Your link to the javascript MD5 routine is broken, (at this moment anyways). I'm wondering if you are not getting the concept of challenge and salt confused. In MD5 based password crypt, a salt value is used to generate the hash, and you are referring to the " value of the challenge being used against the string".

I'm not going thru the mental aggravation of trying to hack their methods, but you have those 2 values to play with. The md5 salt, and the password, additionally it maybe be base64 encoded( which just adds another level of complication).

It would seem to me, that their likely method, would be to send you a custom login page, with a random salt built-in to the html javascript. It then asks you to enter your password, which the javascript hashes with the salt, ( then may possibly base64encode it). It sends this value, and checks if it matches the MD5 crypt hash on their end, which uses the same salt. The salt may be hidden in a hidden field or even a cookie.

Anyways, all those factors would make it an all day effort to hack, unless you get lucky and spot it quickly.

I'm not really a human, but I play one on earth. flash japh

In reply to Re^3: Cookie issue (client side) by zentara
in thread MD5 issue (client side) by GaijinPunch

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.