Hacking Linux Exposed

About
Authors
Contents
Reviews
Foreword
Purchase

Articles
Books
Sourcecode
Tools
Errata

Home

 


(view this code in a separate window)

#! /usr/bin/perl -w
#
# digest.pl
#
# This code shows how you can create an MD5 digest
# of random data.  Create code similar to this that
# digests all hidden HTML form elements with a
# well-protected passphrase.  Then when the attacker
# attempts to modify the hidden fields (to reduce
# the price of an item in a shopping cart, for example)
# then the digests will not match, and you can dissalow
# the access.
#
# Copyright 2001, James Lee
#
## Released under the GPL.  See COPYING file
# for more information.
 
use Digest::MD5 qw( md5_base64 );
 
$passphrase = 'A VERY difficult to guess passphrase';
$product    = 'Widget A';
$price      = '30.00';
 
$digest = md5_base64($product, $price, $passphrase);
 
print $digest,"\n";