GRMrGecko/PasswordCheck
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Learned that the LinkedIn hash list had some things done to obscure the hash some. I changed the code to work with the obscured hashes.

Browse Source
This commit is contained in:
GRMrGecko 2014-09-17 15:35:56 -05:00
parent 441dc5e3b6
commit 16615a55f1
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
code/api.php
View File

@ -186,7 +186,7 @@ if ($_MGM['path'][1]=="email") {
} else if ($_MGM['path'][1]=="hash") {
connectToDatabase();
if (!empty($_REQUEST['sha1'])) {
$entries = databaseQuery("SELECT * FROM `sha1` WHERE `hash`=%s", $_REQUEST['sha1']);
$entries = databaseQuery("SELECT * FROM `sha1` WHERE `hash`=%s OR `hash`=%s", "00000".substr($_REQUEST['sha1'],5), $_REQUEST['sha1']);// The LinkedIn hashes seemed to have the first 5 characters replaced with 00000 because the person who uploaded on torrent sites decided that they didn't want to share the real hash.
$entry = databaseFetchAssoc($entries);
if ($entry!=null) {
?><h3 style="color: #ff0000">Password was stolen by hackers via <?=$entry['leak']?>.</h3><?