473,505 Members | 13,904 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Username and Password

I need a javascript that will accept the username "frederic" and the
password "ozanam" on my page "member,html" that will allow those who
input this data to access my page "member2.html".

I had a script that did this but when I updated the page on which it
resided I did not keep a copy of the javascript.

If you can help me with the script and email it to me at
rh******@silk.net I would be very grateful.

And of course this time I will - I promise - back up my code!!

Thanks, Reg

Oct 16 '06 #1
8 6071

rh******@silk.net wrote:
I need a javascript that will accept the username "frederic" and the
password "ozanam" on my page "member,html" that will allow those who
input this data to access my page "member2.html".

I had a script that did this but when I updated the page on which it
resided I did not keep a copy of the javascript.

If you can help me with the script and email it to me at
rh******@silk.net I would be very grateful.

And of course this time I will - I promise - back up my code!!

Thanks, Reg
This is really an insecure way to go. How secure do you actually need
this page to be? Because using javascript for this would make it
incredibly easy to hack...

Oct 16 '06 #2
Tom Cole wrote:
rh******@silk.net wrote:
I need a javascript that will accept the username "frederic" and the
password "ozanam" on my page "member,html" that will allow those who
input this data to access my page "member2.html". [...]

This is really an insecure way to go. How secure do you actually need
this page to be?
Contradictory to common belief, javascript passwords can be secure; it
all depends on the underlying algorithm. The OP's major problem is that
he can't safely crypt the redirect to member2.html, since that is
something the javascript itself needs to decrypt somehow.
A safe javascript password script:

-----------------------------------------------
CODE START
-----------------------------------------------

<html>

<head>
<title>Crypt</title>
<script language="javascript">

/************************************************** *************
* *
* JAVACRYPT: CLIENT-SIDE crypt(3) USING JAVASCRIPT *
* *
************************************************** *************
* *
* This Javascript allows you to calculate the encrypted *
* password generated by the UNIX function crypt(3) on your *
* computer without using an online script in PHP, PERL, *
* shell, or any other server-side script. The only changes *
* you need make in this are in function dP(), which is right *
* below the end of this comment. Refer to the directions *
* there for details. *
* *
* I wish I could take full credit for this script, but there *
* are several people who deserve most of the credit *
* *
* First and foremost, I thank John F. Dumas for writing *
* jcrypt.java, a Java-based implementation of crypt(3) and *
* from which this Javascript is heavily based (actually, I *
* just did a direct port from his code, using Sun's tutorial *
* and my knowledge of Javascript). I additionally thank *
* Eric Young for writing the C code off which Dumas based *
* his script. Finally, thanks goes to the original writers *
* of crypt(3), whoever they are. *
* *
* If you have questions, I suggest you ask John Dumas about *
* them, as I have no real idea what any of this code does. *
* Base the questions off his source code, as Javascript and *
* Java are (in basic operators) nearly identical. *
* *
* jcrypt.java source code can be found at: *
* http://locutus.kingwoodcable.com/jfd/crypt.html *
* *
************************************************** *************/

function dP(){
salt = (document.CRYPT.PW.value).substring(0,2);
pw_salt=this.crypt(salt,document.CRYPT.PW.value);

document.CRYPT.ENC_PW.value=pw_salt[0];
document.CRYPT.Salt.value=pw_salt[1];

if (pw_salt[0] == 'H4bBU6qFGRa6w'){
alert('good password') }
else {
alert('bad password') }
return false;
}

