Leaderboard
Popular Content
Showing content with the highest reputation on 05/11/11 in all areas
-
Spre deosebire de multe sms bombere acesta nu numai ca functioneaza pe orice retea din Romania ci si international permitand bombardarea cu sms-uri numerelor din sute de tari! Serverul necesita curl instalat si activ! Serverul trebuie sa permita scrierea unui cookie de catre curl si citirea acestuia ulterior din locatia "sys_get_temp_dir()" (de obicei aceasta este "/tmp"). Dupa trimiterea fiecarui sms verifica si afiseaza raspunsul serverului cu privire la statusul trimiterii! Prefixul de tara este ales prin selectarea tarii dintr-o lista, iar numarul este validat conform standardelor pentru a nu incarca inutil serverul in cazul introducerii unui numar gresit. Print-Screen: Download: Descarcare mirror -> FileBox Descarcare mirror -> Multiupload Modificari: Am adaugat .htaccess si am setat in 2 moduri max_execution_time nelimitat, pentru a preveni intreruperea inainte de a termina de trimis sms-uri. Implementarea unei functii pentru a impiedica time-out-ul browserului. Demo: http://www.pr00f.eu/sms/ multumesc pr00f pentru hostingul demou-lui! PS: pentru cei carora nu le merge primind mesajul: "Invalid token. Please try again." , este de la faptul ca cURL nu poate sa salveze cookie intr-un fisier in temp, de ce? ESTE PROST CONFIGURAT SERVERUL! (tokenul citit de curl nu este cel alocat session id-ului, iar id-ul este retinut intr-un cookie) PS2: Daca la accesare primiti un mesaj "500 internal server error" stergeti continutul .htaccess si lasati doar: php_value max_execution_time 0 php_value max_input_time 6000 Daca problema persista, renuntati la .htaccess, cel mai probabil serverul refuza rescrierea max_execution_time la valuarea 0 (nelimitat). Rezultatul, dupa un anumit timp de trimis sms-uri se va opri, totusi se vor putea trimite seturi de cateva zeci de sms. PS3: Scriptul inca functioneaza, cei prin care se trimit sms-urile au banat doar ip-ul serverului pe care este gazduita pagina demo ( pr00f.eu )!!! Daca hostati scriptul pe un alt server va merge!!!1 point
-
WebCam-uri ce transmit Live - Bucuresti Download: http://fileshareupload.hi2.ro/Team/WebCam_Live_Bucuresti.rar1 point
-
Who Should Read This Book If you’re a system administrator in a Linux environment, you’ll benefit greatly by knowing how to write shell scripts. The book doesn’t walk through setting up a Linux system, but once you have it running, you’ll want to start automating some of the routine administrative tasks. That’s where shell scripting comes in, and that’s where this book will help you out. This book will demonstrate how to automate any administrative task using shell scripts, from monitoring system statistics and data files to generating reports for your boss. Download Bible_-_Linux_Command_Line_and_Shell_Scripting.pdf for free on Filesonic.com1 point
-
si de pe localhost merge , multumim frumos baieti:* ps: exista limita maxima pentru numarul de sms-uri trimise? daca da care este?1 point
-
SQL Power injector Introduction SQL Power Injector is an application created in .Net 1.1 that helps the penetration tester to find and exploit SQL injections on a web page. For now it is SQL Server, Oracle, MySQL, Sybase/Adaptive Server and DB2 compliant, but it is possible to use it with any existing DBMS when using the inline injection (Normal mode). Indeed, the normal mode is basically the SQL command that someone will put in the parameter sent to the server. If the aspect of inline SQL injection is powerful in itself, its main strength dwells in the multithreaded automation of the injection. Not only there is a possibility to automate tedious and time consuming queries but you can also modify the query to get only what you want. It is obviously more useful in the blind SQL injection since the other ways to exploit the SQL injection vulnerability is more effusive and much faster when the results are displayed on the web page (union select in a HTML table and generated 500 error for instance). The automation can be realized in two ways: comparing the expected result or by time delay. The first way is generally compared against an error or difference between positive condition with a negative one and the second way will turn out positive if the time delay sent to the server equals to the one parameterized in the application. The main effort done on this application was to make it as painless as possible to find and exploit a SQL injection vulnerability without using any browser. That is why you will notice that there is an integrated browser that will display the results of the injection parameterized in a way that any related standards SQL error will be displayed without the rest of the page. Of course, like many other features of this application, there are ways to parameterize the response of the server to make it as talkative to you as possible. Another important part of this application is its power to get all the parameters from the web page you need to test the SQL injection, either by GET or POST method. Like this someone won't need to use several applications or a proxy to intercept the data, all is automated! Not only that, but now there is a Firefox plugin that will launch SQL Power Injector with all the information of the current webpage with its session context (parameters and cookies). I worked hard on the application usability but I am aware that at first use it's not too obvious. I'm pretty confident that once the few things you need to comprehend are understood it will be quite easy to use afterwards. In order to help a beginner to understand its basic features I created a tutorial that not only will help him out but can also be educative for some advanced SQL injection techniques. Moreover, You will find some great tricks in the FAQ as well and now with the version 1.2 a help file (chm) containing a list of the most useful information for SQL injection. Also, I designed this application the way I was making my own pen testing and how I was using SQL injection. It has been tested successfully many times on real life web sites (legally of course) and as soon as I see something missing I'm adding it. Now of course that it's officially available to the security community I will have to have more rigors and wait to add them in a new version of the software. This process has already started and many more features will come with time. Finally, this application will be free of charge and hopefully be used to help in security assessments made by security professionals or to further the knowledge of the techniques used. Obviously I will not be held responsible of any misuses or damage caused by this application. What It's Not This application if powerful won't find SQL injection vulnerabilities for you nor will find the right syntax if one found. Its main strength is to provide a way to find them more easily and once they are found to automate it in a way that you won't need to make every single injection if the only way to inject is using the blind technique. Moreover, I didn't intent to make it to be a database pumping application. There are plenty good applications for that purpose. In any cases many pumped data are not relevant and since it takes time to pump it can be a real waste of time. It's better to refine and get what you really want. Lastly, if I added the feature (mini-browser) to have the results in an HTML format it doesn't mean that it has all the features of a professional browser. Internet Explorer and Mozilla, to mention a few, are real complex software that it would be nearly impossible to implement all their features in my application. That's why that you won't be able to use it as a conventional browser even though it has the same look and feel. Features Supported on Windows, Unix and Linux operating systems SQL Server, Oracle, MySQL, Sybase/Adaptive Server and DB2 compliant SSL support Load automatically the parameters from a form or a IFrame on a web page (GET or POST) Detect and browse the framesets Option that auto detects the language of the web site Detect and add cookies used during the Load Page process (Set-Cookie detection) Find automatically the submit page(s) with its method (GET or POST) displayed in a different color Can create/modify/delete loaded string and cookies parameters directly in the Datagrids Single SQL injection