Any good encryption?
I'm a newly registered user to alliedmodders but NOT a new visitor.
I personally wish to thanks every amx coders here that helped advance this wonderful metamod plugin. Ok, lets jump in. My issue is quite simple to understand. I got a plugin I'm working on that connects the user management system of a website to the cs server the plugin is on. [I just wish users to have same nick and steamID as on the website.].. As such, the plugin will contain some data as SQL query string or SQL db infos. Code:
#define SQL_DB "amxsys_db"I did some research here: [unsecure] ROT13 [ONE way hash] MD5 [unsecure] xTea [very unsecure] Base64 How should I tackle that issue?. Even when I handle a socket connection from the plugin I wish to encrypt the transmitted data to prevent anyone from tampering it. Any suggestions highly appreciated, |
Re: Any good encryption?
1. Don't give out the plugin.
2. Use cvars for those values. (this was posted recently and should have been found easily via a search) Encrypting during transmission is another story. Wouldn't you have to use a secure connection? |
Re: Any good encryption?
I found that. But I NEED TO DISTRIBUTE IT.
Reasons: Hosters in my community need to download that plugin and install on their servers. This is not a private plugin but only close-source with sensitive data. And use cvar's for so much strings and hardcorded data? Thanks, |
Re: Any good encryption?
Quote:
|
Re: Any good encryption?
Quote:
Quote:
Quote:
|
Re: Any good encryption?
Anything NOT hardcoded in the plugin cannot be decompiled obviously :). However, let's say I have the md5 of a file. How do I prevent it from being hardcoded? Do I use socket? Should I always use socket and retrieve the data from a php file?
Exolent said that a custom base64 encryption can be made. How much secure is that? Enough to discourage intermediate crackers? I'm only looking for if hardcoded strings can be encrypted and still, be decrypted with a key if needed. A key-enc system is highly appreciated. I'm NOT asking for prefabs or anything, just looking in if there was another good encryption method under pawn scripting than the one I found [in my first post].. It's not only 3 strings however, It is a lot of strings :D. The above 3 strings are only example of how important the information is. Cheers, :wink: |
Re: Any good encryption?
@fysiks Yes but that cvars must be defined somewhere right? So its just a matter of time until that sensitive data will be founded and then used in a negative way.
@johnally the best way is to retrive that data from a .php file using sockets and then deny any browser acces to that file, this is how i will do it for plugins with a sql connection. |
Re: Any good encryption?
Quote:
|
Re: Any good encryption?
Wait a second, what ftp? the plugin will be used by x users on their servers so cvars must be defined locally in every server.
|
Re: Any good encryption?
@Clauu .. I hate sockets.. Why? I feel it is more unsecure as data is transmitted in a near plain-text format :s.. However, whenever I use sockets, I have to consider an md5 key by the side of my data. Such a pain :s.. Do you know of any other technique of securing my socket connection as I do NOT wish the hosters tamper the data.
@fysiks .. Now you see the tip of the iceberg :P My issue is kinda enormous but I'm sure we can 'hack' our way through it and probably help this community with decompiling issues. However, private plugins are not so welcomed here ;) @Clauu[2nd rep] .. yep used locally.. the hoster will download and install locally.. use of cvars is kinda extreme sucide :( |
| All times are GMT -4. The time now is 04:17. |
Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.