Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
Finds md5 from a sample of uFlex hashes
<?php
/*******************************************************************************************************/
/* uFlex experimentation - Cyberwatch SAS © 2015 */
/* Maxime Alay-Eddine — @TarraschK */
/* --- Finds md5 from uFlex hashes --- */
/* */
/* Released under The MIT License (MIT) */
/* */
/* Permission is hereby granted, free of charge, to any person obtaining a copy */
/* of this software and associated documentation files (the "Software"), to deal */
/* in the Software without restriction, including without limitation the rights */
/* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell */
/* copies of the Software, and to permit persons to whom the Software is */
/* furnished to do so, subject to the following conditions: */
/* */
/* The above copyright notice and this permission notice shall be included in */
/* all copies or substantial portions of the Software. */
/* */
/* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR */
/* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, */
/* FIT/NESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE */
/* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER */
/* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, */
/* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN */
/* THE SOFTWARE. */
/********************************************************************************************************/
/* --------------------------------------------------------------------------------*/
// Functions taken from https://github.com/ptejada/uFlex/blob/legacy/class.uFlex.php
// Following functions implements the uFlex hash generators
function encode($d){
$encoder = array(
"a","b","c","d","e","f","g","h","i","j","k","l","m","n","o","p","q","r","s","t","u","v","w","x","y","z",
"A","B","C","D","E","F","G","H","I","J","K","L","M","N","O","P","Q","R","S","T","U","V","W","X","Y","Z",
0,2,3,4,5,6,7,8,9
);
$k=$encoder;
preg_match_all("/[1-9][0-9]|[0-9]/",$d,$a);
$n="";
$o=count($k);
foreach($a[0]as$i){
if($i<$o){
$n.=$k[$i];
} else {
$n.="1".$k[$i-$o];
}
}
return $n;
}
function make_hash($uid,$hash = false){
$e_uid = encode($uid);
$e_uid_length = strlen($e_uid);
$e_uid_length = str_pad($e_uid_length,2,0,STR_PAD_LEFT);
$e_uid_pos = rand(10,32 - $e_uid_length - 1);
if(!$hash){
$hash = md5(uniqid(rand(),true));
}
//$code = substr($code, 0, $length);
$code = $e_uid_pos.$e_uid_length;
$code .= substr($hash,0,$e_uid_pos - strlen($code));
$code .= $e_uid;
$code .= substr($hash,strlen($code));
return $code;
}
/* --------------------------------------------------------------------------------*/
// This function takes an array of uFlex hashes
// and tries to guess the embedded md5
function get_md5_from_hash($hash_array) {
$result = str_repeat("_", 32);
foreach($hash_array as $hash) {
$e_uid_pos = substr($hash, 0, 2);
$e_uid_length = substr($hash, 2, 2);
$e_uid = substr($hash, $e_uid_pos, $e_uid_length);
//echo " hash = ".$hash;
$part1 = substr($hash, 4, $e_uid_pos - $e_uid_length + 1);
$part2 = substr($hash, $e_uid_pos + $e_uid_length, strlen($hash));
$partial_md5 = $part1.str_repeat("_", $e_uid_length+4).$part2;
//echo " part_md5 = ".$partial_md5;
$length = strlen($hash);
for ($i=0; $i<$length; $i++) {
if (($result[$i] == "_") && ($partial_md5[$i] != "_")) {
$result[$i] = $partial_md5[$i];
}
}
}
return $result;
}
$uid = "1211815"; //encode($uid) = ml1uf
// Let simulate an array of 8 uFlex hashes
// here, our md5 value is 00112233445566778899aabbccddeeff
// 8 samples should be enough to find the complete md5
$hash_array = array(
make_hash($uid,"00112233445566778899aabbccddeeff"),
make_hash($uid,"00112233445566778899aabbccddeeff"),
make_hash($uid,"00112233445566778899aabbccddeeff"),
make_hash($uid,"00112233445566778899aabbccddeeff"),
make_hash($uid,"00112233445566778899aabbccddeeff"),
make_hash($uid,"00112233445566778899aabbccddeeff"),
make_hash($uid,"00112233445566778899aabbccddeeff"),
make_hash($uid,"00112233445566778899aabbccddeeff")
);
echo get_md5_from_hash($hash_array); // prints 00112233445566778899aabbccddeeff
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment