum Jump:

Users browsing this thread: 1 Guest(s)