Hashing Passwords with the PHP 5.5 Password Hashing API

Posted by & filed under Webdev.

Using bcrypt is the currently accepted best practice for hashing passwords, but a large number of developers still use older and weaker algorithms like MD5 and SHA1. Some developers don’t even use a salt while hashing. The new hashing API in PHP 5.5 aims to draw attention towards bcrypt while hiding its complexity. In this… Read more »

AlphaNumberless PHP backdoor shell

Posted by & filed under Hack.

It’s possible to write php backdoor without chars&numbers in source! Look at below code: Main idea of this code is using Bitwise Operators for store $_GET and then call $_GET[0]($_GET[1]) for calling any php function with any argument. For example:

Generators in PHP

Posted by & filed under Webdev.

How do Generators Work? According to Wikipedia, a generator “is very similar to a function that returns an array, in that a generator has parameters, can be called, and generates a sequence of values”. A generator is basically a normal function, but instead of returning a value it yields as many values as it needs… Read more »