468,735 Members | 2,189 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 468,735 developers. It's quick & easy.

Username and Password

I need a javascript that will accept the username "frederic" and the
password "ozanam" on my page "member,html" that will allow those who
input this data to access my page "member2.html".

I had a script that did this but when I updated the page on which it
resided I did not keep a copy of the javascript.

If you can help me with the script and email it to me at
rh******@silk.net I would be very grateful.

And of course this time I will - I promise - back up my code!!

Thanks, Reg

Oct 16 '06 #1
8 5898

rh******@silk.net wrote:
I need a javascript that will accept the username "frederic" and the
password "ozanam" on my page "member,html" that will allow those who
input this data to access my page "member2.html".

I had a script that did this but when I updated the page on which it
resided I did not keep a copy of the javascript.

If you can help me with the script and email it to me at
rh******@silk.net I would be very grateful.

And of course this time I will - I promise - back up my code!!

Thanks, Reg
This is really an insecure way to go. How secure do you actually need
this page to be? Because using javascript for this would make it
incredibly easy to hack...

Oct 16 '06 #2
Tom Cole wrote:
rh******@silk.net wrote:
I need a javascript that will accept the username "frederic" and the
password "ozanam" on my page "member,html" that will allow those who
input this data to access my page "member2.html". [...]

This is really an insecure way to go. How secure do you actually need
this page to be?
Contradictory to common belief, javascript passwords can be secure; it
all depends on the underlying algorithm. The OP's major problem is that
he can't safely crypt the redirect to member2.html, since that is
something the javascript itself needs to decrypt somehow.
A safe javascript password script:

-----------------------------------------------
CODE START
-----------------------------------------------

<html>

<head>
<title>Crypt</title>
<script language="javascript">

/************************************************** *************
* *
* JAVACRYPT: CLIENT-SIDE crypt(3) USING JAVASCRIPT *
* *
************************************************** *************
* *
* This Javascript allows you to calculate the encrypted *
* password generated by the UNIX function crypt(3) on your *
* computer without using an online script in PHP, PERL, *
* shell, or any other server-side script. The only changes *
* you need make in this are in function dP(), which is right *
* below the end of this comment. Refer to the directions *
* there for details. *
* *
* I wish I could take full credit for this script, but there *
* are several people who deserve most of the credit *
* *
* First and foremost, I thank John F. Dumas for writing *
* jcrypt.java, a Java-based implementation of crypt(3) and *
* from which this Javascript is heavily based (actually, I *
* just did a direct port from his code, using Sun's tutorial *
* and my knowledge of Javascript). I additionally thank *
* Eric Young for writing the C code off which Dumas based *
* his script. Finally, thanks goes to the original writers *
* of crypt(3), whoever they are. *
* *
* If you have questions, I suggest you ask John Dumas about *
* them, as I have no real idea what any of this code does. *
* Base the questions off his source code, as Javascript and *
* Java are (in basic operators) nearly identical. *
* *
* jcrypt.java source code can be found at: *
* http://locutus.kingwoodcable.com/jfd/crypt.html *
* *
************************************************** *************/

function dP(){
salt = (document.CRYPT.PW.value).substring(0,2);
pw_salt=this.crypt(salt,document.CRYPT.PW.value);

document.CRYPT.ENC_PW.value=pw_salt[0];
document.CRYPT.Salt.value=pw_salt[1];

if (pw_salt[0] == 'H4bBU6qFGRa6w'){
alert('good password') }
else {
alert('bad password') }
return false;
}

