Solved Secure server login c#

Hexui Undetected CSGO Cheats Sinkicheat PUBG Cheat

layne3

Newbie
Full Member
Nov 30, 2012
6
172
0
How do I do it? My friend can host a website for me, how can I compare site data with client data and let people in if the info is right? I also want the login to be un-jumpable with ollydbg?
 

AlexSleyore

Coder
Full Member
Nobleman
Oct 29, 2012
100
613
1
Get username and password
Encrypt password with BCRYPT or such one way encryption
Send username and encrypted password to sever
check your SQL table for their username and password combo,
if success - Login success & userdata return packets


"I also want the login to be un-jumpable with ollydbg?" - not a physically possible option? you could try like EXECryptor but nothing is truely unstoppable or you would think some of them million dollar game companies would have it by now?
 
Last edited by a moderator:

c5

Kim Kong Trasher
Dank Tier VIP
Dank Tier Donator
Jul 19, 2012
1,187
12,638
76
Send the data to the server and let the server handle information checks. If all turns out good, server carries on with the data transmission
 

layne3

Newbie
Full Member
Nov 30, 2012
6
172
0
Is it possible to send/recieve data to a Sql table on a website thats not mine?
 

AlexSleyore

Coder
Full Member
Nobleman
Oct 29, 2012
100
613
1
Is it possible to send/recieve data to a Sql table on a website thats not mine?
depends, if you could do it from a website its possible to do with code. Such as with this example of uploading an image to imageshack
https://www.rohitab.com/discuss/topic/29759-simple-upload-to-imageshack/

If you mean to write a program to directly access an SQL table that you do not own is not possible, or far beyond the realm of anything someone having to ask would be able to do... To test the login persay of a site you didnt own, you would just examine the HTML of the login script.. and for this site you get

C++:
<form id="navbar_loginform" action="https://guidedhacking.com/login.php?do=login" method="post" onsubmit="md5hash(vb_login_password, vb_login_md5password, vb_login_md5password_utf, 0)">
and then work from there to send the right data to that URL, and then check and see if your logged in - by trying to access a part of the site that is only accessible if you are logged in, such as https://guidedhacking.com/private.php
 

velreine

Newbie
Full Member
Aug 27, 2012
36
504
0
If you want to make a some-what secure login system you have to have an encryption and decryption system.

Client: will hold encryption system or function or what-ever, but not the decrypt function.
Server: will hold decryption system and encryption system.

But that doesn't make your program secure.

You should make the client depend on data from the server, so some-what core features will only work with data from the server. And that data will only be sent from the server to the client if everything is acceptable from the client (sanitize anything that looks suspicious). That way your client won't get required data for program functionality if login for example is wrong, or decryption of packages sent from client went wrong.
 

c5

Kim Kong Trasher
Dank Tier VIP
Dank Tier Donator
Jul 19, 2012
1,187
12,638
76
no need for decryption if the user information is hashed in server
 
Attention! Before you post:

Read the How to Ask Questions Guide
99% of questions are answered in the Beginner's Guide, do it before asking a question.

No Hack Requests. Post in the correct section.  Search the forum first. Read the rules.

How to make a good post:

  • Fill out the form correctly
  • Tell us the game name & coding language
  • Post everything we need to know to help you
  • Ask specific questions, be descriptive
  • Post errors, line numbers & screenshots
  • Post code snippets using code tags
  • If it's a large project, zip it up and attach it

If you do not comply, your post may be deleted.  We want to help, please make a good post and we will do our best to help you.

Community Mods