Fix password encryption of CrazyLogin #66

.env.example

@@ -30,8 +30,14 @@ DB_PREFIX = null
 
 # Encrypt Method for Passwords.
 #
-# Available values: PHP_PASSWORD_HASH, (SALTED2)MD5, (SALTED2)SHA256, (SALTED2)SHA512
-# New sites are highly recommend to use PHP_PASSWORD_HASH.
+# Available values:
+#   - PHP_PASSWORD_HASH,
+#   - (SALTED2)MD5,
+#   - (SALTED2)SHA256,
+#   - (SALTED2)SHA512,
+#   - CrazyCrypt1
+#
+# New sites are *highly* recommend to use PHP_PASSWORD_HASH.
 #
 PWD_METHOD = PHP_PASSWORD_HASH
 
@@ -42,7 +48,7 @@ PWD_METHOD = PHP_PASSWORD_HASH
 #
 SALT = 2c5ca184f017a9a1ffbd198ef69b0c0e
 
-# App Key should be setted to any random, **32 character** string,
+# App Key should be setted to any random, *32 character* string,
 # otherwise all the encrypted strings will not be safe.
 #
 # You can run [php artisan key:generate] to generate a new key.

app/Services/Cipher/CrazyCrypt1.php

@@ -0,0 +1,22 @@
+<?php
+
+namespace App\Services\Cipher;
+
+class CrazyCrypt1 extends BaseCipher
+{
+    /**
+     * Once SHA512 hash
+     */
+    public function hash($value, $salt = "")
+    {
+        // fucking CrazyCrypt1 uses username as salt
+        $username = $salt;
+
+        $text = "ÜÄaeut//&/=I " . $value . "7421€547" . $username . "__+IÄIH§%NK " . $value;
+        $t1 = unpack("H*", $text);
+        $t2 = substr($t1[1], 0, mb_strlen($text, 'UTF-8')*2);
+        $t3 = pack("H*", $t2);
+
+        return hash('sha512', $t3);
+    }
+}

plugins

@@ -1 +1 @@
-Subproject commit c7ac80b11bac6fd0bd9037acfb65b1c9902bc071
+Subproject commit d1b46c53773b8e4ccfc049d163d9977bae0e4fef