Jump to content

anyone know how I can get, "getboo" to not encrypt password in mysql

cosmoshell

By cosmoshell
in PHP Coding Help

Recommended Posts

cosmoshell Newbie

cosmoshell

Posted
Posted

I edited all the php files so I could have a users table, only problem is when another script goes to read the password it cant becouase its hashed or encrypted, anyone know of any quick and dirty little changes i can make so the password is readable by other scripts?

cosmoshell Newbie

cosmoshell

Posted
  • Author
Posted

If your passwords are stored with SHA or MD5 hashes, then there is no unencrypting possible.

I mean to not have the password "SHA or md5" in the first place. right now I have ardvark topsites and getboo doing this. theres got to be a simple way to turn off or remove the code that does this.
Mark Baker Member

Mark Baker

Posted
Posted

Why do your scripts need to read the password?

If for logging in, then you hash the password that the user has entered (using md5), and then compare it with the value that's in the database.

There is no good reason why you should need to see the values from the database in plaintext.

pastcow Newbie

pastcow

Posted
Posted

As everyone else has said there is no way to reverse all MD5 hashes - you can however construct a database of MD5'd strings and binary search them

 

http://www.idontplaydarts.com/code/reverse-md5/

http://md5.gromweb.com/

 

This however is not really practical for what you want to do..

 

If you need to use the password for something (like sending a password reminder) its probably best just to send a link to the users email that they can then use to reset their password..

cosmoshell Newbie

cosmoshell

Posted
  • Author
Posted

As everyone else has said there is no way to reverse all MD5 hashes - you can however construct a database of MD5'd strings and binary search them

 

http://www.idontplaydarts.com/code/reverse-md5/

http://md5.gromweb.com/

 

This however is not really practical for what you want to do..

 

If you need to use the password for something (like sending a password reminder) its probably best just to send a link to the users email that they can then use to reset their password..

I was saying to not have them hashed in the first place. however I noticed earlier that its not even writing to the table in the first place, so maybe the hash isent the problem anyways lol.

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.