Storm - The CC Package Manager

---

Welcome to Storm. Storm is a Online Package Manager for the CC mod. You can create an account on the Storm website, upload programs and list your programs. With the storm application for CC you can download programs from Storm directly into Minecraft.

Enter this command to download the Storm Application onto your computer:

pastebin get PT758GS8 storm

How the Storm Application does work:

storm install (or i) <stormnumber> <filename>

Website: www.bitnut.de/storm


Coming soon:

• Multiple files in a project.

100th post :D/>

I registered on the website, and tried to upload Firewolf, but when I clicked upload (after filling out the form), it just said Error. Back.

Nice website by the way. Did you use ruby on rails for it? :P/>

Yes sry database is offline. I have written an email to the host and wait for that the database is going online again -.-

Edit: The website is not created with Ruby on Rails but it seems to be intresting so I will check it out :D/>

Website looks nice :P/>

Could you increase the size of the Script box? xD Quite small :o/>
I know you can manually but the default size should be bigger xD

Registration problem:
When registering, the repeat password field doesn't play a role, you can enter two random passwords and it says successful but the first password is the one to login with.

Looks interesting!

So, you can only have one file? It's basically like pastebin.

Okay. The Database does work right again.

remiX, on 27 March 2013 - 03:27 AM said:

Website looks nice :P/>

Could you increase the size of the Script box? xD Quite small :o/>
I know you can manually but the default size should be bigger xD

Registration problem:
When registering, the repeat password field doesn't play a role, you can enter two random passwords and it says successful but the first password is the one to login with.

Size has been increased.

Registration problem will be fixed soon. Thank you for the notice.

Just before I put in any password what-so-ever I would like to make sure you are not using something insecure like MD5 or SHA1. Also, you using a good salt?

Sammich Lord, on 27 March 2013 - 08:20 AM said:

Just before I put in any password what-so-ever I would like to make sure you are not using something insecure like MD5 or SHA1. Also, you using a good salt?

Its saved by MD5 but if you like I will change it tomorrow.

I urge you to NEVER use MD5. It is very insecure. I would recommend something such as SHA512 or something like blowfish.

How would you implementate it into PHP?

I would use this command:
$hashedpwd = hash("sha512", $password)

kornichen, on 27 March 2013 - 08:53 AM said:

How would you implementate it into PHP?

I would use this command:
$hashedpwd = hash("sha512", $password)

Make sure to use a secure salt. I normally also hash passwords in other algorithms as well as adding multiple salts along the way. Google to find out a good way to hash passwords and keep them secure.

Would it be okay if I did it like this:

<?php
$hashed_password = crypt('mypassword'); // let the salt be automatically generated

/* You should pass the entire results of crypt() as the salt for comparing a
password, to avoid problems when different hashing algorithms are used. (As
it says above, standard DES-based password hashing uses a 2-character salt,
but MD5-based hashing uses 12.) */
if (crypt($user_input, $hashed_password) == $hashed_password) {
echo "Password verified!";
}
?>
Copied from Php.net

Or do you can send me a way to encrypt it (sorry but I don't used php before.)

Find a random salt generator and have each user have their own salt for their password.
And then hash them in different ways about 5+ times for good security.

remiX, on 27 March 2013 - 10:12 AM said:

And then hash them in different ways about 5+ times for good security.

Blowfish is epic. It can loop the encryption process multiple times with one arg depending on how secure you want.

Very nice and simple site!

oeed, on 27 March 2013 - 07:19 PM said:

You might want to remove/fix the downloads page link.

The requested URL /storm/download.html was not found on this server.

Will be fixed in a few minutes.

Message to everybody who registered yesterday or today until 8:20 am UTC+01:
I am sorry but you have to register again because I cleared the database therewith passwords now are saved with Hash and Salt therefore it is very securly now.

You can still enter any password for the repeat password field… still works ;p

When uploading scripts, you can only give one script.
Maybe add a option to add folders etc (will be quite difficult but oh well :P/>) and then people can have their apis etc and people can download as ZIP, if people don't want to upload their installer.

EDIT:
Uploading a script:

Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in /var/customers/webs/ni9005_3/bitnut/storm/upload.php on line 22 Error. Back

xD

remiX, on 27 March 2013 - 10:12 AM said:

And then hash them in different ways about 5+ times for good security.

Have a read, particularly of answers 1 and 2… you will want to retract your "for good security" or "in different ways" statement… http://programmers.s...-multiple-times

TheOriginalBIT, on 27 March 2013 - 09:42 PM said:

remiX, on 27 March 2013 - 10:12 AM said:

And then hash them in different ways about 5+ times for good security.

Have a read, particularly of answers 1 and 2… you will want to retract your "for good security" or "in different ways" statement… http://programmers.s...-multiple-times

Oh. Bummer.
Good read. Thanks for showing me this.

remiX, on 27 March 2013 - 09:48 PM said:

Oh. Bummer.
Good read. Thanks for showing me this.

No problems. For anyone who didn't read it, or was like TL;DR

highlights

1. it is not good to do multiple hashing with different hash functions "[left]it will reduce entropy rather than increase it."[/left]
2. if you do, do multiple hashes it is only ever as strong as your weakest hash
3. if you insist on doing multiple hashes, do it with the same strong hash function as this "[left]makes the hashing process more computationally expensive" meaning all they have left to do is brute force the hash.[/left]

remiX, on 27 March 2013 - 09:36 PM said:

You can still enter any password for the repeat password field… still works ;p

When uploading scripts, you can only give one script.
Maybe add a option to add folders etc (will be quite difficult but oh well :P/>) and then people can have their apis etc and people can download as ZIP, if people don't want to upload their installer.

I will add option to add multiple script files to a project today or tomorrow.

kornichen, on 27 March 2013 - 12:18 AM said:

STORM - © 2013 kornichen

Storm your programs forward

---

Welcome to Storm. Storm is a Online Package Manager for the CC mod. You can create an account on the Storm website, upload programs and list your programs. With the storm application for CC you can download programs from Storm directly into Minecraft.

Enter this command to download the Storm Application onto your computer:

pastebin get PT758GS8 storm

How the Storm Application does work:

storm install (or i) <stormnumber> <filename>

Website: www.bitnut.de/storm


Coming soon:

• Multiple files in a project.

100th post :D/>/>

Please Upload It To Pastebin Again

Following the verification link on the email:
http://bitnut.de/con...acfdaf9ffe48240

Not Found
The requested URL /confirmMail.php&amp;username=bunny365&amp;code=63e433c0db37941a6acfdaf9ffe48240 was not found on this server.

Changed it:
http://bitnut.de/storm/confirmMail.php?username=bunny365&amp;code=63e433c0db37941a6acfdaf9ffe48240

Duplicate entry '' for key 'email'

Please fix.

Can I use this for my Simple Downloader program?

EDIT: Which will be included in my CC OS

EDIT: Link to my program I want to include this in: https://tinyurl.com/nevkkcg