Slide 21
Slide 21 text
Vulnerability Testing
select * from users where password in( !
! md5(‘password’), md5(‘123456’), md5(‘jesus’), ! !
! md5(‘football’), md5(‘ninja’), !
! sha1(‘password’), sha1(‘123456’), sha1(‘jesus’), ! !
! sha1(‘football’), sha1(‘ninja’)!
);!
!
select * from users where password in (!
! md5(concat(‘123456’, salt)),!
! sha1(concat(‘123456’, salt)),!
! sha2(concat(‘123456’, salt)),!
! password(concat(‘123456’, salt))!
); MySQL hash methods
http://dev.mysql.com/doc/refman/5.5/en/encryption-functions.html