[pmwiki-users] UserAuth2 passwords
Patrick R. Michaud
pmichaud at pobox.com
Fri Aug 15 11:24:29 CDT 2008
On Fri, Aug 15, 2008 at 05:45:35PM +0200, Julius wrote:
> Basically I have most of it down already, except
> for the password in the username file that is stored
> in the /profiles folder;
>
> a:1:{s:8:"password";s:34:"$1$FT05O74q$qihwyVHOsZvlv/uFQi14j1";}
> This password for example is "testing".
>
> How are the passwords encrypted? What code is used for that?
> (i.e. I'd like to reverse engineer that part,
> so I can do a functional conversion).
>
> Thanks in advance for any help with this.
If you're asking how the passwords are encrypted -- generally we
tend to use PHP's built-in crypt() function to do it. The example
you gave above looks like it was generated using crypt().
If you're asking how to convert an encrypted password like the
above back into its cleartext representation, there's not really
a way to do it (short of various brute-force testing methods).
More about crypt() is available at
http://www.php.net/crypt
http://en.wikipedia.org/wiki/Crypt_(Unix)
Pm
More information about the pmwiki-users
mailing list