function bTU(b){
value=Math.floor(b);
return (value>=0?value:value+256);
}
function fBTI(b,offset){
value=this.byteToUnsigned(b[offset++]);
value|=(this.byteToUnsigned(b[offset++])<<8);
value|=(this.byteToUnsigned(b[offset++])<<16);
value|=(this.byteToUnsigned(b[offset++])<<24);
return value;
}
function iTFB(iValue,b,offset){
b[offset++]=((iValue)&0xff);
b[offset++]=((iValue>>>8)&0xff);
b[offset++]=((iValue>>>16)&0xff);
b[offset++]=((iValue>>>24)&0xff);
}
function P_P(a,b,n,m,results){
t=((a>>>n)^b)&m;
a^=t<<n;
b^=t;
results[0]=a;
results[1]=b;
}
function H_P(a,n,m){
t=((a<<(16-n))^a)&m;
a=a^t^(t>>>(16-n));
return a;
}
function d_s_k(key){
schedule=new Array(0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0);
c=this.fourBytesToInt(key,0);
d=this.fourBytesToInt(key,4);
results=new Array(0,0);
this.PERM_OP(d,c,4,0x0f0f0f0f,results);
d=results[0];c=results[1];
c=this.HPERM_OP(c,-2,0xcccc0000);
d=this.HPERM_OP(d,-2,0xcccc0000);
this.PERM_OP(d,c,1,0x55555555,results);
d=results[0];c=results[1];
this.PERM_OP(c,d,8,0x00ff00ff,results);
c=results[0];d=results[1];
this.PERM_OP(d,c,1,0x55555555,results);
d=results[0];c=results[1];
d=(((d&0x000000ff)<<16)|(d&0x0000ff00)|
((d&0x00ff0000)>>>16)|((c&0xf0000000)>>>4));
c&=0x0fffffff;
s=0;t=0;
j=0;
for(i=0;i<this.ITERATIONS;i++){
if(this.shifts2[i]){
c=(c>>>2)|(c<<26);
d=(d>>>2)|(d<<26);
}else{
c=(c>>>1)|(c<<27);
d=(d>>>1)|(d<<27);
}
c&=0x0fffffff;
d&=0x0fffffff;
s=this.skb[0][c&0x3f]|this.skb[1][((c>>>6)&0x03)|
((c>>>7)&0x3c)]|this.skb[2][((c>>>13)&0x0f)|((c>>>14)&0x30)]|
this.skb[3][((c>>>20)&0x01)|((c>>>21)&0x06)|((c>>>22)&0x38)];
t=this.skb[4][d&0x3f]|this.skb[5][((d>>>7)&0x03)|
((d>>>8)&0x3c)]|this.skb[6][(d>>>15)&0x3f]|
this.skb[7][((d>>>21)&0x0f)|((d>>>22)&0x30)];
schedule[j++]=((t<< 16)|(s&0x0000ffff))&0xffffffff;
s=((s>>>16)|(t&0xffff0000));
s=(s<<4)|(s>>>28);
schedule[j++]=s&0xffffffff;
}
return schedule;
}
function D_E(L,R,S,E0,E1,s){
v=R^(R>>>16);
u=v&E0;
v=v&E1;
u=(u^(u<<16))^R^s[S];
t=(v^(v<<16))^R^s[S+1];
t=(t>>>4)|(t<<28);
L^=this.SPtrans[1][t&0x3f]|this.SPtrans[3][(t>>>8)&0x3f]|
this.SPtrans[5][(t>>>16)&0x3f]|this.SPtrans[7][(t>>>24)&0x3f]|
this.SPtrans[0][u&0x3f]|this.SPtrans[2][(u>>>8)&0x3f]|
this.SPtrans[4][(u>>>16)&0x3f]|this.SPtrans[6][(u>>>24)&0x3f];
return L;
}
function bdy(schedule,Eswap0,Eswap1) {
left=0;
right=0;
t=0;
for(j=0;j<25;j++){
for(i=0;i<this.ITERATIONS*2;i+=4){
left=this.D_ENCRYPT(left, right,i,Eswap0,Eswap1,schedule);
right=this.D_ENCRYPT(right,left,i+2,Eswap0,Eswap1, schedule);
}
t=left;
left=right;
right=t;
}
t=right;
right=(left>>>1)|(left<<31);
left=(t>>>1)|(t<<31);
left&=0xffffffff;
right&=0xffffffff;
results=new Array(0,0);
this.PERM_OP(right,left,1,0x55555555,results);
right=results[0];left=results[1];
this.PERM_OP(left,right,8,0x00ff00ff,results);
left=results[0];right=results[1];
this.PERM_OP(right,left,2,0x33333333,results);
right=results[0];left=results[1];
this.PERM_OP(left,right,16,0x0000ffff,results);
left=results[0];right=results[1];
this.PERM_OP(right,left,4,0x0f0f0f0f,results);
right=results[0];left=results[1];
out=new Array(0,0);
out[0]=left;out[1]=right;
return out;
}
function rC(){return this.GOODCHARS[Math.floor(64*Math.random())]}
function cript(salt,original){
if(salt.length>=2) salt=salt.substring(0,2);
while(salt.length<2) salt+=this.randChar();
re=new RegExp("[^./a-zA-Z0-9]","g");
if(re.test(salt)) salt=this.randChar()+this.randChar();
charZero=salt.charAt(0)+'';
charOne=salt.charAt(1)+'';
ccZ=charZero.charCodeAt(0);
ccO=charOne.charCodeAt(0);
buffer=charZero+charOne+" ";
Eswap0=this.con_salt[ccZ];
Eswap1=this.con_salt[ccO]<<4;
key=new Array(0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0);
for(i=0;i<key.length&&i<original.length;i++){
iChar=original.charCodeAt(i);
key[i]=iChar<<1;
}
schedule=this.des_set_key(key);
out=this.body(schedule,Eswap0,Eswap1);
b=new Array(0,0,0,0,0,0,0,0,0);
this.intToFourBytes(out[0],b,0);
this.intToFourBytes(out[1],b,4);
b[8]=0;
for(i=2,y=0,u=0x80;i<13;i++){
for(j=0,c=0;j<6;j++){
c<<=1;
if((b[y]&u)!=0) c|=1;
u>>>=1;
if(u==0){
y++;
u=0x80;
}
buffer=buffer.substring(0,i)
+String.fromCharCode(this.cov_2char[c])
+buffer.substring(i+1,buffer.length);
}
}
ret=new Array(buffer,salt);
return ret;
}