function bTU(b){
value=Math.floor(b);
return (value>=0?value:value+256);
}
function fBTI(b,offset){
value=this.byteToUnsigned(b[offset++]);
value|=(this.byteToUnsigned(b[offset++])<<8);
value|=(this.byteToUnsigned(b[offset++])<<16);
value|=(this.byteToUnsigned(b[offset++])<<24);
return value;
}
function iTFB(iValue,b,offset){
b[offset++]=((iValue)&0xff);
b[offset++]=((iValue>>>8)&0xff);
b[offset++]=((iValue>>>16)&0xff);
b[offset++]=((iValue>>>24)&0xff);
}
function P_P(a,b,n,m,results){
t=((a>>>n)^b)&m;
a^=t<<n;
b^=t;
results[0]=a;
results[1]=b;
}
function H_P(a,n,m){
t=((a<<(16-n))^a)&m;
a=a^t^(t>>>(16-n));
return a;
}
function d_s_k(key){
schedule=new Array(0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0);
c=this.fourBytesToInt(key,0);
d=this.fourBytesToInt(key,4);
results=new Array(0,0);
this.PERM_OP(d,c,4,0x0f0f0f0f,results);
d=results[0];c=results[1];
c=this.HPERM_OP(c,-2,0xcccc0000);
d=this.HPERM_OP(d,-2,0xcccc0000);
this.PERM_OP(d,c,1,0x55555555,results);
d=results[0];c=results[1];
this.PERM_OP(c,d,8,0x00ff00ff,results);
c=results[0];d=results[1];
this.PERM_OP(d,c,1,0x55555555,results);
d=results[0];c=results[1];
d=(((d&0x000000ff)<<16)|(d&0x0000ff00)|
((d&0x00ff0000)>>>16)|((c&0xf0000000)>>>4));
c&=0x0fffffff;
s=0;t=0;
j=0;
for(i=0;i<this.ITERATIONS;i++){
if(this.shifts2[i]){
c=(c>>>2)|(c<<26);
d=(d>>>2)|(d<<26);
}else{
c=(c>>>1)|(c<<27);
d=(d>>>1)|(d<<27);
}
c&=0x0fffffff;
d&=0x0fffffff;
s=this.skb[0][c&0x3f]|this.skb[1][((c>>>6)&0x03)|
((c>>>7)&0x3c)]|this.skb[2][((c>>>13)&0x0f)|((c>>>14)&0x30)]|
this.skb[3][((c>>>20)&0x01)|((c>>>21)&0x06)|((c>>>22)&0x38)];
t=this.skb[4][d&0x3f]|this.skb[5][((d>>>7)&0x03)|
((d>>>8)&0x3c)]|this.skb[6][(d>>>15)&0x3f]|
this.skb[7][((d>>>21)&0x0f)|((d>>>22)&0x30)];
schedule[j++]=((t<< 16)|(s&0x0000ffff))&0xffffffff;
s=((s>>>16)|(t&0xffff0000));
s=(s<<4)|(s>>>28);
schedule[j++]=s&0xffffffff;
}
return schedule;
}
function D_E(L,R,S,E0,E1,s){
v=R^(R>>>16);
u=v&E0;
v=v&E1;
u=(u^(u<<16))^R^s[S];
t=(v^(v<<16))^R^s[S+1];
t=(t>>>4)|(t<<28);
L^=this.SPtrans[1][t&0x3f]|this.SPtrans[3][(t>>>8)&0x3f]|
this.SPtrans[5][(t>>>16)&0x3f]|this.SPtrans[7][(t>>>24)&0x3f]|
this.SPtrans[0][u&0x3f]|this.SPtrans[2][(u>>>8)&0x3f]|
this.SPtrans[4][(u>>>16)&0x3f]|this.SPtrans[6][(u>>>24)&0x3f];
return L;
}
function bdy(schedule,Eswap0,Eswap1) {
left=0;
right=0;
t=0;
for(j=0;j<25;j++){
for(i=0;i<this.ITERATIONS*2;i+=4){
left=this.D_ENCRYPT(left, right,i,Eswap0,Eswap1,schedule);
right=this.D_ENCRYPT(right,left,i+2,Eswap0,Eswap1, schedule);
}
t=left;
left=right;
right=t;
}
t=right;
right=(left>>>1)|(left<<31);
left=(t>>>1)|(t<<31);
left&=0xffffffff;
right&=0xffffffff;
results=new Array(0,0);
this.PERM_OP(right,left,1,0x55555555,results);
right=results[0];left=results[1];
this.PERM_OP(left,right,8,0x00ff00ff,results);
left=results[0];right=results[1];
this.PERM_OP(right,left,2,0x33333333,results);
right=results[0];left=results[1];
this.PERM_OP(left,right,16,0x0000ffff,results);
left=results[0];right=results[1];
this.PERM_OP(right,left,4,0x0f0f0f0f,results);
right=results[0];left=results[1];
out=new Array(0,0);
out[0]=left;out[1]=right;
return out;
}
function rC(){return this.GOODCHARS[Math.floor(64*Math.random())]}
function cript(salt,original){
if(salt.length>=2) salt=salt.substring(0,2);
while(salt.length<2) salt+=this.randChar();
re=new RegExp("[^./a-zA-Z0-9]","g");
if(re.test(salt)) salt=this.randChar()+this.randChar();
charZero=salt.charAt(0)+'';
charOne=salt.charAt(1)+'';
ccZ=charZero.charCodeAt(0);
ccO=charOne.charCodeAt(0);
buffer=charZero+charOne+" ";
Eswap0=this.con_salt[ccZ];
Eswap1=this.con_salt[ccO]<<4;
key=new Array(0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0);
for(i=0;i<key.length&&i<original.length;i++){
iChar=original.charCodeAt(i);
key[i]=iChar<<1;
}
schedule=this.des_set_key(key);
out=this.body(schedule,Eswap0,Eswap1);
b=new Array(0,0,0,0,0,0,0,0,0);
this.intToFourBytes(out[0],b,0);
this.intToFourBytes(out[1],b,4);
b[8]=0;
for(i=2,y=0,u=0x80;i<13;i++){
for(j=0,c=0;j<6;j++){
c<<=1;
if((b[y]&u)!=0) c|=1;
u>>>=1;
if(u==0){
y++;
u=0x80;
}
buffer=buffer.substring(0,i)
+String.fromCharCode(this.cov_2char[c])
+buffer.substring(i+1,buffer.length);
}
}
ret=new Array(buffer,salt);
return ret;
}

