SamDOD Posted November 10, 2008 Share Posted November 10, 2008 i am trying to help a friend of mine who's webmaster has disappeared. He has an administrator area on his site but does not know the user name and password. I have gotten the database name, location, user name, and password. is there a way to write a php mysql qyaertyscript that can pull the username and password for the admin user? thank you for your time. Quote Link to comment Share on other sites More sharing options...
corbin Posted November 10, 2008 Share Posted November 10, 2008 If the password is one way hashed, then no you cannot retrieve it. If you have DB access, you can of course replace it. Quote Link to comment Share on other sites More sharing options...
SamDOD Posted November 10, 2008 Author Share Posted November 10, 2008 How do i replace it? or can i create a new admin as well? Quote Link to comment Share on other sites More sharing options...
corbin Posted November 11, 2008 Share Posted November 11, 2008 Well that would depend. For example, uf the password is stored as an md5 hash, you would just update it as a new md5 hash. Quote Link to comment Share on other sites More sharing options...
SamDOD Posted November 11, 2008 Author Share Posted November 11, 2008 I am sort of new to MySQL and PHP... i know how to do certain things and understand others. How would i know if it is MD5 and if it is... how do i update it. I can post the login.php file if that will help. I am just wanting to find some php code or somthing that i can run that will either replace or update the admin so that he can login to that admin section of his site. Quote Link to comment Share on other sites More sharing options...
corbin Posted November 11, 2008 Share Posted November 11, 2008 Eh posting the login file would be the easiest way for me to tell what's going on. Quote Link to comment Share on other sites More sharing options...
SamDOD Posted November 11, 2008 Author Share Posted November 11, 2008 Here is the login page. <?php session_start(); $_SESSION['logged'] = 0; $_SESSION['isadmin'] = 0; if (isset($_POST['submit'])) { //connect $connect = mysql_connect("localhost", "user", "pass") or die ("no DB connection"); //select DB mysql_select_db("database1"); //select data $select = "SELECT * FROM User " . "WHERE UserName = '" . $_POST['username'] . "'"; $results = mysql_query($select) or die(mysql_error()); while ($row = mysql_fetch_assoc($results)) { foreach ($row as $val1) { $jobarray[] = $val1; }} if ($_POST['username'] == $jobarray[1] && $_POST['password'] == $jobarray[2]) { $_SESSION['logged'] = 1; header ("Refresh: 5; URL=\"adminswitch.php");?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" /> <title>Administrative Login - MedPointSearch</title> <link href="medpoint.css" rel="stylesheet" type="text/css" /> </head> <body> <table width="400" border="0" cellpadding="5" class="callout" align = "center"> <tr> <td><table width="400" border="0" cellpadding="3" align = "center"> <tr> <th align="center"><div align="center"><img src="images/joblist_logo.png" width="404" height="68" /></div></th> </tr> <tr> <td><div align="left"><br /> <table align="center"><tr><td></td> <span class = "formcopy">You are being redirected to the administrative switchboard<br /> (If your browser doesn't support automatic redirection, <a href="adminswitch.php">click here</a>)</span></tr> <br /><br /> <tr></tr> <td> <?php if ($jobarray[3] == 1) { $_SESSION['isadmin'] = 1; } } else { ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <script> <!-- function setFocus() { document.login.username.focus(); } // --></script> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" /> <title>Administrative Login - MedPointSearch</title> <body onLoad="setFocus()"> <table width="400" border="0" cellpadding="5" class="callout" align = "center"> <tr> <td><table width="400" border="0" cellpadding="3" align = "center"> <tr> <th align="center"><div align="center"><img src="images/joblist_logo.png" width="404" height="68" /></div></th> </tr> <tr> <td><div align="left"><br /> <table align="center"> <tr> <th bgcolor="#FFFFFF"><span class = "formcopy">Invalid Username and/or Password.</span><br /> <br /></th> </tr><tr> <td bgcolor="#FFFFFF"><? if (isset($_GET['redirect'])) { $redirect = $_GET['redirect']; } else { $redirect = "index.php"; } ?><span class="formcopy"> <form action="login.php" method="post" name="login"> <input type="hidden" name="redirect" value="<?php echo $_GET['redirect']; ?>"> Username: <input type="text" name="username"><br><br> Password: <input type="password" name="password"><br><br> <input type="submit" name="submit" value="Login"> </form></span></td></tr> </table> <br><br> </p> <?php } } else { ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <script> <!-- function setFocus() { document.login.username.focus(); } // --></script> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" /> <title>Administrative Login - MedPointSearch</title> <link href="styles/typography.css" rel="stylesheet" type="text/css" /> <link href="styles/framework.css" rel="stylesheet" type="text/css" /> <body onLoad="setFocus()"> <table width="400" border="0" cellpadding="5" class="callout" align = "center"> <tr> <td><table width="400" border="0" cellpadding="3" align = "center"> <tr> <th align="center"><div align="center"><img src="images/joblist_logo.png" width="404" height="68" /></div></th> </tr> <tr> <td><div align="left"><br /> <table align="center"> <tr> <th bgcolor="#FFFFFF"><span class = "formcopy">You are not logged in.</span><br /> <br /></th> </tr><tr> <td bgcolor="#FFFFFF"><? if (isset($_GET['redirect'])) { $redirect = $_GET['redirect']; } else { $redirect = "index.php"; } ?><span class="formcopy"> <form action="login.php" method="post" name="login"> <input type="hidden" name="redirect" value="<?php echo $_GET['redirect']; ?>"> Username: <input type="text" name="username"><br><br> Password: <input type="password" name="password"><br><br> <input type="submit" name="submit" value="Login"> </form></span></td></tr> </table> <br><br> </p> <?php } ?> </body> </html> Quote Link to comment Share on other sites More sharing options...
corbin Posted November 11, 2008 Share Posted November 11, 2008 Ah, it appears that it's not encrypted then. A simple UPDATE User SET Password = 'newpassword'; Should work. (Assuming the Password column is called password. Oh, that script is horrible, by the way. Not getting into that though since that's not what the thread is about. Quote Link to comment Share on other sites More sharing options...
BioBob Posted November 11, 2008 Share Posted November 11, 2008 If the password is one way hashed, then no you cannot retrieve it. If you have DB access, you can of course replace it. Not entirely true. I wont tell you how but you can crack MD5 hashed strings. However as everyone else has probably said, probably just update the password using md5($new_pass) to replace whats in the database and you should have access now. Quote Link to comment Share on other sites More sharing options...
corbin Posted November 11, 2008 Share Posted November 11, 2008 I've been around long enough to know the follies of MD5. I was just saying that for this thread. No reason for him to break out a rainbow table when he can just replace the password. lol If the password is one way hashed, then no you cannot retrieve it. If you have DB access, you can of course replace it. Not entirely true. I wont tell you how but you can crack MD5 hashed strings. However as everyone else has probably said, probably just update the password using md5($new_pass) to replace whats in the database and you should have access now. So you didn't even read the entire thread? The password is stored in plain text. So you pretty much came in the thread, saw what I wrote and felt the need to correct it? Nice. Sounds like something I would do lol. Quote Link to comment Share on other sites More sharing options...
SamDOD Posted November 11, 2008 Author Share Posted November 11, 2008 thank you for all your help. I really appreciate it! Quote Link to comment Share on other sites More sharing options...
corbin Posted November 11, 2008 Share Posted November 11, 2008 I'm not sure why I was so dead set on updating yesterday, by the way. I guess I was still thinking hash lol. You don't have to update the password since it's in plain text. You can just SELECT it. SELECT Password from Users WHERE username = 'somename'; Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.