Blind SQL injection Comparison of true and false response of the page or results in the cookie Time delay Response of the SQL injection in a customized browser Can view the HTML code source of the returned page in HTML contextual colors and search in it Fine tuning parameters and cookies injection Can parameterize the size of the length and count of the expected result to optimize the time taken by the application to execute the SQL injection Create/edit ASCII characters preset in order to optimize the blind SQL injection number of requests/speed Multithreading (configurable up to 50) Option to replace space by empty comments /**/ against IDS or filter detection Automatically encode special characters before sending them Automatically detect predefined SQL errors in the response page Automatically detect a predefined word or sentence in the response page Real time result Save and load sessions in a XML file Feature that automatically finds the differences between the response page of a positive answer with a negative one Can create a range list that will replace the variable (<<@>>) inside a blind SQL injection string and automatically play them for you Automatic replaying a variable range with a predefined list from a text file Firefox plugin that will launch SQL Power Injector with all the information of the current webpage with its session context (parameters and cookies) Two integrated tools: Hex and Char encoder and MS SQL @options interpreter Can edit the Referer Can choose a User-Agent (or even create one in the User-Agent XML file) Can configure the application with the settings window Support configurable proxies Differences with Other Tools To be honest, I didn't study all the other tools features in all their details. The only thing I can say is that if they are great they always lack something important that I need when I'm doing SQL injection. Some application will find the SQL injection for you that sometimes will result in false positive. And others will generically pump the data of the database. Some of those applications got smarter and you can check for what you need when the list of databases has been pumped. Or ask a specific hard coded data, such as the current DB user. But none of them have the ability to specifically choose what you want as far as I know. That ability comes with a cost of course, you need to know some SQL syntax, but I can assure that once someone understands how it works, not much syntax is required. Also, I cannot recall to have seen any application using the time delay feature inserted in the application. Many SQL injection vulnerabilities are impossible to exploit unless you use that technique. A technique that could be really tedious and time consuming, that often results by giving up after long hours of copy pasting the command in the browser when done manually. I don't remember as well to have seen any multithread feature that can be most definitely a really important time saver. Nor the ASCII characters preset feature that can save up to 25% the blind SQL injection. (Please look at the statistics section for some figures) I apologize in advance to those who have made their own application and made it available on the Net that possess those features before I made SQL Power Injector available. Please let me know and I will update this section. Summary of the differences: Web page string and cookie parameters auto detection Fine tuning parameters SQL injection Time delay feature Multithread feature Response results in a customized browser Automated positive and negative condition discovery Blind SQL injection characters preset optimizer Screenshots You will find two screen shots demonstrating the two techniques used in the application: Normal and Blind. Screen 1: SQL Power injector with Normal technique Screen 2: SQL Power injector with Blind technique Some Statistic Figures I didn't use any scientific methods so do not consider those statistics as scientific facts but more as a general idea of what you can expect. Especially that no one controls the flux on the Net and I would be really hard pressed to give any valuable scientific data. Another thing, I didn't make enough