function Crypt() {
this.ITERATIONS=16;
this.GOODCHARS=new Array(
".","/","0","1","2","3","4","5","6","7",
"8","9","A","B","C","D","E","F","G","H",
"I","J","K","L","M","N","O","P","Q","R",
"S","T","U","V","W","X","Y","Z","a","b",
"c","d","e","f","g","h","i","j","k","l",
"m","n","o","p","q","r","s","t","u","v",
"w","x","y","z");
this.con_salt=new Array(
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,
0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,
0x0A,0x0B,0x05,0x06,0x07,0x08,0x09,0x0A,
0x0B,0x0C,0x0D,0x0E,0x0F,0x10,0x11,0x12,
0x13,0x14,0x15,0x16,0x17,0x18,0x19,0x1A,
0x1B,0x1C,0x1D,0x1E,0x1F,0x20,0x21,0x22,
0x23,0x24,0x25,0x20,0x21,0x22,0x23,0x24,
0x25,0x26,0x27,0x28,0x29,0x2A,0x2B,0x2C,
0x2D,0x2E,0x2F,0x30,0x31,0x32,0x33,0x34,
0x35,0x36,0x37,0x38,0x39,0x3A,0x3B,0x3C,
0x3D,0x3E,0x3F,0x00,0x00,0x00,0x00,0x00 );
this.shifts2=new Array(
false,false,true,true,true,true,true,true,
false,true, true,true,true,true,true,false );
this.skb=new Array(0,0,0,0,0,0,0,0);
this.skb[0]=new Array(
0x00000000,0x00000010,0x20000000,0x20000010,
0x00010000,0x00010010,0x20010000,0x20010010,
0x00000800,0x00000810,0x20000800,0x20000810,
0x00010800,0x00010810,0x20010800,0x20010810,
0x00000020,0x00000030,0x20000020,0x20000030,
0x00010020,0x00010030,0x20010020,0x20010030,
0x00000820,0x00000830,0x20000820,0x20000830,
0x00010820,0x00010830,0x20010820,0x20010830,
0x00080000,0x00080010,0x20080000,0x20080010,
0x00090000,0x00090010,0x20090000,0x20090010,
0x00080800,0x00080810,0x20080800,0x20080810,
0x00090800,0x00090810,0x20090800,0x20090810,
0x00080020,0x00080030,0x20080020,0x20080030,
0x00090020,0x00090030,0x20090020,0x20090030,
0x00080820,0x00080830,0x20080820,0x20080830,
0x00090820,0x00090830,0x20090820,0x20090830 );
this.skb[1]=new Array(
0x00000000,0x02000000,0x00002000,0x02002000,
0x00200000,0x02200000,0x00202000,0x02202000,
0x00000004,0x02000004,0x00002004,0x02002004,
0x00200004,0x02200004,0x00202004,0x02202004,
0x00000400,0x02000400,0x00002400,0x02002400,
0x00200400,0x02200400,0x00202400,0x02202400,
0x00000404,0x02000404,0x00002404,0x02002404,
0x00200404,0x02200404,0x00202404,0x02202404,
0x10000000,0x12000000,0x10002000,0x12002000,
0x10200000,0x12200000,0x10202000,0x12202000,
0x10000004,0x12000004,0x10002004,0x12002004,
0x10200004,0x12200004,0x10202004,0x12202004,
0x10000400,0x12000400,0x10002400,0x12002400,
0x10200400,0x12200400,0x10202400,0x12202400,
0x10000404,0x12000404,0x10002404,0x12002404,
0x10200404,0x12200404,0x10202404,0x12202404 );
this.skb[2]=new Array(
0x00000000,0x00000001,0x00040000,0x00040001,
0x01000000,0x01000001,0x01040000,0x01040001,
0x00000002,0x00000003,0x00040002,0x00040003,
0x01000002,0x01000003,0x01040002,0x01040003,
0x00000200,0x00000201,0x00040200,0x00040201,
0x01000200,0x01000201,0x01040200,0x01040201,
0x00000202,0x00000203,0x00040202,0x00040203,
0x01000202,0x01000203,0x01040202,0x01040203,
0x08000000,0x08000001,0x08040000,0x08040001,
0x09000000,0x09000001,0x09040000,0x09040001,
0x08000002,0x08000003,0x08040002,0x08040003,
0x09000002,0x09000003,0x09040002,0x09040003,
0x08000200,0x08000201,0x08040200,0x08040201,
0x09000200,0x09000201,0x09040200,0x09040201,
0x08000202,0x08000203,0x08040202,0x08040203,
0x09000202,0x09000203,0x09040202,0x09040203 );
this.skb[3]=new Array(
0x00000000,0x00100000,0x00000100,0x00100100,
0x00000008,0x00100008,0x00000108,0x00100108,
0x00001000,0x00101000,0x00001100,0x00101100,
0x00001008,0x00101008,0x00001108,0x00101108,
0x04000000,0x04100000,0x04000100,0x04100100,
0x04000008,0x04100008,0x04000108,0x04100108,
0x04001000,0x04101000,0x04001100,0x04101100,