function Crypt() {
this.ITERATIONS=16;
this.GOODCHARS=new Array(
".","/","0","1","2","3","4","5","6","7",
"8","9","A","B","C","D","E","F","G","H",
"I","J","K","L","M","N","O","P","Q","R",
"S","T","U","V","W","X","Y","Z","a","b",
"c","d","e","f","g","h","i","j","k","l",
"m","n","o","p","q","r","s","t","u","v",
"w","x","y","z");
this.con_salt=new Array(
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,
0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,
0x0A,0x0B,0x05,0x06,0x07,0x08,0x09,0x0A,
0x0B,0x0C,0x0D,0x0E,0x0F,0x10,0x11,0x12,
0x13,0x14,0x15,0x16,0x17,0x18,0x19,0x1A,
0x1B,0x1C,0x1D,0x1E,0x1F,0x20,0x21,0x22,
0x23,0x24,0x25,0x20,0x21,0x22,0x23,0x24,
0x25,0x26,0x27,0x28,0x29,0x2A,0x2B,0x2C,
0x2D,0x2E,0x2F,0x30,0x31,0x32,0x33,0x34,
0x35,0x36,0x37,0x38,0x39,0x3A,0x3B,0x3C,
0x3D,0x3E,0x3F,0x00,0x00,0x00,0x00,0x00 );
this.shifts2=new Array(
false,false,true,true,true,true,true,true,
false,true, true,true,true,true,true,false );
this.skb=new Array(0,0,0,0,0,0,0,0);
this.skb[0]=new Array(
0x00000000,0x00000010,0x20000000,0x20000010,
0x00010000,0x00010010,0x20010000,0x20010010,
0x00000800,0x00000810,0x20000800,0x20000810,
0x00010800,0x00010810,0x20010800,0x20010810,
0x00000020,0x00000030,0x20000020,0x20000030,
0x00010020,0x00010030,0x20010020,0x20010030,
0x00000820,0x00000830,0x20000820,0x20000830,
0x00010820,0x00010830,0x20010820,0x20010830,
0x00080000,0x00080010,0x20080000,0x20080010,
0x00090000,0x00090010,0x20090000,0x20090010,
0x00080800,0x00080810,0x20080800,0x20080810,
0x00090800,0x00090810,0x20090800,0x20090810,
0x00080020,0x00080030,0x20080020,0x20080030,
0x00090020,0x00090030,0x20090020,0x20090030,
0x00080820,0x00080830,0x20080820,0x20080830,
0x00090820,0x00090830,0x20090820,0x20090830 );
this.skb[1]=new Array(
0x00000000,0x02000000,0x00002000,0x02002000,
0x00200000,0x02200000,0x00202000,0x02202000,
0x00000004,0x02000004,0x00002004,0x02002004,
0x00200004,0x02200004,0x00202004,0x02202004,
0x00000400,0x02000400,0x00002400,0x02002400,
0x00200400,0x02200400,0x00202400,0x02202400,
0x00000404,0x02000404,0x00002404,0x02002404,
0x00200404,0x02200404,0x00202404,0x02202404,
0x10000000,0x12000000,0x10002000,0x12002000,
0x10200000,0x12200000,0x10202000,0x12202000,
0x10000004,0x12000004,0x10002004,0x12002004,
0x10200004,0x12200004,0x10202004,0x12202004,
0x10000400,0x12000400,0x10002400,0x12002400,
0x10200400,0x12200400,0x10202400,0x12202400,
0x10000404,0x12000404,0x10002404,0x12002404,
0x10200404,0x12200404,0x10202404,0x12202404 );
this.skb[2]=new Array(
0x00000000,0x00000001,0x00040000,0x00040001,
0x01000000,0x01000001,0x01040000,0x01040001,
0x00000002,0x00000003,0x00040002,0x00040003,
0x01000002,0x01000003,0x01040002,0x01040003,
0x00000200,0x00000201,0x00040200,0x00040201,
0x01000200,0x01000201,0x01040200,0x01040201,
0x00000202,0x00000203,0x00040202,0x00040203,
0x01000202,0x01000203,0x01040202,0x01040203,
0x08000000,0x08000001,0x08040000,0x08040001,
0x09000000,0x09000001,0x09040000,0x09040001,
0x08000002,0x08000003,0x08040002,0x08040003,
0x09000002,0x09000003,0x09040002,0x09040003,
0x08000200,0x08000201,0x08040200,0x08040201,
0x09000200,0x09000201,0x09040200,0x09040201,
0x08000202,0x08000203,0x08040202,0x08040203,
0x09000202,0x09000203,0x09040202,0x09040203 );
this.skb[3]=new Array(
0x00000000,0x00100000,0x00000100,0x00100100,
0x00000008,0x00100008,0x00000108,0x00100108,
0x00001000,0x00101000,0x00001100,0x00101100,
0x00001008,0x00101008,0x00001108,0x00101108,
0x04000000,0x04100000,0x04000100,0x04100100,
0x04000008,0x04100008,0x04000108,0x04100108,
0x04001000,0x04101000,0x04001100,0x04101100,
0x04001008,0x04101008,0x04001108,0x04101108,
0x00020000,0x00120000,0x00020100,0x00120100,
0x00020008,0x00120008,0x00020108,0x00120108,
0x00021000,0x00121000,0x00021100,0x00121100,
0x00021008,0x00121008,0x00021108,0x00121108,
0x04020000,0x04120000,0x04020100,0x04120100,
0x04020008,0x04120008,0x04020108,0x04120108,
0x04021000,0x04121000,0x04021100,0x04121100,
0x04021008,0x04121008,0x04021108,0x04121108 );
this.skb[4]=new Array(
0x00000000,0x10000000,0x00010000,0x10010000,
0x00000004,0x10000004,0x00010004,0x10010004,
0x20000000,0x30000000,0x20010000,0x30010000,
0x20000004,0x30000004,0x20010004,0x30010004,
0x00100000,0x10100000,0x00110000,0x10110000,
0x00100004,0x10100004,0x00110004,0x10110004,
0x20100000,0x30100000,0x20110000,0x30110000,
0x20100004,0x30100004,0x20110004,0x30110004,
0x00001000,0x10001000,0x00011000,0x10011000,
0x00001004,0x10001004,0x00011004,0x10011004,
0x20001000,0x30001000,0x20011000,0x30011000,
0x20001004,0x30001004,0x20011004,0x30011004,
0x00101000,0x10101000,0x00111000,0x10111000,
0x00101004,0x10101004,0x00111004,0x10111004,
0x20101000,0x30101000,0x20111000,0x30111000,
0x20101004,0x30101004,0x20111004,0x30111004 );
this.skb[5]=new Array(
0x00000000,0x08000000,0x00000008,0x08000008,
0x00000400,0x08000400,0x00000408,0x08000408,
0x00020000,0x08020000,0x00020008,0x08020008,
0x00020400,0x08020400,0x00020408,0x08020408,
0x00000001,0x08000001,0x00000009,0x08000009,
0x00000401,0x08000401,0x00000409,0x08000409,
0x00020001,0x08020001,0x00020009,0x08020009,
0x00020401,0x08020401,0x00020409,0x08020409,
0x02000000,0x0A000000,0x02000008,0x0A000008,
0x02000400,0x0A000400,0x02000408,0x0A000408,
0x02020000,0x0A020000,0x02020008,0x0A020008,
0x02020400,0x0A020400,0x02020408,0x0A020408,
0x02000001,0x0A000001,0x02000009,0x0A000009,
0x02000401,0x0A000401,0x02000409,0x0A000409,
