Results 1 to 10 of 10
-
06-09-2005, 11:48 PM #1Web Hosting Guru
- Join Date
- Aug 2002
- Location
- Canada
- Posts
- 315
need to crack a PW in PHPBB via myphpadmin
Hey all,
Not sure if anyone can help me, i forgot a password in phpbb and instead of screwing with anything i was wondering if there is a way to decode the cripted password that is listed in myphpadmin.
which is e5a86e2d3dc4264c41583f3cb5ff8dba
-
06-10-2005, 01:02 AM #2WHT Addict
- Join Date
- Mar 2004
- Posts
- 158
No. Those hashes are one way. Just reset it to a known password.
-
06-10-2005, 02:01 AM #3Web Hosting Master
- Join Date
- Dec 2002
- Posts
- 1,304
Something tells me that isnt his own MD5sum and his story isnt quite truthful
If thats the case, all is *perhaps* not lost, but its going to cost you a lot of CPU time. MD5 hashes are crackable by either brute-forcing it or if you are very lucky, finding a collision value that produces the same hash value.
Google for 'md5 collision table'. Someone out there has a site where you can submit a hash and it will be searched against a huge database of known hashes.
It might be helpful if you know the forum's salt (if it uses one).
I think in this case that bruteforcing is probably your best bet. In the interest of the public, I will not link you directly to such utilities, but a 5 minute googling should be illuminating."The only difference between a poor person and a rich person is what they do in their spare time."
"If youth is wasted on the young, then retirement is wasted on the old"
-
06-10-2005, 02:21 AM #4Web Hosting Guru
- Join Date
- Jan 2005
- Posts
- 319
couldn't you create another instance of phpbb using your hashed password, then replace this hash with the one you showed above and then you can get in?
unless you don't want the owner of the database to know the password has been changed ;-)
-
06-10-2005, 08:46 AM #5Engineer
- Join Date
- Jan 2005
- Location
- Scotland, UK
- Posts
- 2,681
If he already had database access, you would just change your password.
Update your password too 4f4986dcc6b54a4e967585878498dfdc
and then login with the password hostgeekz and reset it.Server Management - AdminGeekZ.com
Infrastructure Management, Web Application Performance, mySQL DBA. System Automation.
WordPress/Magento Performance, Apache to Nginx Conversion, Varnish Implimentation, DDoS Protection, Custom Nginx Modules
Check our wordpress varnish plugin. Contact us for quote: sales@admingeekz.com
-
06-11-2005, 08:25 PM #6Junior Guru Wannabe
- Join Date
- Nov 2004
- Location
- Edmonton, Alberta
- Posts
- 93
Why don't you use the password recovery utility built into phpbb, just below login "I forgot my password link" Thats why it is there. If it is the Admin password, then why don't you look it up in the config file. However if your truly the admin, the pasword recovery utility would work.
Jim Brown, BSc
Alberta Internet Host Providers Ltd.
-
06-11-2005, 10:50 PM #7Web Hosting Master
- Join Date
- Jul 2004
- Posts
- 930
Originally posted by jethbrown
Why don't you use the password recovery utility built into phpbb, just below login "I forgot my password link" Thats why it is there. If it is the Admin password, then why don't you look it up in the config file. However if your truly the admin, the pasword recovery utility would work.
-
06-11-2005, 11:54 PM #8Web Hosting Master
- Join Date
- Mar 2004
- Location
- New Jersey
- Posts
- 798
I haven't been to Fishtown for a long time, yet sometimes things still smell fishy to me... hmmm...
-
06-12-2005, 12:29 AM #9Junior Guru Wannabe
- Join Date
- Nov 2004
- Location
- Edmonton, Alberta
- Posts
- 93
Originally posted by Criminal#58369
Maybe it was hacked? And they changed his email so he couldnt recover his pass? Or change it?Jim Brown, BSc
Alberta Internet Host Providers Ltd.
-
06-12-2005, 12:33 AM #10Web Hosting Master
- Join Date
- Nov 2004
- Location
- India
- Posts
- 1,104
Follow these steps to reset it,
1. Register a new user in the phpbb and remember the password.
2. Login to mysql using ssh
3. Execute the follow query in mysql,
select * from phpbb_users;
4. Now in the last of that query's result you will find the username which you have registered and its password. For example we will assume his password is
102087ef20bdb802b248d7182270dbbc
5. Copy the password
6. Now execute the following command in mysql,
select * from phpbb_users limit 0,5;
Here you can see the admin user's details with his password.
7. Now execute the following command in mysql to reset his password,
update phpbb_users set user_password = '102087ef20bdb802b248d7182270dbbc' where username = 'admin';
So now the newly registered user's password is used for the admin user's password. In order to do this you need shell access, if you don't have contact your hosting support.AssistanZ - Beyond Boundaries...
Cloudstack Consultancy / 24x7 Web Hosting Support / 24x7 Server Management / Infrastructure Management Services
Web & Mobile Apps Development / Web Designing Services / Php, Grails, Java Development