0x04001008,0x04101008,0x04001108,0x04101108,
0x00020000,0x00120000,0x00020100,0x00120100,
0x00020008,0x00120008,0x00020108,0x00120108,
0x00021000,0x00121000,0x00021100,0x00121100,
0x00021008,0x00121008,0x00021108,0x00121108,
0x04020000,0x04120000,0x04020100,0x04120100,
0x04020008,0x04120008,0x04020108,0x04120108,
0x04021000,0x04121000,0x04021100,0x04121100,
0x04021008,0x04121008,0x04021108,0x04121108 );
this.skb[4]=new Array(
0x00000000,0x10000000,0x00010000,0x10010000,
0x00000004,0x10000004,0x00010004,0x10010004,
0x20000000,0x30000000,0x20010000,0x30010000,
0x20000004,0x30000004,0x20010004,0x30010004,
0x00100000,0x10100000,0x00110000,0x10110000,
0x00100004,0x10100004,0x00110004,0x10110004,
0x20100000,0x30100000,0x20110000,0x30110000,
0x20100004,0x30100004,0x20110004,0x30110004,
0x00001000,0x10001000,0x00011000,0x10011000,
0x00001004,0x10001004,0x00011004,0x10011004,
0x20001000,0x30001000,0x20011000,0x30011000,
0x20001004,0x30001004,0x20011004,0x30011004,
0x00101000,0x10101000,0x00111000,0x10111000,
0x00101004,0x10101004,0x00111004,0x10111004,
0x20101000,0x30101000,0x20111000,0x30111000,
0x20101004,0x30101004,0x20111004,0x30111004 );
this.skb[5]=new Array(
0x00000000,0x08000000,0x00000008,0x08000008,
0x00000400,0x08000400,0x00000408,0x08000408,
0x00020000,0x08020000,0x00020008,0x08020008,
0x00020400,0x08020400,0x00020408,0x08020408,
0x00000001,0x08000001,0x00000009,0x08000009,
0x00000401,0x08000401,0x00000409,0x08000409,
0x00020001,0x08020001,0x00020009,0x08020009,
0x00020401,0x08020401,0x00020409,0x08020409,
0x02000000,0x0A000000,0x02000008,0x0A000008,
0x02000400,0x0A000400,0x02000408,0x0A000408,
0x02020000,0x0A020000,0x02020008,0x0A020008,
0x02020400,0x0A020400,0x02020408,0x0A020408,
0x02000001,0x0A000001,0x02000009,0x0A000009,
0x02000401,0x0A000401,0x02000409,0x0A000409,
0x02020001,0x0A020001,0x02020009,0x0A020009,
0x02020401,0x0A020401,0x02020409,0x0A020409 );
this.skb[6]=new Array(
0x00000000,0x00000100,0x00080000,0x00080100,
0x01000000,0x01000100,0x01080000,0x01080100,
0x00000010,0x00000110,0x00080010,0x00080110,
0x01000010,0x01000110,0x01080010,0x01080110,
0x00200000,0x00200100,0x00280000,0x00280100,
0x01200000,0x01200100,0x01280000,0x01280100,
0x00200010,0x00200110,0x00280010,0x00280110,
0x01200010,0x01200110,0x01280010,0x01280110,
0x00000200,0x00000300,0x00080200,0x00080300,
0x01000200,0x01000300,0x01080200,0x01080300,
0x00000210,0x00000310,0x00080210,0x00080310,
0x01000210,0x01000310,0x01080210,0x01080310,
0x00200200,0x00200300,0x00280200,0x00280300,
0x01200200,0x01200300,0x01280200,0x01280300,
0x00200210,0x00200310,0x00280210,0x00280310,
0x01200210,0x01200310,0x01280210,0x01280310 );
this.skb[7]=new Array(
0x00000000,0x04000000,0x00040000,0x04040000,
0x00000002,0x04000002,0x00040002,0x04040002,
0x00002000,0x04002000,0x00042000,0x04042000,
0x00002002,0x04002002,0x00042002,0x04042002,
0x00000020,0x04000020,0x00040020,0x04040020,
0x00000022,0x04000022,0x00040022,0x04040022,
0x00002020,0x04002020,0x00042020,0x04042020,
0x00002022,0x04002022,0x00042022,0x04042022,
0x00000800,0x04000800,0x00040800,0x04040800,
0x00000802,0x04000802,0x00040802,0x04040802,
0x00002800,0x04002800,0x00042800,0x04042800,
0x00002802,0x04002802,0x00042802,0x04042802,
0x00000820,0x04000820,0x00040820,0x04040820,
0x00000822,0x04000822,0x00040822,0x04040822,
0x00002820,0x04002820,0x00042820,0x04042820,
0x00002822,0x04002822,0x00042822,0x04042822 );
this.SPtrans=new Array(0,0,0,0,0,0,0,0);
this.SPtrans[0]=new Array(
0x00820200,0x00020000,0x80800000,0x80820200,
0x00800000,0x80020200,0x80020000,0x80800000,
0x80020200,0x00820200,0x00820000,0x80000200,