0x02020001,0x0A020001,0x02020009,0x0A020009,
0x02020401,0x0A020401,0x02020409,0x0A020409 );
this.skb[6]=new Array(
0x00000000,0x00000100,0x00080000,0x00080100,
0x01000000,0x01000100,0x01080000,0x01080100,
0x00000010,0x00000110,0x00080010,0x00080110,
0x01000010,0x01000110,0x01080010,0x01080110,
0x00200000,0x00200100,0x00280000,0x00280100,
0x01200000,0x01200100,0x01280000,0x01280100,
0x00200010,0x00200110,0x00280010,0x00280110,
0x01200010,0x01200110,0x01280010,0x01280110,
0x00000200,0x00000300,0x00080200,0x00080300,
0x01000200,0x01000300,0x01080200,0x01080300,
0x00000210,0x00000310,0x00080210,0x00080310,
0x01000210,0x01000310,0x01080210,0x01080310,
0x00200200,0x00200300,0x00280200,0x00280300,
0x01200200,0x01200300,0x01280200,0x01280300,
0x00200210,0x00200310,0x00280210,0x00280310,
0x01200210,0x01200310,0x01280210,0x01280310 );
this.skb[7]=new Array(
0x00000000,0x04000000,0x00040000,0x04040000,
0x00000002,0x04000002,0x00040002,0x04040002,
0x00002000,0x04002000,0x00042000,0x04042000,
0x00002002,0x04002002,0x00042002,0x04042002,
0x00000020,0x04000020,0x00040020,0x04040020,
0x00000022,0x04000022,0x00040022,0x04040022,
0x00002020,0x04002020,0x00042020,0x04042020,
0x00002022,0x04002022,0x00042022,0x04042022,
0x00000800,0x04000800,0x00040800,0x04040800,
0x00000802,0x04000802,0x00040802,0x04040802,
0x00002800,0x04002800,0x00042800,0x04042800,
0x00002802,0x04002802,0x00042802,0x04042802,
0x00000820,0x04000820,0x00040820,0x04040820,
0x00000822,0x04000822,0x00040822,0x04040822,
0x00002820,0x04002820,0x00042820,0x04042820,
0x00002822,0x04002822,0x00042822,0x04042822 );
this.SPtrans=new Array(0,0,0,0,0,0,0,0);
this.SPtrans[0]=new Array(
0x00820200,0x00020000,0x80800000,0x80820200,
0x00800000,0x80020200,0x80020000,0x80800000,
0x80020200,0x00820200,0x00820000,0x80000200,
0x80800200,0x00800000,0x00000000,0x80020000,
0x00020000,0x80000000,0x00800200,0x00020200,
0x80820200,0x00820000,0x80000200,0x00800200,
0x80000000,0x00000200,0x00020200,0x80820000,
0x00000200,0x80800200,0x80820000,0x00000000,
0x00000000,0x80820200,0x00800200,0x80020000,
0x00820200,0x00020000,0x80000200,0x00800200,
0x80820000,0x00000200,0x00020200,0x80800000,
0x80020200,0x80000000,0x80800000,0x00820000,
0x80820200,0x00020200,0x00820000,0x80800200,
0x00800000,0x80000200,0x80020000,0x00000000,
0x00020000,0x00800000,0x80800200,0x00820200,
0x80000000,0x80820000,0x00000200,0x80020200 );
this.SPtrans[1]=new Array(
0x10042004,0x00000000,0x00042000,0x10040000,
0x10000004,0x00002004,0x10002000,0x00042000,
0x00002000,0x10040004,0x00000004,0x10002000,
0x00040004,0x10042000,0x10040000,0x00000004,
0x00040000,0x10002004,0x10040004,0x00002000,
0x00042004,0x10000000,0x00000000,0x00040004,
0x10002004,0x00042004,0x10042000,0x10000004,
0x10000000,0x00040000,0x00002004,0x10042004,
0x00040004,0x10042000,0x10002000,0x00042004,
0x10042004,0x00040004,0x10000004,0x00000000,
0x10000000,0x00002004,0x00040000,0x10040004,
0x00002000,0x10000000,0x00042004,0x10002004,
0x10042000,0x00002000,0x00000000,0x10000004,
0x00000004,0x10042004,0x00042000,0x10040000,
0x10040004,0x00040000,0x00002004,0x10002000,
0x10002004,0x00000004,0x10040000,0x00042000 );
this.SPtrans[2]=new Array(
0x41000000,0x01010040,0x00000040,0x41000040,
0x40010000,0x01000000,0x41000040,0x00010040,
0x01000040,0x00010000,0x01010000,0x40000000,
0x41010040,0x40000040,0x40000000,0x41010000,
0x00000000,0x40010000,0x01010040,0x00000040,
0x40000040,0x41010040,0x00010000,0x41000000,
0x41010000,0x01000040,0x40010040,0x01010000,
0x00010040,0x00000000,0x01000000,0x40010040,
0x01010040,0x00000040,0x40000000,0x00010000,
0x40000040,0x40010000,0x01010000,0x41000040,
0x00000000,0x01010040,0x00010040,0x41010000,
0x40010000,0x01000000,0x41010040,0x40000000,
0x40010040,0x41000000,0x01000000,0x41010040,
0x00010000,0x01000040,0x41000040,0x00010040,
0x01000040,0x00000000,0x41010000,0x40000040,
0x41000000,0x40010040,0x00000040,0x01010000 );
this.SPtrans[3]=new Array(
0x00100402,0x04000400,0x00000002,0x04100402,
0x00000000,0x04100000,0x04000402,0x00100002,
0x04100400,0x04000002,0x04000000,0x00000402,
0x04000002,0x00100402,0x00100000,0x04000000,
0x04100002,0x00100400,0x00000400,0x00000002,
0x00100400,0x04000402,0x04100000,0x00000400,
0x00000402,0x00000000,0x00100002,0x04100400,
0x04000400,0x04100002,0x04100402,0x00100000,
0x04100002,0x00000402,0x00100000,0x04000002,
0x00100400,0x04000400,0x00000002,0x04100000,
0x04000402,0x00000000,0x00000400,0x00100002,
0x00000000,0x04100002,0x04100400,0x00000400,
0x04000000,0x04100402,0x00100402,0x00100000,
0x04100402,0x00000002,0x04000400,0x00100402,
0x00100002,0x00100400,0x04100000,0x04000402,
0x00000402,0x04000000,0x04000002,0x04100400 );
this.SPtrans[4]=new Array(
0x02000000,0x00004000,0x00000100,0x02004108,
0x02004008,0x02000100,0x00004108,0x02004000,
0x00004000,0x00000008,0x02000008,0x00004100,
0x02000108,0x02004008,0x02004100,0x00000000,
0x00004100,0x02000000,0x00004008,0x00000108,
0x02000100,0x00004108,0x00000000,0x02000008,
0x00000008,0x02000108,0x02004108,0x00004008,
0x02004000,0x00000100,0x00000108,0x02004100,
0x02004100,0x02000108,0x00004008,0x02004000,
0x00004000,0x00000008,0x02000008,0x02000100,
0x02000000,0x00004100,0x02004108,0x00000000,
0x00004108,0x02000000,0x00000100,0x00004008,
0x02000108,0x00000100,0x00000000,0x02004108,
0x02004008,0x02004100,0x00000108,0x00004000,
0x00004100,0x02004008,0x02000100,0x00000108,
0x00000008,0x00004108,0x02004000,0x02000008 );