tests (10 times for each thread) to have a real statistical sample since the goal of these numbers will be to show approximately what you can expect. Moreover, it will depend also of the size of the data sought. Sometimes a lower number of threads will be more effective than more. In fact, the time taken will be optimized if the length of the value is a divisible number of the number of thread. So let's say we have 24 characters length, 3, 4, 6 and 8 will be faster than any other. As a rule of thumb, the bigger gap of time between any thread is from 1 to 2. As you can see the higher is not always the better. You will see some examples in the following statistics. Even though you can go up to 50 threads, I have discovered that around 10 threads it's starting to have errors and getting slower and slower. So again bigger number of threads is not necessary better. I must warn as well that the higher number of threads is, the higher is the chances to crash the web application (web server or database) I must thank Nathaniel Felsen to have allowed me to test on one of his web server and my wife Elizabeth to have done all the tedious tests for me in her free time. Here are the characteristics of the computer used to make the tests: AMD Athlon ? 64 X2 Dual Core Processor 4200+ GHz 2 GB of RAM Windows XP SP 2 ADSL 1 MB/s Ping round trip average time of 173 ms Download: http://www.sqlpowerinjector.com/download.htm-1 points
-
Despre Yahoo! Autor: SlicK [slick@rstcenter.com] In primul rand vreau sa-mi cer scuze pentru inevitabilele greseli de ortografie deoarece sunt multe subiecte pe care vreau sa le acopar in acest articol si nu am timp sa mai si verific ce am scris deja. Urmatorul articol este rezultatul a vreo doua saptamani de cautari, teste, munca si nervi si va acoperi cateva aspecte ale Yahoo'ului cred eu destul de interesante pe care poate ca unii dintre voi le cunoasteti deja, scopul fiind sa clarifice cateva "mituri" despre Yahoo si sa raspunda la unele din intrebarile pe care poate vi le-ati pus vreodata. PARTEA I. Algoritmul de codare "yahoo64" Acest algoritm este folosit de Yahoo oriunde trebuie transformat un sir de caractere neprintabile intr-un sir de caractere printabil. Se numeste "codare" si nu "criptare" deoarece nu ofera absolut nici o protectie pentru sirul de caractere de codat. Fara a intra in aspecte criptografice trebuie metionat ca yahoo64 este foarte asemanator cu base64 insa are un charset extins. Charsetul yahoo64 este urmatorul "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789._" yahoo64 are cateva caracteristici distincte care trebuie mentionate: > toate caracterele din stringul codat fac parte din charsetul de mai sus > lungimea stringului este multiplu de 4 > in functie de lungimea stringului initial, la sfarsitul stringului criptat ultimele caractere pot fi "-" sau "--". Pentru mai multe detalii studiati cele doua functii php(pentru codare si decodare) de la sfarsitul acestui articol. PARTEA II. Analiza tokenului Yahoo Din cate am observat pana acum tokenul Yahoo este o insumare a userului si parolei de Yahoo, unic pentru fiecare username in parte dar care se modifica (doar partial) la schimbarea parolei. In esenta posesia acest token exprima ca posesorul este fie userul fie o entitate care are permisiunea userului de a actiona in numele acestuia pe serverele Yahoo. Un user isi poate obtine acest token prin accesarea linkului urmator: [url]https://login.yahoo.com/config/pwtoken_get?src=ymsgr&login=[/url][USERNAME]&passwd=[PASSWORD] unde [uSERNAME] si [PASSWORD] sunt o combinatie username/parola Yahoo VALIDE. Utilitatea acestui token este ca poate oferi oricand un COOKIE valid de Yahoo. [url]https://login.yahoo.com/config/pwtoken_login?src=ymsgr&token=[/url][TOKEN] Un exemplu de raspuns la un reqest catre "https://login.yahoo.com/config/pwtoken_get" poate fi acesta: 0 ymsgr=AGG6e0diD9m.3D4YlFPVcdBT1wFXKSBWP0Hl.gyQKd.qec8- partnerid=KSBWP0Hl.gyQKd.qec8- "ymsgr" este tokenul despre care am vorbit mai devreme si dupa cum se observa "partnerid" face parte din acest token (la sfarsit). Acest "partnerid" este unic pentru fiecare utilizator in parte si nu se modifica la schimbarea parolei, iar