0x80800200,0x00800000,0x00000000,0x80020000,
0x00020000,0x80000000,0x00800200,0x00020200,
0x80820200,0x00820000,0x80000200,0x00800200,
0x80000000,0x00000200,0x00020200,0x80820000,
0x00000200,0x80800200,0x80820000,0x00000000,
0x00000000,0x80820200,0x00800200,0x80020000,
0x00820200,0x00020000,0x80000200,0x00800200,
0x80820000,0x00000200,0x00020200,0x80800000,
0x80020200,0x80000000,0x80800000,0x00820000,
0x80820200,0x00020200,0x00820000,0x80800200,
0x00800000,0x80000200,0x80020000,0x00000000,
0x00020000,0x00800000,0x80800200,0x00820200,
0x80000000,0x80820000,0x00000200,0x80020200 );
this.SPtrans[1]=new Array(
0x10042004,0x00000000,0x00042000,0x10040000,
0x10000004,0x00002004,0x10002000,0x00042000,
0x00002000,0x10040004,0x00000004,0x10002000,
0x00040004,0x10042000,0x10040000,0x00000004,
0x00040000,0x10002004,0x10040004,0x00002000,
0x00042004,0x10000000,0x00000000,0x00040004,
0x10002004,0x00042004,0x10042000,0x10000004,
0x10000000,0x00040000,0x00002004,0x10042004,
0x00040004,0x10042000,0x10002000,0x00042004,
0x10042004,0x00040004,0x10000004,0x00000000,
0x10000000,0x00002004,0x00040000,0x10040004,
0x00002000,0x10000000,0x00042004,0x10002004,
0x10042000,0x00002000,0x00000000,0x10000004,
0x00000004,0x10042004,0x00042000,0x10040000,
0x10040004,0x00040000,0x00002004,0x10002000,
0x10002004,0x00000004,0x10040000,0x00042000 );
this.SPtrans[2]=new Array(
0x41000000,0x01010040,0x00000040,0x41000040,
0x40010000,0x01000000,0x41000040,0x00010040,
0x01000040,0x00010000,0x01010000,0x40000000,
0x41010040,0x40000040,0x40000000,0x41010000,
0x00000000,0x40010000,0x01010040,0x00000040,
0x40000040,0x41010040,0x00010000,0x41000000,
0x41010000,0x01000040,0x40010040,0x01010000,
0x00010040,0x00000000,0x01000000,0x40010040,
0x01010040,0x00000040,0x40000000,0x00010000,
0x40000040,0x40010000,0x01010000,0x41000040,
0x00000000,0x01010040,0x00010040,0x41010000,
0x40010000,0x01000000,0x41010040,0x40000000,
0x40010040,0x41000000,0x01000000,0x41010040,
0x00010000,0x01000040,0x41000040,0x00010040,
0x01000040,0x00000000,0x41010000,0x40000040,
0x41000000,0x40010040,0x00000040,0x01010000 );
this.SPtrans[3]=new Array(
0x00100402,0x04000400,0x00000002,0x04100402,
0x00000000,0x04100000,0x04000402,0x00100002,
0x04100400,0x04000002,0x04000000,0x00000402,
0x04000002,0x00100402,0x00100000,0x04000000,
0x04100002,0x00100400,0x00000400,0x00000002,
0x00100400,0x04000402,0x04100000,0x00000400,
0x00000402,0x00000000,0x00100002,0x04100400,
0x04000400,0x04100002,0x04100402,0x00100000,
0x04100002,0x00000402,0x00100000,0x04000002,
0x00100400,0x04000400,0x00000002,0x04100000,
0x04000402,0x00000000,0x00000400,0x00100002,
0x00000000,0x04100002,0x04100400,0x00000400,
0x04000000,0x04100402,0x00100402,0x00100000,
0x04100402,0x00000002,0x04000400,0x00100402,
0x00100002,0x00100400,0x04100000,0x04000402,
0x00000402,0x04000000,0x04000002,0x04100400 );
this.SPtrans[4]=new Array(
0x02000000,0x00004000,0x00000100,0x02004108,
0x02004008,0x02000100,0x00004108,0x02004000,
0x00004000,0x00000008,0x02000008,0x00004100,
0x02000108,0x02004008,0x02004100,0x00000000,
0x00004100,0x02000000,0x00004008,0x00000108,
0x02000100,0x00004108,0x00000000,0x02000008,
0x00000008,0x02000108,0x02004108,0x00004008,
0x02004000,0x00000100,0x00000108,0x02004100,
0x02004100,0x02000108,0x00004008,0x02004000,
0x00004000,0x00000008,0x02000008,0x02000100,
0x02000000,0x00004100,0x02004108,0x00000000,
0x00004108,0x02000000,0x00000100,0x00004008,
0x02000108,0x00000100,0x00000000,0x02004108,
0x02004008,0x02004100,0x00000108,0x00004000,
0x00004100,0x02004008,0x02000100,0x00000108,
0x00000008,0x00004108,0x02004000,0x02000008 );

this.SPtrans[5]=new Array(
0x20000010,0x00080010,0x00000000,0x20080800,
0x00080010,0x00000800,0x20000810,0x00080000,
0x00000810,0x20080810,0x00080800,0x20000000,
0x20000800,0x20000010,0x20080000,0x00080810,
0x00080000,0x20000810,0x20080010,0x00000000,
0x00000800,0x00000010,0x20080800,0x20080010,
0x20080810,0x20080000,0x20000000,0x00000810,
0x00000010,0x00080800,0x00080810,0x20000800,
0x00000810,0x20000000,0x20000800,0x00080810,
0x20080800,0x00080010,0x00000000,0x20000800,
0x20000000,0x00000800,0x20080010,0x00080000,
0x00080010,0x20080810,0x00080800,0x00000010,
0x20080810,0x00080800,0x00080000,0x20000810,
0x20000010,0x20080000,0x00080810,0x00000000,
0x00000800,0x20000010,0x20000810,0x20080800,
0x20080000,0x00000810,0x00000010,0x20080010 );
this.SPtrans[6]=new Array(
0x00001000,0x00000080,0x00400080,0x00400001,
0x00401081,0x00001001,0x00001080,0x00000000,
0x00400000,0x00400081,0x00000081,0x00401000,
0x00000001,0x00401080,0x00401000,0x00000081,
0x00400081,0x00001000,0x00001001,0x00401081,
0x00000000,0x00400080,0x00400001,0x00001080,
0x00401001,0x00001081,0x00401080,0x00000001,
0x00001081,0x00401001,0x00000080,0x00400000,
0x00001081,0x00401000,0x00401001,0x00000081,
0x00001000,0x00000080,0x00400000,0x00401001,
0x00400081,0x00001081,0x00001080,0x00000000,
0x00000080,0x00400001,0x00000001,0x00400080,
0x00000000,0x00400081,0x00400080,0x00001080,
0x00000081,0x00001000,0x00401081,0x00400000,
0x00401080,0x00000001,0x00001001,0x00401081,
0x00400001,0x00401080,0x00401000,0x00001001 );
this.SPtrans[7]=new Array(
0x08200020,0x08208000,0x00008020,0x00000000,
0x08008000,0x00200020,0x08200000,0x08208020,
0x00000020,0x08000000,0x00208000,0x00008020,
0x00208020,0x08008020,0x08000020,0x08200000,
0x00008000,0x00208020,0x00200020,0x08008000,
0x08208020,0x08000020,0x00000000,0x00208000,
0x08000000,0x00200000,0x08008020,0x08200020,
0x00200000,0x00008000,0x08208000,0x00000020,
0x00200000,0x00008000,0x08000020,0x08208020,
0x00008020,0x08000000,0x00000000,0x00208000,
0x08200020,0x08008020,0x08008000,0x00200020,
0x08208000,0x00000020,0x00200020,0x08008000,
0x08208020,0x00200000,0x08200000,0x08000020,
0x00208000,0x00008020,0x08008020,0x08200000,
0x00000020,0x08208000,0x00208020,0x00000000,
0x08000000,0x08200020,0x00008000,0x00208020 );
this.cov_2char=new Array(
0x2E,0x2F,0x30,0x31,0x32,0x33,0x34,0x35,
0x36,0x37,0x38,0x39,0x41,0x42,0x43,0x44,
0x45,0x46,0x47,0x48,0x49,0x4A,0x4B,0x4C,
0x4D,0x4E,0x4F,0x50,0x51,0x52,0x53,0x54,
0x55,0x56,0x57,0x58,0x59,0x5A,0x61,0x62,
0x63,0x64,0x65,0x66,0x67,0x68,0x69,0x6A,
0x6B,0x6C,0x6D,0x6E,0x6F,0x70,0x71,0x72,
0x73,0x74,0x75,0x76,0x77,0x78,0x79,0x7A );
this.byteToUnsigned=bTU;
this.fourBytesToInt=fBTI;
this.intToFourBytes=iTFB;
this.PERM_OP=P_P;
this.HPERM_OP=H_P;
this.des_set_key=d_s_k;
this.D_ENCRYPT=D_E;
this.body=bdy;
this.randChar=rC;
this.crypt=cript;
this.displayPassword=dP;
}
Javacrypt=new Crypt();
</script>
</head>

