467,879 Members | 1,331 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 467,879 developers. It's quick & easy.

What kind of password begin with *9D87... in the database?

matheussousuke
100+
I have a password like this

Expand|Select|Wrap|Line Numbers
  1. *9W0C5CB2A08313B8A04E63A80F1E6F01F3LK3876

on my database, I'm currenlty working on a script that changes the admin password and send it for the admin e-mail, but it changes to MD5, I tried to put sha-1, but even so, sha-1 also does not works. The password should begin with a asterisk "*", and it does not when I use SHA-1 or MD5.


The part of the code that does that is this one:


Expand|Select|Wrap|Line Numbers
  1.      //Generate a RANDOM MD5 Hash for a password
  2.      $random_password=md5(uniqid(rand()));
  3.  
  4.      //Take the first 8 digits and use them as the password we intend to email the user
  5.      $emailpassword=substr($random_password, 0, 8);
  6.  
  7.      //Encrypt $emailpassword in MD5 format for the database
  8.      $newpassword = md5($emailpassword);
  9.   // Make a safe query update administrator set sPassword = '$newpassword
  10.             $query = sprintf("UPDATE administrator SET sPassword='$newpassword'",
  11.                      mysql_real_escape_string($newpassword));
  12.  
  13.                      mysql_query($query)or die('Could not update members: ' . mysql_error());
  14.  


Thank you
Oct 7 '10 #1
  • viewed: 1255
Share:
8 Replies
dlite922
Expert 1GB
That's a mysql generated password. see MySQL function PASSWORD().

Dan
Oct 7 '10 #2
matheussousuke
100+
thx a lot, buddy. :-)

Really helped, I've been after this all daylong.


How can I apply it on the code above?
Oct 7 '10 #3
dlite922
Expert 1GB
use SHA-1. I believe Mysql.password() and md5() are already cracked.

Dan
Oct 7 '10 #4
matheussousuke
100+
oh, I forgot to tell, that's the first time I'm messing with php forgot password script, I tried once, but could not make anything work.

I'm a php newby.

Yes, MD5 and that other are already cracked, but unfortunately there are more than 6 scripts on the sistem that use PASSWORD(), tried changing to MD5, SHA-1, could not help.



Is that the way to use PASSWORD() ???


Expand|Select|Wrap|Line Numbers
  1.  
  2.  $query = sprintf("UPDATE administrator  PASSWORD=sPassword('$newpassword')",
  3.                      mysql_real_escape_string($newpassword));
  4.  
  5.  
  6.  
Oct 7 '10 #5
matheussousuke
100+
I was reading here that PASSWORD() is not a function, so how does that work?
Oct 7 '10 #6
matheussousuke
100+
u still there?
Oct 7 '10 #7
Dormilich
Expert Mod 8TB
The password should begin with a asterisk "*", and it does not when I use SHA-1 or MD5.
neither hash algorithm outputs a *, only numbers (most of the time hexadecimal)

I was reading here that PASSWORD() is not a function, so how does that work?
MySQL PASSWORD() function
Oct 8 '10 #8
matheussousuke
100+
Now I'm having an issue with the email verification.

I have another post with the same subject, forget about this one, go to: http://bytes.com/topic/php/answers/8...pt#post3611007


thx
Oct 8 '10 #9

Post your reply

Sign in to post your reply or Sign up for a free account.

Similar topics

4 posts views Thread by lawrence | last post: by
2 posts views Thread by white lightning | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.