View file brut/md5.php

Милый пушистый сайт !!!!
File size: 3.68Kb
<?php
/*-----------------------------------------*/
#    Автор Voland aka Gexogen
#    [email protected]
#    www.voland-city.ru
/*-----------------------------------------*/
ob_start();
require ('config.php');
$type = htmlspecialchars($type);

echo'<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8">
<title>Brute Force Md5</title>
<style type="text/css">
body, td, tr {text-decoration: none; font-family: Arial; font-size: 9pt; cursor: default; color: silver}
body {margin: 5px; padding: 5px; background: #101320;}
a:link { text-decoration: none; font-size: 12px; color: #999000}
input, select {font-size: 8pt;}
</style></head><body>';

echo'<center><b>Brute Force Md5 Hashes</b></center>';

if ($type == "encode") {
    $mess = $_POST['mess'];
    $mess = htmlspecialchars($mess);
	$width = strlen($mess);
    
	if ($mess == "") {
        header ("Location: index.php?e=notstr");
	    exit;
    }
	if ($width > 25) {
	    header ("Location: index.php?e=bigpass");
		exit;
	}

    $mess_en = md5($mess);
	
	echo'<br>Результат:
	    <br><form action="md5.php?type=add" method="POST"/><br>
	    <br>Пароль: <br><input type="text" name="ps" value="'.$mess.'"/><br>
		<br>Хэш: <br><input type="text" name="hs" value="'.$mess_en.'"/><br>
		<br><input type="submit" value="Добавить в базу"/></form><hr><br>';
}

if ($type == "brut") {
    $mess = $_POST['mess'];
    $mess = htmlspecialchars($mess);
	$width = strlen($mess);
	
    if ($mess == "") {
        header ("Location: index.php?e=notstr");
	    exit;
    }
	if (eregi("[^0-9A-z-]",$mess)) {
	    header ("Location: index.php?e=is_not_hash");
		exit;
	}
	if ($width != 32 ) {
	    header ("Location: index.php?e=is_not_hash");
		exit;
	}
    
	$f = file($data_file);
    $total = count($f);
	for ($i = 0; $i < $total; $i++) {
	    $data = explode("#",$f[$i]);
		if ($data[1] == $mess) {
		    echo'<br>Сбручено!<br>
			    <br>Хэш: <br><input type="text" value="'.$data[1].'"><br>
				<br>Пароль: <br><input type="text" value="'.$data[2].'"><br>';
			echo'<br><a href="index.php">Назад</a><br>';
			echo'<br><hr><a href="'.$home_page.'">На главную</a><br>';
			echo'<hr></body></html>';
            ob_end_flush();
		    exit;
		}
	}
	header ("Location: index.php?e=notbrut");
	exit;
}

if ($type == "add") {
    $_POST['hs'] = $hs;
	$_POST['ps'] = $ps;
	if ($hs == "") {
	    header ("Location: index.php?e=notstr");
	    exit;
    }
	if ($ps == "") {
	    header ("Location: index.php?e=notstr");
	    exit;
    }
	
	$hs = htmlspecialchars($hs);
	$ps = htmlspecialchars($ps);
	
	if (eregi("[^0-9A-z-]",$hs)) {
	    header ("Location: index.php?e=is_not_hash");
		exit;
	}
	
	$width1 = strlen($hs);
	$width2 = strlen($ps);
	
	if ($width1 != 32) {
	    header ("Location: index.php?e=is_not_hash");
		exit;
	}
	if ($width2 > 25) {
	    header ("Location: index.php?e=bigpass");
		exit;
	}
	$pr_hs = md5($ps);
	if ($hs !== $pr_hs) {
	    header ("Location: index.php?e=not_pass_hash");
		exit;
	}
	
	$f = file($data_file);
	$total = count($f);
	for ($i = 0; $i < $total; $i++) {
	    $data = explode("#",$f[$i]);
		if ($data[1] == $hs || $data[2] == $ps) {
		    header ("Location: index.php?e=have_hash");
			exit;
		}
	}
	
	$file = fopen($data_file, "a+");
	fputs ($file, "#$hs#$ps#\n");
	fclose ($file);
	header ("Location: index.php?e=add");
	exit;
}

echo'<a href="index.php">Назад</a><br>';
echo'<br><hr><a href="'.$home_page.'">На главную</a><br>';

echo'<hr></body></html>';
ob_end_flush();
?>