<body>

<form name="CRYPT" onSubmit="return false();">
<input type="hidden" name="ENC_PW">
<input type="hidden" name="Salt">
<input type="text" name="PW" maxlength="8">
<input type="button" value="Check"
onClick="Javacrypt.displayPassword()">
</form>

</body>
</html>

-----------------------------------------------
CODE END
-----------------------------------------------
Because using javascript for this would make it incredibly easy to hack...
Feel free to hack the code above then :-) The password is 'H4LMh2Zs'.

--
Bart

Oct 16 '06 #3
Bart Van der Donck wrote:
Tom Cole wrote:
rh******@silk.net wrote:
I need a javascript that will accept the username "frederic" and the
password "ozanam" on my page "member,html" that will allow those who
input this data to access my page "member2.html". [...]
This is really an insecure way to go. How secure do you actually need
this page to be?

Contradictory to common belief, javascript passwords can be secure; it
all depends on the underlying algorithm. The OP's major problem is that
he can't safely crypt the redirect to member2.html, since that is
something the javascript itself needs to decrypt somehow.
Unless when the redirect would be based on that plaintext password.
E.g. if the password were gHj4NbLu, then redirect to gHj4NbLu.html
after the authentication succeeded. Make sure to turn off directory
browsing.

--
Bart

Oct 16 '06 #4
In message <11**********************@e3g2000cwe.googlegroups. com>, Mon,
16 Oct 2006 08:32:19, Bart Van der Donck <ba**@nijlen.comwrites
>Contradictory to common belief, javascript passwords can be secure; it
all depends on the underlying algorithm. The OP's major problem is that
he can't safely crypt the redirect to member2.html, since that is
something the javascript itself needs to decrypt somehow.
A safe javascript password script:
><script language="javascript">
Deprecated. <script type="text/javascript">
>
/************************************************** *************
* *
* JAVACRYPT: CLIENT-SIDE crypt(3) USING JAVASCRIPT *
* *
************************************************** *************
* *
* This Javascript allows you to calculate the encrypted *
* password generated by the UNIX function crypt(3) on your *
* computer without using an online script in PHP, PERL, *
* shell, or any other server-side script. The only changes *
* you need make in this are in function dP(), which is right *
* below the end of this comment. Refer to the directions *
* there for details. *
* *
* I wish I could take full credit for this script, but there *
Undefined variable "I" - value is clear in News, but not in the code
itself! I'd put personal name, with E-mail or WWW link, and ISO date.

* jcrypt.java source code can be found at: *
* http://locutus.kingwoodcable.com/jfd/crypt.html *
Will you have a URL for the javascript code?

I have a cruder - but much shorter - one-way function demonstrated at
<URL:http://www.merlyn.demon.co.uk/js-other.htm#Pwdg>. It may not be
crypto-secure; but I think it's not easily reversible.

function OneWay(S) { var j, x, y = 2e50
x = '0.'+parseInt(S.value, 36)
with (Math) { for (j=0;j<10;j++) x = tan(1+x+x*y%1)%1 }
return ((x+1)/2).toString(36).substring(2) }
--
John Stockton, Surrey, UK. ?@merlyn.demon.co.uk Turnpike v6.05 IE 6
<URL:http://www.jibbering.com/faq/>? JL/RC: FAQ of news:comp.lang.javascript
<URL:http://www.merlyn.demon.co.uk/js-index.htmjscr maths, dates, sources.
<URL:http://www.merlyn.demon.co.uk/TP/BP/Delphi/jscr/&c, FAQ items, links.
Oct 20 '06 #5
J R Stockton wrote:
In message <11**********************@e3g2000cwe.googlegroups. com>, Mon,
16 Oct 2006 08:32:19, Bart Van der Donck <ba**@nijlen.comwrites
/************************************************** *************
* *
* JAVACRYPT: CLIENT-SIDE crypt(3) USING JAVASCRIPT *
* *
************************************************** *************
* *
* This Javascript allows you to calculate the encrypted *
* password generated by the UNIX function crypt(3) on your *
* computer without using an online script in PHP, PERL, *
* shell, or any other server-side script. The only changes *
* you need make in this are in function dP(), which is right *
* below the end of this comment. Refer to the directions *
* there for details. *
* *
* I wish I could take full credit for this script, but there *

Undefined variable "I" - value is clear in News, but not in the code
itself! I'd put personal name, with E-mail or WWW link, and ISO date.
Oh, it is certainly not my code. I just pasted the full code as it was.
Google reveals that the js porter is Jeff Walden:
http://whereswalden.com/tech/internet/javacrypt/
http://javascript.internet.com/passw...ncryption.html
http://whereswalden.com/files/misc/js/javacrypt.js (orig.)

Hack it and win the Nobel-prize :-)
http://www.google.com/search?q=CRYPT(3)
I have a cruder - but much shorter - one-way function demonstrated at
<URL:http://www.merlyn.demon.co.uk/js-other.htm#Pwdg>. It may not be
crypto-secure; but I think it's not easily reversible.

function OneWay(S) { var j, x, y = 2e50
x = '0.'+parseInt(S.value, 36)
with (Math) { for (j=0;j<10;j++) x = tan(1+x+x*y%1)%1 }
return ((x+1)/2).toString(36).substring(2) }
It must be +10 years ago that I last worked with goniometric functions,
but it really smells like this algorithm should be breakable.

