Passwd Protect + PHP Problem

I have an XAMPP server that I'm using and mainly I use PHP, but I need to password protect one of the HTML files on it. How do I do this using an XAMPP server?

ALSO

Parse error: syntax error, unexpected T_STRING, expecting ',' or ';' in C:\Program Files\XAMPP\htdocs\cracker.php on line 18

I can't figure out how to patch this - it's a code I found right here on HBH in the code bank but I keep getting that error when trying to view it on my site. Can someone please check out this code and see if you may be able to patch it for me? :|

echo "<html>
<head>
<title>Password cracker</title>
</head>
<body>
<div id=result></div>";

$crack = $_POST['crack'];
$which = $_POST['which'];
$file = $_POST['file'];
$hash = $_POST['hash'];
$hash2 = $_POST['hash2'];
$enc = $_POST["enc"];
if(isset($HTTP_POST_VARS['crack']))
{
echo "<script>document.getElementById("result").innerHTML="<font size=5>Searching for password...</font>"</script>";
if($which == "1")
{
if($file == "small")
{
$words = file("password1.dict");
print "using small...<br>";
}
if($file == "medium")
{
$words = file("password2.dict");
}
if($file == "large")
{
$words = file("password3.dict");
}

// Loop through all words
foreach ($words as $word) {
$word = rtrim($word);
echo "<script>document.getElementById("result").innerHTML="<font color=blue size=4>trying - ".$word.""</script>";
if ($enc($word) == $hash) {
print "Match found! password is $word";
echo "<script>document.getElementById("result").innerHTML="<font color=green size=5>found match! Pass is " . $word . "</font>"</script>";
exit;
}
}

print "No matches found!";
echo "<script>document.getElementById("result").innerHTML="<font color=red>No matches found!</font>"</script>";
exit;
}

if($which == "2")
{
$string = "a";
$check = $enc($string);
while($check != $hash2)
{
echo "<script>document.getElementById("result").innerHTML="<font color=blue size=4>trying - ".$string.""</script>";
if(md5($string) == $hash2)
{
exit;
}
$string++;
$check = $enc($string);
$count++;
$fullcount++;
if($count == 100000)
{
echo $fullcount . " passwords attempted.<BR>Currently at: " . $string . "<BR>";
$count = 0;
exit;
}
}
if(md5($string) == $hash2)
{
echo "<script>document.getElementById("result").innerHTML="<font color=green size=5>Match! Pass is ".$string.""</script>";
exit;
}
exit; //stop before form is shown
}
}
?>
<center><font size=5>Hash Brute Forcer</font></center>
<form action="crack.php" method="POST">
<fieldset>
<legend>Choose type</legend>
dictionary: <input type="radio" name="which" value="1"><br>
brute force: <input type="radio" name="which" value="2"><br>
</fieldset>
<fieldset>
<legend>Choose type...</legend>
<select name="enc">
<option value="md5">MD5</option>
</select>
</fieldset>
<fieldset>
<legend>Hash Cracker (dictionary)</legend>
Hash to crack : <input type="text" name="hash">
<input type="hidden" name="crack" value="1"><br>
crack file size: <select name="file">
<option value="small">SMALL</option>
<option value="medium">MEDIUM</option>
<option value="large">LARGE</option>
</select>
</fieldset>
<fieldset>
<legend>Hash Cracker (brute forcer)</legend>
Hash to crack : <input type="text" name="hash2">
</fieldset>
<br>
<input type="submit" value="Submit">
</form>
</body>```

I can't see properly because of the smilies, but are you doing this when you use an if statement?

if (something == something**;**)
{
*[Code block here]*
}

If that's the case, you need to remove all the semicolons, as they aren't needed at the end of if (..) statements.

Good luck, -Jay.

Nick, disable smilies in your posts when you post code to make it easier to read. And ya, that was what he was doing… end3r

I don't think it was an if statement..

But here is the line that needs patching so far if it helps you any better for any reason.

markupecho "<script>document.getElementById("result").innerHTML="<font size=5>Searching for password...</font>"</script>";

The error code shown, is shown in my first post on this thread.