this.SPtrans[5]=new Array(
0x20000010,0x00080010,0x00000000,0x20080800,
0x00080010,0x00000800,0x20000810,0x00080000,
0x00000810,0x20080810,0x00080800,0x20000000,
0x20000800,0x20000010,0x20080000,0x00080810,
0x00080000,0x20000810,0x20080010,0x00000000,
0x00000800,0x00000010,0x20080800,0x20080010,
0x20080810,0x20080000,0x20000000,0x00000810,
0x00000010,0x00080800,0x00080810,0x20000800,
0x00000810,0x20000000,0x20000800,0x00080810,
0x20080800,0x00080010,0x00000000,0x20000800,
0x20000000,0x00000800,0x20080010,0x00080000,
0x00080010,0x20080810,0x00080800,0x00000010,
0x20080810,0x00080800,0x00080000,0x20000810,
0x20000010,0x20080000,0x00080810,0x00000000,
0x00000800,0x20000010,0x20000810,0x20080800,
0x20080000,0x00000810,0x00000010,0x20080010 );
this.SPtrans[6]=new Array(
0x00001000,0x00000080,0x00400080,0x00400001,
0x00401081,0x00001001,0x00001080,0x00000000,
0x00400000,0x00400081,0x00000081,0x00401000,
0x00000001,0x00401080,0x00401000,0x00000081,
0x00400081,0x00001000,0x00001001,0x00401081,
0x00000000,0x00400080,0x00400001,0x00001080,
0x00401001,0x00001081,0x00401080,0x00000001,
0x00001081,0x00401001,0x00000080,0x00400000,
0x00001081,0x00401000,0x00401001,0x00000081,
0x00001000,0x00000080,0x00400000,0x00401001,
0x00400081,0x00001081,0x00001080,0x00000000,
0x00000080,0x00400001,0x00000001,0x00400080,
0x00000000,0x00400081,0x00400080,0x00001080,
0x00000081,0x00001000,0x00401081,0x00400000,
0x00401080,0x00000001,0x00001001,0x00401081,
0x00400001,0x00401080,0x00401000,0x00001001 );
this.SPtrans[7]=new Array(
0x08200020,0x08208000,0x00008020,0x00000000,
0x08008000,0x00200020,0x08200000,0x08208020,
0x00000020,0x08000000,0x00208000,0x00008020,
0x00208020,0x08008020,0x08000020,0x08200000,
0x00008000,0x00208020,0x00200020,0x08008000,
0x08208020,0x08000020,0x00000000,0x00208000,
0x08000000,0x00200000,0x08008020,0x08200020,
0x00200000,0x00008000,0x08208000,0x00000020,
0x00200000,0x00008000,0x08000020,0x08208020,
0x00008020,0x08000000,0x00000000,0x00208000,
0x08200020,0x08008020,0x08008000,0x00200020,
0x08208000,0x00000020,0x00200020,0x08008000,
0x08208020,0x00200000,0x08200000,0x08000020,
0x00208000,0x00008020,0x08008020,0x08200000,
0x00000020,0x08208000,0x00208020,0x00000000,
0x08000000,0x08200020,0x00008000,0x00208020 );
this.cov_2char=new Array(
0x2E,0x2F,0x30,0x31,0x32,0x33,0x34,0x35,
0x36,0x37,0x38,0x39,0x41,0x42,0x43,0x44,
0x45,0x46,0x47,0x48,0x49,0x4A,0x4B,0x4C,
0x4D,0x4E,0x4F,0x50,0x51,0x52,0x53,0x54,
0x55,0x56,0x57,0x58,0x59,0x5A,0x61,0x62,
0x63,0x64,0x65,0x66,0x67,0x68,0x69,0x6A,
0x6B,0x6C,0x6D,0x6E,0x6F,0x70,0x71,0x72,
0x73,0x74,0x75,0x76,0x77,0x78,0x79,0x7A );
this.byteToUnsigned=bTU;
this.fourBytesToInt=fBTI;
this.intToFourBytes=iTFB;
this.PERM_OP=P_P;
this.HPERM_OP=H_P;
this.des_set_key=d_s_k;
this.D_ENCRYPT=D_E;
this.body=bdy;
this.randChar=rC;
this.crypt=cript;
this.displayPassword=dP;
}
Javacrypt=new Crypt();
</script>
</head>