A more readable/analyzed version of your encryption:

ORIGINAL | REVERSE
------------------------------- | -------------
|
x = '0.'+parseInt(S.value, 36) | (*)
|
for (j=0; j<10; j++) |
{ |
x = 1 + x | obvious
x = Math.tan(x) | x = Math.atan(x)
x=x%1 | (**)
} |
|
x = x + 1 | obvious
x = x / 2 | obvious
x = x.toString(36); | (*)
x = x.substring(2); | add '0.' in beginning
|
return x |

(*) alert(parseInt('fgthejdi',36))
alert((1212073729686).toString(36))

(**) modulus arithmetic operator %1 makes the variable
start with '0.' e.g. 16.454 becomes 0.454, 13.271
becomes 0.271, 88.250234 becomes 0.250234, etc.

--
Bart

Oct 21 '06 #6
In message <11*********************@f16g2000cwb.googlegroups. com>, Sat,
21 Oct 2006 02:01:22, Bart Van der Donck <ba**@nijlen.comwrites
>J R Stockton wrote:
>I have a cruder - but much shorter - one-way function demonstrated at
<URL:http://www.merlyn.demon.co.uk/js-other.htm#Pwdg>. It may not be
crypto-secure; but I think it's not easily reversible.

function OneWay(S) { var j, x, y = 2e50
x = '0.'+parseInt(S.value, 36)
with (Math) { for (j=0;j<10;j++) x = tan(1+x+x*y%1)%1 }
return ((x+1)/2).toString(36).substring(2) }

It must be +10 years ago that I last worked with goniometric functions,
but it really smells like this algorithm should be breakable.
I doubt whether many people could break it. If the loop count is too
big, there may be too few possible results. But the formula will deter
most people from trying to deduce an input that gives a known output.

Decode "nokxozg2wira" !!

--
John Stockton, Surrey, UK. ?@merlyn.demon.co.uk Turnpike v6.05 IE 6
<URL:http://www.jibbering.com/faq/>? JL/RC: FAQ of news:comp.lang.javascript
<URL:http://www.merlyn.demon.co.uk/js-index.htmjscr maths, dates, sources.
<URL:http://www.merlyn.demon.co.uk/TP/BP/Delphi/jscr/&c, FAQ items, links.
Oct 21 '06 #7
J R Stockton wrote:
In message <11*********************@f16g2000cwb.googlegroups. com>, Sat,
21 Oct 2006 02:01:22, Bart Van der Donck <ba**@nijlen.comwrites
It must be +10 years ago that I last worked with goniometric functions,
but it really smells like this algorithm should be breakable.

I doubt whether many people could break it. If the loop count is too
big, there may be too few possible results. But the formula will deter
most people from trying to deduce an input that gives a known output.

Decode "nokxozg2wira" !!
The problem is not the decryption itself. That part can be done (see
2nd URL below), though I seriously doubt it can be done in javascript.
The problem is to find a tangent calculation with extremely high
precision, or, alternatively, to finetune the decrypted result in some
other way.

Description in mathematical terms:
http://groups.google.com/group/sci.m...a2fd0737ffb28/

Technical/logical description + decrypt function:
http://groups.google.com/group/comp....5c15d66d1f596/

Q.E.D. ?

--
Bart

Oct 23 '06 #8
In message <11**********************@e3g2000cwe.googlegroups. com>, Mon,
23 Oct 2006 00:18:27, Bart Van der Donck <ba**@nijlen.comwrites
>J R Stockton wrote:
>I doubt whether many people could break it. If the loop count is too
big, there may be too few possible results. But the formula will deter
most people from trying to deduce an input that gives a known output.

Decode "nokxozg2wira" !!

The problem is not the decryption itself. That part can be done (see
2nd URL below), though I seriously doubt it can be done in javascript.
The problem is to find a tangent calculation with extremely high
precision, or, alternatively, to finetune the decrypted result in some
other way.

Description in mathematical terms:
http://groups.google.com/group/sci.m...a2fd0737ffb28/

Technical/logical description + decrypt function:
http://groups.google.com/group/comp...._frm/thread/26
a5c15d66d1f596/

Q.E.D. ?
No.

The function you have been asking about elsewhere is not the function
that I gave - you have omitted the use of y = 2e50. Now I don't recall
exactly why I put it in; but I did so because it looked beneficial, on
test.

Someone there is right to say that arguments to Math.tan giving infinite
results should be avoided; it already avoids the near-linear region
where tan(arg) == 0, and it will be easy enough to ensure that the
argument is always in the "safe non-linear" region between about pi/8 &
3pi/8 (by incorporating 0.25+Q%1).

For secure work, use a well-understood one-way function, even if it is
long. For ordinary work, use something short and frightening.

--
(c) John Stockton, Surrey, UK. ?@merlyn.demon.co.uk Turnpike v6.05 IE 6
<URL:http://www.jibbering.com/faq/>? JL/RC: FAQ of news:comp.lang.javascript
<URL:http://www.merlyn.demon.co.uk/js-index.htmjscr maths, dates, sources.
<URL:http://www.merlyn.demon.co.uk/TP/BP/Delphi/jscr/&c, FAQ items, links.
Oct 23 '06 #9

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

15 posts views Thread by Eugene Anthony | last post: by
11 posts views Thread by Kevin O'Brien | last post: by
xarzu
2 posts views Thread by xarzu | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.