Incompatible hash format for MSF Auth Hashing Algorithm (PBKDF2) for PHP
Youdaman opened this issue · 1 comments
Youdaman commented
Re https://github.com/alvyxaz/barebones-masterserver/wiki/MSF-Auth-Hashing-Algorithm-(PBKDF2)-for-PHP
As per https://github.com/defuse/password-hashing#hash-format the hash format is:
algorithm:iterations:hashSize:salt:hash
Whereas MSFSecruity.ValidatePassword
and Msf.Client.Auth.Register
use the format:
iterations:salt:hash
Youdaman commented
For anyone that's interested, here's a way to generate the hashed password in JavaScript/Node:
var crypto = require('crypto');
var password = "testing123";
var length = 24;
var iterations = 1000;
var algorithm = "sha1";
var salt = crypto.randomBytes(length);
var hash = crypto.pbkdf2Sync(password, salt, iterations, length, algorithm);
var msf2password = iterations + ":" + salt.toString('base64') + ":" + hash.toString('base64');