<body>

<form name="CRYPT" onSubmit="return false();">
<input type="hidden" name="ENC_PW">
<input type="hidden" name="Salt">
<input type="text" name="PW" maxlength="8">
<input type="button" value="Check"
onClick="Javacrypt.displayPassword()">
</form>

</body>
</html>

-----------------------------------------------
CODE END
-----------------------------------------------
Because using javascript for this would make it incredibly easy to hack...
Feel free to hack the code above then :-) The password is 'H4LMh2Zs'.

--
Bart

Oct 16 '06 #3
Bart Van der Donck wrote:
Tom Cole wrote:
rh******@silk.net wrote:
I need a javascript that will accept the username "frederic" and the
password "ozanam" on my page "member,html" that will allow those who
input this data to access my page "member2.html". [...]
This is really an insecure way to go. How secure do you actually need
this page to be?

Contradictory to common belief, javascript passwords can be secure; it
all depends on the underlying algorithm. The OP's major problem is that
he can't safely crypt the redirect to member2.html, since that is
something the javascript itself needs to decrypt somehow.
Unless when the redirect would be based on that plaintext password.
E.g. if the password were gHj4NbLu, then redirect to gHj4NbLu.html
after the authentication succeeded. Make sure to turn off directory
browsing.

--
Bart

Oct 16 '06 #4
In message <11**********************@e3g2000cwe.googlegroups. com>, Mon,
16 Oct 2006 08:32:19, Bart Van der Donck <ba**@nijlen.comwrites
>Contradictory to common belief, javascript passwords can be secure; it
all depends on the underlying algorithm. The OP's major problem is that
he can't safely crypt the redirect to member2.html, since that is
something the javascript itself needs to decrypt somehow.
A safe javascript password script:
><script language="javascript">
Deprecated. <script type="text/javascript">
>
/************************************************** *************
* *
* JAVACRYPT: CLIENT-SIDE crypt(3) USING JAVASCRIPT *
* *
************************************************** *************
* *
* This Javascript allows you to calculate the encrypted *
* password generated by the UNIX function crypt(3) on your *
* computer without using an online script in PHP, PERL, *
* shell, or any other server-side script. The only changes *
* you need make in this are in function dP(), which is right *
* below the end of this comment. Refer to the directions *
* there for details. *
* *
* I wish I could take full credit for this script, but there *
Undefined variable "I" - value is clear in News, but not in the code
itself! I'd put personal name, with E-mail or WWW link, and ISO date.

* jcrypt.java source code can be found at: *
* http://locutus.kingwoodcable.com/jfd/crypt.html *
Will you have a URL for the javascript code?

