Hashing Passwords with the PHP 5.5 Password Hashing API

Posted by & filed under Webdev.

Using bcrypt is the currently accepted best practice for hashing passwords, but a large number of developers still use older and weaker algorithms like MD5 and SHA1. Some developers don’t even use a salt while hashing. The new hashing API in PHP 5.5 aims to draw attention towards bcrypt while hiding its complexity. In this… Read more »

AlphaNumberless PHP backdoor shell

Posted by & filed under Hack.

It’s possible to write php backdoor without chars&numbers in source! Look at below code: Main idea of this code is using Bitwise Operators for store $_GET and then call $_GET[0]($_GET[1]) for calling any php function with any argument. For example: