MySQL: UPDATE query based on SELECT query

Bypass blocked regedit, concatenate cmd commands & quotes in quotation marks

At a customer I had the problem that we had there a logon scrip, but we were given no access to the registry. Well, we had local administrave permissions. At first I tried runas, but we have to save the password – no chance. Not even echo password works. lsrunase seems to solve the problem, but the version that I found, had problems with quotes in quotation marks. At the end I used a simple AutoIt script.

AutoIt Script (runas.exe)

Change reg entry for HKLM

Change reg entry for current user (HKCU don’t work because you run as local admin!)

Reg changes and file copy (also used quotes in quotation marks and concatenate cmd commands)

Passwords

Don’ts

  • Don’t limit what characters users can enter for passwords. Only idiots do this.
  • Don’t limit the length of a password. If your users want a sentence with supercalifragilisticexpialidocious in it, don’t prevent them from using it.
  • Never store your user’s password in plain-text.
  • Never email a password to your user except when they have lost theirs, and you sent a temporary one.
  • Never, ever log passwords in any manner.
  • Never hash passwords with SHA1 or MD5 or even SHA256! Modern crackers can exceed 60 and 180 billion hashes/second (respectively).
  • Don’t mix bcrypt and with the raw output of hash(), either use hex output or base64_encode it. (This applies to any input that may have a rogue \0 in it, which can seriously weaken security.)

Dos

  • Use scrypt when you can; bcrypt if you cannot.
  • Use PBKDF2 if you cannot use either bcrypt or scrypt, with SHA2 hashes.
  • Reset everyone’s passwords when the database is compromised.
  • Implement a reasonable 8-10 character minimum length, plus require at least 1 upper case letter, 1 lower case letter, a number, and a symbol. This will improve the entropy of the password, in turn making it harder to crack. (See the “What makes a good password?” section for some debate.)

PHP