I have a cruder - but much shorter - one-way function demonstrated at
<URL:http://www.merlyn.demon.co.uk/js-other.htm#Pwdg>. It may not be
crypto-secure; but I think it's not easily reversible.

function OneWay(S) { var j, x, y = 2e50
x = '0.'+parseInt(S.value, 36)
with (Math) { for (j=0;j<10;j++) x = tan(1+x+x*y%1)%1 }
return ((x+1)/2).toString(36).substring(2) }
--
© John Stockton, Surrey, UK. ?@merlyn.demon.co.uk Turnpike v6.05 IE 6 ©
<URL:http://www.jibbering.com/faq/>? JL/RC: FAQ of news:comp.lang.javascript
<URL:http://www.merlyn.demon.co.uk/js-index.htmjscr maths, dates, sources.
<URL:http://www.merlyn.demon.co.uk/TP/BP/Delphi/jscr/&c, FAQ items, links.
Oct 20 '06 #5
J R Stockton wrote:
In message <11**********************@e3g2000cwe.googlegroups. com>, Mon,
16 Oct 2006 08:32:19, Bart Van der Donck <ba**@nijlen.comwrites
/************************************************** *************
* *
* JAVACRYPT: CLIENT-SIDE crypt(3) USING JAVASCRIPT *
* *
************************************************** *************
* *
* This Javascript allows you to calculate the encrypted *
* password generated by the UNIX function crypt(3) on your *
* computer without using an online script in PHP, PERL, *
* shell, or any other server-side script. The only changes *
* you need make in this are in function dP(), which is right *
* below the end of this comment. Refer to the directions *
* there for details. *
* *
* I wish I could take full credit for this script, but there *

Undefined variable "I" - value is clear in News, but not in the code
itself! I'd put personal name, with E-mail or WWW link, and ISO date.
Oh, it is certainly not my code. I just pasted the full code as it was.
Google reveals that the js porter is Jeff Walden:
http://whereswalden.com/tech/internet/javacrypt/
http://javascript.internet.com/passw...ncryption.html
http://whereswalden.com/files/misc/js/javacrypt.js (orig.)

Hack it and win the Nobel-prize :-)
http://www.google.com/search?q=CRYPT(3)
I have a cruder - but much shorter - one-way function demonstrated at
<URL:http://www.merlyn.demon.co.uk/js-other.htm#Pwdg>. It may not be
crypto-secure; but I think it's not easily reversible.

function OneWay(S) { var j, x, y = 2e50
x = '0.'+parseInt(S.value, 36)
with (Math) { for (j=0;j<10;j++) x = tan(1+x+x*y%1)%1 }
return ((x+1)/2).toString(36).substring(2) }
It must be +10 years ago that I last worked with goniometric functions,
but it really smells like this algorithm should be breakable.

A more readable/analyzed version of your encryption:

ORIGINAL | REVERSE
------------------------------- | -------------
|
x = '0.'+parseInt(S.value, 36) | (*)
|
for (j=0; j<10; j++) |
{ |
x = 1 + x | obvious
x = Math.tan(x) | x = Math.atan(x)
x=x%1 | (**)
} |
|
x = x + 1 | obvious
x = x / 2 | obvious
x = x.toString(36); | (*)
x = x.substring(2); | add '0.' in beginning
|
return x |

(*) alert(parseInt('fgthejdi',36))
alert((1212073729686).toString(36))

(**) modulus arithmetic operator %1 makes the variable
start with '0.' e.g. 16.454 becomes 0.454, 13.271
becomes 0.271, 88.250234 becomes 0.250234, etc.

--
Bart

Oct 21 '06 #6
In message <11*********************@f16g2000cwb.googlegroups. com>, Sat,
21 Oct 2006 02:01:22, Bart Van der Donck <ba**@nijlen.comwrites
>J R Stockton wrote:
>I have a cruder - but much shorter - one-way function demonstrated at
<URL:http://www.merlyn.demon.co.uk/js-other.htm#Pwdg>. It may not be
crypto-secure; but I think it's not easily reversible.

function OneWay(S) { var j, x, y = 2e50
x = '0.'+parseInt(S.value, 36)
with (Math) { for (j=0;j<10;j++) x = tan(1+x+x*y%1)%1 }
return ((x+1)/2).toString(36).substring(2) }

It must be +10 years ago that I last worked with goniometric functions,
but it really smells like this algorithm should be breakable.
I doubt whether many people could break it. If the loop count is too
big, there may be too few possible results. But the formula will deter
most people from trying to deduce an input that gives a known output.

Decode "nokxozg2wira" !!

--
© John Stockton, Surrey, UK. ?@merlyn.demon.co.uk Turnpike v6.05 IE 6 ©
<URL:http://www.jibbering.com/faq/>? JL/RC: FAQ of news:comp.lang.javascript
<URL:http://www.merlyn.demon.co.uk/js-index.htmjscr maths, dates, sources.
<URL:http://www.merlyn.demon.co.uk/TP/BP/Delphi/jscr/&c, FAQ items, links.
Oct 21 '06 #7
J R Stockton wrote:
In message <11*********************@f16g2000cwb.googlegroups. com>, Sat,
21 Oct 2006 02:01:22, Bart Van der Donck <ba**@nijlen.comwrites
It must be +10 years ago that I last worked with goniometric functions,
but it really smells like this algorithm should be breakable.

I doubt whether many people could break it. If the loop count is too
big, there may be too few possible results. But the formula will deter
most people from trying to deduce an input that gives a known output.

