b64_md5 algorithm by Paul Johnston at http://pajhome.org.uk/crypt/md5

Question

i'm trying to use php curl to grab internet banking transaction. unfortunately the bank uses b64_md5 algorithm to pass the username and password to the server done by this script md5.js . i've googled a php function to simulate this. but i can find something help.

here is their code to generate the password

function checkScript(){
    pCheckScript.innerHTML = "";
    document.form_000001.pSubmit.disabled = false;
    document.form_000001.pCancel.disabled = false;
    document.form_000001.challenge.value = "[B@6be16be1"
    document.form_000001.login_name.focus();}
function submitForm(){
    var vPassword = "";
    for (var i = 0; i < document.form_000001.password.value.length; i++)vPassword = vPassword + "*";
    document.form_000001.login_name.size = 1;
    document.form_000001.password.size = 1;
    document.form_000001.login_name.style.visibility = "hidden";
    document.form_000001.password.style.visibility = "hidden";
    textLoginName.innerHTML = document.form_000001.login_name.value;
    textLoginPassword.innerHTML = vPassword;
    document.form_000001.login_name.value = b64_md5(document.form_000001.login_name.value.toLowerCase());
    document.form_000001.password.value = b64_md5(b64_md5(document.form_000001.password.value) + document.form_000001.challenge.value);
    return true;}

the queston is, how to build php function to simulate this.

Answer 1

Here's an example that uses base64_encode and md5.

<?php

// This assumes that the challenge never changes.
$challenge = '[B@6be16be1';

$username = base64_encode(md5(strtolower('username')));
$password = base64_encode(md5(base64_encode(md5('password')) . $challenge));