lungimea acestuia variaza in functie de lungimea username'ului. Dupa cum se poate observa lungimea tokenului este de 48 si se termina cu un "-" deci este evindent codat cu yahoo64. Dupa decodare obtinem urmatorul sir de caractere (unde fiecare 2 caractere reprezinta valoarea hexadecimala a unui singur caracter din tokenul decodat): 00 61 BA 7B 47 62 0F D9 BE DC 3E 18 94 53 D5 71 D0 53 D7 01 57 29 20 56 3F 41 E5 FA 0C 90 29 DF AA 79 CF La toate tokenurile pe care le-am vazut pana acum primul caracter este intotdeauna "0x00" Urmatoarele 4 caractere reprezinta timestampul (numarul de secunde care au trecut din 1-1-1970) la care userul a fost creeat sau cand parola a fost schimbata, doar ca timestampul este inversat deci pentru exemplul de mai sus timestampul va fi 0x477BBA61 (decimal 1199290977) adica "Wed, 2 Jan 2008 16:22:57 GMT" Daca decodam "partnerid" vom obtine urmatorul string: 29 20 56 3F 41 E5 FA 0C 90 29 DF AA 79 CF care dupa cum sa observa sunt ultimele 14 caractere de la sfarsitul tokenului. Daca din token eliminam primul caracter (00) timestampul (61 BA 7B 47) si parnerid'ul decodat vom ramane cu 62 0F D9 BE DC 3E 18 94 53 D5 71 D0 53 D7 01 57 Acest string rezultat are o lungime de 16 caractere ceea ce duce la concluzia ca este un hash MD5 (md5() produce un hash de 128 de biti adica 16 caractere intre 0x00 si 0xFF, a nu se confunda cu md5_hex() care produce un string de 32 de caractere reprezentand valorile hexadecimale ale celor 16 caractere produse de md5() ) La schimbarea parolei se modifica doar timestampul si acest hash MD5 ceea ce ma face sa cred ca din stringul initial (care produce hashul) face parte fie timestampul fie parola fie ambele. Trebuie sa mentionez pentru cei care vor face teste ca acest token trebuie pastrat SECRET deoarece dupa cum am spus si mai sus cunoasterea tokenului poate duce la compromiterea contului (parola NU trebuie sa fie cunoscuta pentru a obtine un set de cookiuri) PARTEA III. Yahoo! Messenger "Remember my ID & password" Incepand cu versiunea 7.x.x.x Yahoo! Messnger NU mai memoreaza parola atunci cand optiunea "Remember my ID & password" este bifata. In schimb este memorat tokenul despre care am vorbit mai sus deoarece dupa cum o sa arat mai tarziu tokenul este suficient pentru logarea cu succes la serviciul messenger. Pentru memorare tokenul este criptat si stocat in registrii windows in cheia HKEY_CURRENT_USER\Software\Yahoo\Pager\ETS Userul este de asemenea salvat deoarece este necesar pentru decriptare HKEY_CURRENT_USER\Software\Yahoo\Pager\Yahoo! User ID Nu voi da un exemplu de astfel de string deoarece desi algoritmul de criptare imi este deocamdata necunoscut poate fi totusi decriptat si extras un token folosind functii din "YahooMessenger.exe". Analiza pe care am facut-o unui string ETS este destul de sumara: tokenul este criptat folosind o cheie formata din "MBCS sucks"+USERNAME. Stringul rezultat fiind apoi codat cu yahoo64 si stocat in registrii la cheia ETS. Pentru crackeri decriptarea se face in "YahooMessenger.exe" (8.1.0.421) la offsetul 0x004862AA unde functia locala de la offsetul 0x006FCEC0 primeste urmatorii 9 parametrii 1. Stringul ETS 2. Lungimea stringului ETS 3. Pointer catre tokenul decriptat 4. Pointer catre lungimea tokenului 5. Cheia de decriptare "MBCS sucks[uSERNAME]" 6. Lungimea cheii de decriptare 7. 0x00 8. 0x00 9. 0x00 PARTEA IV. Autentificarea YMSGR v15 In continuare voi presupune ca sunteti deja familiarizati cu protocolul Yahoo! Messenger(formarea pachetelor si parametrii unui pachet) Este de mentionat ca din motive de compatibilitate YMSGR15 accepta si logarea clasica user/password dar mult mai important este ca Yahoo! Messnger foloseste si logarea cu COOKIE. Pentru o logare cu succes Yahoo! Messnger face urmatorii pasi: -Daca optiunea "Remember my ID & password" este bifata decripteaza stringul ETS si obtine un token, daca nu va folosi userul si parola introduse pentru a face un request la "https://login.yahoo.com/config/pwtoken_get" pentru a obtine tokenul -Dupa conectarea la unul din serverele yahoo trimite un pachet VERIFY (0x4C) -Daca primeste un raspuns valid VERIFY de la server incepe procedura de autentificare -Trimite un pachet AUTH (0x57) cu parametrii: "1" - USERNAME -Primeste un pachet AUTHRESP (0x54) din care extrage valoarea parametrului "94" (CHALLENGE) -Avand un token valid al userului va face un request catre "https://login.yahoo.com/config/pwtoken_login" pentru a obtine valorile "Y" si "T" ale cookieului precum si valorea "crumb" (CRUMB) -Creeaza un string (STRING307) astfel yahoo64(md5(CRUMB+CHALLENGE)) -Trimite un pachet AUTHRESP (0x54) cu parametrii: "277" - parametrul Y "278" - parametrul T "307" - STRING307 "0" - USERNAME "2" - USRNAME "2" - "1" "1" - USERNAME "244" - un numar random (ex. "2097087") "98" - "us" "135" - versiunea clientului (ex. "8.1.0.421") "148" - "-120" -Daca totul e in regula userul este autentificat iar serverul trimite buddy listul si alte informatii cum ar mailuri noi, add buddy request etc. PARTEA V. Analiza si explicatia cookiurilor Yahoo Odata cu autentificarea la un serviciu Yahoo userul primeste cookiurile "Y" si "T" deci analiza mea a fost concentrata doar asupra acestor 2 cookiuri. Cookieul Y poate fi configurat sa expire dupa o valoare intre 15 minute si 24 de ore dar cookieul T expira de obicei la inchiderea browserului sau la logout. Pentru serviciile cu securitate scazuta cum ar fi pagina "My Yahoo" cookiul Y este suficient dar pentru cele mai importante cum ar fi mail,calendar etc.. cookieul T este obligatoriu. Dupa cum probabil ati observat un cookie Yahoo este format din perechi "parametru=valoare". In continuare voi analiza parametrii care formeaza fiecare cookie si voi incercat sa prezent o explicatie pentru prezenta sau scopul lor. -Cookieul Y: Exemplu: Y=v=1&n=9mioklmar8tku&l=glagla/o&p=m2509oh012000000&r=in&lg=en-US&intl=us&np=1 Contine usernameul,un ID unic si cateva informatii demografice. De obicei acesta ramane neschimbat pentru un anumit user modificandu-se doar ID'ul unic (la schimbarea parolei) si informatiile demografice (la schimbarea adresei, limba utilizata, etc...) Dupa cum se observa este format din parametrii v,n,l,p,r,lg,intl si np dar nu toti sunt necesari pentru autentificarea cu succes al unui user. Parametrul "n" este un ID unic intern al utilizatorului (se modifica doar la schimbarea parolei) care este comparat cu o valoare interna yahoo la anumite requesturi pentru obtinerea de informatii sau pentru expirarea automata a tuturor cookiurilor vechi odata cu schimbarea parolei. Parametrul "l" este usernameul codat cu un algoritm simplu de substitutie unde fiecare caracter din user are un corespondent intr-un alt string dupa cum urmeaza: PLAINTXT=klmnopqrstuvwxyz0123457896abcdefghij._ ENCODED=abcdefghijklmnopqrstuvxyzw0123456789._ Astfel pentru cookiul de mai sus username'ul este "qvkqvk" Parametrul "p" contine diverse informatii despre utilizator cum ar fi sex, data nasterii, tara, etc. Restul parametrilor contin de asemenea diverse informatii despre limba, anumite setari, etc. -Cookieul T: Exemplu: T=z=Cr7eHBCxQfHBJkF/Bqb4dnUMzIwBjVPNDQzNDFOME8-&a=QAE&sk=DAAk3Lb2EiyEEM&ks=EAA3i37q0zwFhuCnF6cflaKHg--~A&d=c2wBTkRVM0FUSTRNek0wTXpZNU56Zy0BYQFRQUUBenoBQ3I3ZUhCZ1dBAXRpcAFzNkpUZEM- Contine un timestamp si o semnatura digitala simetrica. Acesta se modifica la modificarea timpului(oricate cookiuri generate intr-o singura secunda sunt identice) Este format din parametrii z,a,sk,ks si d dar pentru autentificare la serviciile web sunt necesari doar parametrii sk,ks si d. Pentru autentificare Yahoo! Messenger "z" este insa obligatoriu. Parametrul "z" exista pentru compatibilitate cu servicii mai vechi dar este de asemenea in stransa legatura cu valoarea CRUMB obtinuta pentru autentificarea Yahoo! Messenger. Acesta este un string criptat cu yahoo64 dar decodarea acestuia nu prezinta nici o informatie evidenta) Parametrul "a" (de obicei are valoarea "QAE") contine diverse flaguri pentru expirare si protectia minorilor. Parametrul "sk" reprezinta sesiunea (session key) si este calculat din username, ID unic si timestamp precum si dintr-un string cunoscut doar pe serverele Yahoo (Yahoo shared secret) Parametrul "ks" reprezinta (din observatiile mele) un hash al parolei utilizatorului sau un alt string care inlocuieste parola deoarece lipsa acestui este urmata de obligatia introducerii parolei(pe serverele web Yahoo). Daca ignoram primele 3 caractere care nu se schimba ("DAA") si ultimele 2 caractere care de asemenea nu se schimba ("~A") obtinem un string codat yahoo64 reprezentand cel mai probabil un hash MD5 (stringul decodat are 16 caractere) cel mai probabil de asemenea generat folosind un shared secret. Parametrul "d" contine sesiunea utilizatorului si cateva informatii pentru compatibilitate. Acesta este un string codat yahoo64. Dupa decodarea valorii "d" din exemplul de mai sus obtinem urmatorul string: (unde [sEP] este caracterul hexadecimal 0x01) sl[SEP]NDU3ATI4MzM0MzY5Nzg-[SEP]a[SEP]QAE[SEP]zz[SEP]Cr7eHBgWA[SEP]tip[SEP]s6JTdC Se poate observa ca acest string este de asemenea o insiruire de perechi "parametru=valoare" astfel: sl=NDU3ATI4MzM0MzY5Nzg-&a=QAE&zz=Cr7eHBgWA&tip=s6JTdC Valoarea parametrului "sl" este de asemenea un string criptat yahoo64: 457[SEP]2833436978 (sau 457=2833436978) Acest numar este unic pentru fiecare username si nu se modifica la schimbarea parolei Parametrul "a" este acelasi cu parametrul "a" din cookiul "T" Parametrul "zz" reprezinta in esenta un contor de timp. Valorile pe care le poate lua un caracter facand parte din charsetul yahoo64 cu singura diferenta ca "_" este inlocuit de "/". Cea mai buna analogie pe care o pot face incercand sa explic acest parametru este aceea cu un kilometraj de masina, Adica fiecare caracter(de la stanga la dreapta) poate fi asemanata cu o rotita cu valorile din charset. atunci cand primul caracter termina o rotatie completa prin toate pozitiile, al doilea caracter creste cu o pozitie continuand in aclasi mod pana la al 6-lea caracter. Stiind ca primul caracter creste cu o pozitie pe secunda se poate afla timestampul la care un anumit cookie a fost generat. (cand userul s-a logat serviciul respectiv) Parametrul "tip" este acelasi pentru toti utilizatorii Yahoo dar se schimba periodic (nu stiu intervalul exact) Cam atat cu acest articol si felicitari pentru cei care au avut rabdarea sa-l citeasca pana la capat. Astept pareri sau adaugiri cu privire la aceste subiecte. Algoritmul de codare yahoo64: <?php //yahoo64 encode/decode functions by SlicK [slick@rstcenter.com] function yahoo64_encode($source) { $yahoo64="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789._"; $limit=strlen($source)-(strlen($source)%3); $dest=""; for($i=0;$i<$limit;$i+=3) { $dest.=$yahoo64[ord($source[$i])>>2]; $dest.=$yahoo64[((ord($source[$i])<<4)&0x30) | (ord($source[$i+1])>>4)]; $dest.=$yahoo64[((ord($source[$i+1])<<2)&0x3C) | (ord($source[$i+2])>>6)]; $dest.=$yahoo64[ord($source[$i+2])&0x3F]; } switch(strlen($source)-$limit) { case 1: { $dest.=$yahoo64[ord($source[$i])>>2]; $dest.=$yahoo64[(ord($source[$i])<<4)&0x30]; $dest.='--'; } break; case 2: { $dest.=$yahoo64[ord($source[$i])>>2]; $dest.=$yahoo64[((ord($source[$i])<<4)&0x30) | (ord($source[$i+1])>>4)]; $dest.=$yahoo64[((ord($source[$i+1])<<2)&0x3c)]; $dest.='-'; } break; } return($dest); } function Index($string,$chr) { for($i=0;$i<64;$i++) { if($string[$i]==$chr) { return($i); } } return(-1); } function yahoo64_decode($source) { $yahoo64="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789._"; $len=strlen($source); if($source[$len-1]=='-') { $plus=2; } if($source[$len-2]=='-') { $plus=1; } if($plus>0) { $len-=4; }; $dest=""; for($i=0;$i<$len;$i+=4) { $chr1=Index($yahoo64,$source[$i]); $chr2=Index($yahoo64,$source[$i+1]); $chr3=Index($yahoo64,$source[$i+2]); $chr4=Index($yahoo64,$source[$i+3]); $dest.=chr(($chr1<<2)|($chr2>>4)); $dest.=chr((($chr2&0xF)<<4)|($chr3>>2)); $dest.=chr((($chr3&0x3)<<6)|($chr4&0x3F)); } switch($plus) { case 1: { $chr1=Index($yahoo64,$source[$i]); $chr2=Index($yahoo64,$source[$i+1]); $dest.=chr(($chr1<<2)|($chr2>>4)); } break; case 2: { $chr1=Index($yahoo64,$source[$i]); $chr2=Index($yahoo64,$source[$i+1]); $chr3=Index($yahoo64,$source[$i+2]); $dest.=chr(($chr1<<2)|($chr2>>4)); $dest.=chr((($chr2&0xF)<<4)|($chr3>>2)); } break; } return($dest); } //usage example $string="any string"; print("Original string=$string \n"); $encoded=yahoo64_encode($string); print("Encoded string=$encoded \n"); $decoded=yahoo64_decode($encoded); print("Decoded string=$decoded \n"); ?>-1 points