C'mon guys, there must be someone that knows PHP enough to patch this up..

I still can't figure it out myself. :angry:

maybe change it to

echo "<script>document.getElementById('result'.innerHTML='<font size=5>Searching for password...</font>'</script>";

After fixing that line I receive a new error:

Parse error: syntax error, unexpected T_STRING, expecting ',' or ';' in C:\Program Files\XAMPP\htdocs\cracker.php on line 38

Any idea on how to fix that..

come on man…

notice how when you patched the one line, the next error appeared furthur down in the script? and what does this mean… thats right… you fixed it.

so fix the rest the same way. here is your patched code. try thinkin bout it more next time, eh? :D

btw i left one error still in there, just so you can have a little fun…

<?php

echo "<html>
<head>
<title>Password cracker</title>
</head>
<body>
<div id=result></div>";

$crack = $_POST['crack'];
$which = $_POST['which'];
$file = $_POST['file'];
$hash = $_POST['hash'];
$hash2 = $_POST['hash2'];
$enc = $_POST["enc"];
if(isset($HTTP_POST_VARS['crack']))
{
echo "<script>document.getElementById('result').innerHTML='<font size=5>Searching for password...</font>'</script>";
if($which == "1")
{
if($file == "small")
{
$words = file("password1.dict");
print "using small...<br>";
}
if($file == "medium")
{
$words = file("password2.dict");
}
if($file == "large")
{
$words = file("password3.dict");
}

// Loop through all words
foreach ($words as $word) {
$word = rtrim($word);
echo "<script>document.getElementById('result').innerHTML=]<font color=blue size=4>trying - ].$word.''</script>";
if ($enc($word) == $hash) {
print "Match found! password is $word";
echo "<script>document.getElementById('result').innerHTML='<font color=green size=5>found match! Pass is ' . $word . '</font>'</script>";
exit;
}
}

print "No matches found!";
echo "<script>document.getElementById('result').innerHTML='<font color=red>No matches found!</font>'</script>";
exit;
}

if($which == "2")
{
$string = "a";
$check = $enc($string);
while($check != $hash2)
{
echo "<script>document.getElementById("result").innerHTML='<font color=blue size=4>trying - '.$string.''</script>";
if(md5($string) == $hash2)
{
exit;
}
$string++;
$check = $enc($string);
$count++;
$fullcount++;
if($count == 100000)
{
echo $fullcount . ' passwords attempted.<BR>Currently at: ' . $string . '<BR>';
$count = 0;
exit;
}
}
if(md5($string) == $hash2)
{
echo "<script>document.getElementById('result').innerHTML='<font color=green size=5>Match! Pass is '.$string.''</script>";
exit;
}
exit; //stop before form is shown
}
}
?>
<center><font size=5>Hash Brute Forcer</font></center>
<form action="crack.php" method="POST">
<fieldset>
<legend>Choose type</legend>
dictionary: <input type="radio" name="which" value="1"><br>
brute force: <input type="radio" name="which" value="2"><br>
</fieldset>
<fieldset>
<legend>Choose type...</legend>
<select name="enc">
<option value="md5">MD5</option>
</select>
</fieldset>
<fieldset>
<legend>Hash Cracker (dictionary)</legend>
Hash to crack : <input type="text" name="hash">
<input type="hidden" name="crack" value="1"><br>
crack file size: <select name="file">
<option value="small">SMALL</option>
<option value="medium">MEDIUM</option>
<option value="large">LARGE</option>
</select>
</fieldset>
<fieldset>
<legend>Hash Cracker (brute forcer)</legend>
Hash to crack : <input type="text" name="hash2">
</fieldset>
<br>
<input type="submit" value="Submit">
</form>
</body>

Hah, thanks. :D

Fixed the error you left me too B) w00tsauce

Now, how about the passwd protect problem?

Erh, nevermind; I'll just ask around if any1 knows a great server that supports PHP :-p

Freehostia

mozzer check out my new post called Supporting Servers - PHP .

Please.