Heartland

Petseri wrote: QB: Have some fun with him by seeing if his passwords are all the same (his username is remarkably close, so maybe he keeps everything similar so he does not get confused). If so, see if they work on his email address.

all passwords are stored MD5-encrypted in the database.

MD5 is a 1-way encryption algorythm, so there's no way to decrypt them.

for example, when logging into heartland the system takes the password you enter, MD5s it and compares it against the one in the db. they are never handled unencrypted...

and once MD5'ed they look something like this:

1a6f11f15c235e4ca9ccccb6d6af818a

so whilst i cant get his password from that, i could probably have alook and see if he uses the same one... just wouldnt be much use

shame though

he has 5 users so far:

perugoth@yahoo.com (registered email addy: perugoth@yahoo.com)
perugoth (registered email addy: perugothicinfo@yahoo.com)
rexrey_999 (registered email addy: rexrey_999@hotmail.com)
rexrey_99 (registered email addy: perugoth@hotmail.com)

and all but one use the password that i gave as the example above...

damn shame its encrypted innit?

i think we should all send him an email with a subject of "sisters trades" that simple says "f**k off"

You could always write a bit of code that asks him to log in again, but stores his password in an unencrypted form.

i figured posting his email addresses on the board for spambots to harvest was a good start