Decode "nokxozg2wira" !!
The problem is not the decryption itself. That part can be done (see
2nd URL below), though I seriously doubt it can be done in javascript.
The problem is to find a tangent calculation with extremely high
precision, or, alternatively, to finetune the decrypted result in some
other way.

Description in mathematical terms:
http://groups.google.com/group/sci.m...a2fd0737ffb28/

Technical/logical description + decrypt function:
http://groups.google.com/group/comp....5c15d66d1f596/

Q.E.D. ?

--
Bart

Oct 23 '06 #8
In message <11**********************@e3g2000cwe.googlegroups. com>, Mon,
23 Oct 2006 00:18:27, Bart Van der Donck <ba**@nijlen.comwrites
>J R Stockton wrote:
>I doubt whether many people could break it. If the loop count is too
big, there may be too few possible results. But the formula will deter
most people from trying to deduce an input that gives a known output.

Decode "nokxozg2wira" !!

The problem is not the decryption itself. That part can be done (see
2nd URL below), though I seriously doubt it can be done in javascript.
The problem is to find a tangent calculation with extremely high
precision, or, alternatively, to finetune the decrypted result in some
other way.

Description in mathematical terms:
http://groups.google.com/group/sci.m...a2fd0737ffb28/

Technical/logical description + decrypt function:
http://groups.google.com/group/comp...._frm/thread/26
a5c15d66d1f596/

Q.E.D. ?
No.

The function you have been asking about elsewhere is not the function
that I gave - you have omitted the use of y = 2e50. Now I don't recall
exactly why I put it in; but I did so because it looked beneficial, on
test.

Someone there is right to say that arguments to Math.tan giving infinite
results should be avoided; it already avoids the near-linear region
where tan(arg) == 0, and it will be easy enough to ensure that the
argument is always in the "safe non-linear" region between about pi/8 &
3pi/8 (by incorporating 0.25+Q%1).

For secure work, use a well-understood one-way function, even if it is
long. For ordinary work, use something short and frightening.

--
(c) John Stockton, Surrey, UK. ?@merlyn.demon.co.uk Turnpike v6.05 IE 6
<URL:http://www.jibbering.com/faq/>? JL/RC: FAQ of news:comp.lang.javascript
<URL:http://www.merlyn.demon.co.uk/js-index.htmjscr maths, dates, sources.
<URL:http://www.merlyn.demon.co.uk/TP/BP/Delphi/jscr/&c, FAQ items, links.
Oct 23 '06 #9

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics
7
2785
I've deleted admin username and password, please help!
by: Candice | last post by:
Please somebody help! I've deleted my admin username and password which was initially set at test. Now I can't log into my website as the administrator. How do I put Username and Password back so...
PHP
5
12090
ASP page to authenticate username and password with active directory
by: Joeri KUMBRUCK | last post by:
Hello, I'm trying to create an ASP page where users can type in a username and password, and these credential should be checked with active directory. If username and password are correct, the...
ASP / Active Server Pages
1
4005
Bypass username/password dialog when accessing remote network
by: thoducng | last post by:
I am writing some code to access share folder on a remote network. DirectoryInfo dicInfo = new DirectoryInfo("remoteNetwork\shareFolder"); if (dicInfo.Exists) { //application code...
ASP.NET
15
9694
username and password validation
by: Eugene Anthony | last post by:
Is this method of validation for password and username considered to be secured. In my previous post I was given a solution that uses command object and the values are parsed by parameters. But the...
ASP / Active Server Pages
11
13942
check username and password in database
by: Kevin O'Brien | last post by:
Hello, I am creating a sign on screen for my application in which I want to store the username and password in a database table. I was thinking of putting a combo box connected to the database...
Visual Basic .NET
5
3759
Login, authentication: After entering username+psw nothing happens?
by: libra786 | last post by:
I have created a blog and have added a login box which prompts the user for login and id before posting- The username and password have been stored in the database, however when i enter the username...
PHP
0
8291
Incorrect syntax near '-'.Must declare the scalar variable "@UserName
by: roamnet | last post by:
hi i created database file with .mdf extention ,sql server as a source and use grid view to display data there're no problem in data retrieve and display,but i want to edit it or insert new...
ASP.NET
1
2452
connecting to a cifs or windows share on a nas device using a specificusername and password
by: Carl | last post by:
In ASP.Net, how can we connect to a nas that uses cifs for its file sharing protocol. Currently we should be able to provide the ip address or hostname of the nas, the sharename along with any...
ASP.NET
2
1441
question of whether authentication of password and username is good
by: poolboi | last post by:
hey guys i got the code below to authenticate users for database #!perl\bin\perl use strict; use warnings; use DBI();
Perl
7
61613
How can I check if username exists in database table.
by: Dhiru1009 | last post by:
Hi guys, I need help with validating the user to see if the username exists in database table or not. Here is my code. default.php <form name="form1" action="authenticate.php">
PHP
0
7213
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
7298
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
7366
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
7471
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General
0
4698
Couldn’t get equations in html when convert word .docx file to html file in C#.
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and...
C# / C Sharp
0
3187
Trying to create a lan-to-lan vpn between two differents networks
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The...
Networking - Hardware / Configuration
0
3176
Windows Forms - .Net 8.0
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
Visual Basic .NET
1
754
muto222
How to add payments to a PHP MySQL app.
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
PHP
0
406
bsmnconsultancy
Comprehensive Guide to Website Development in Toronto: Expert Insights from BSMN Consultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence...
General

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us