I'm trying to make a login system. All accounts on a Mybb forum system. I want the login to client using the mybb_users database. But passwords md5. And there is a colon by name: "salt". How can I encrypt the passwords on checking password? This is my codes(If email and password is true)
int count = 0;
while (myReader.Read())
{
count = count + 1;
}
if (count == 1) // IF Ok.
{
userLabel.Text = myReader[0].ToString();
loginSuccessTimer1.Enabled = true;
LoginFormSuccessBG loginSuccess = new LoginFormSuccessBG();
loginSuccess.Show();
}
As your passwords are stored in a MyBB-database they will follow this form:
md5(password + md5(salt))
In other words first get the md5 hash of the salt, then add that to the password and then create the md5 hash of that. The resulting string is what will be stored in the MyBB-database.
I believe you want to do something like this:
string salt = // get salt from db
string password = // get password from user
MD5 md5 = new MD5CryptoServiceProvider();
// Create md5 hash of salt
byte[] saltBytes = Encoding.Default.GetBytes(salt);
byte[] saltHashBytes = md5.ComputeHash(salt);
string saltHash = System.BitConverter.ToString(saltHashBytes);
// Create your md5(password + md5(salt)) hash
byte[] passwordBytes = Encoding.Default.GetBytes(password + saltHash);
byte[] passwordHashBytes = md5.ComputeHash(salt);
string passwordHash = System.BitConverter.ToString(passwordHashBytes);