Log in

View Full Version : Encryption Seed?

jrwap
06-09-2006, 03:01 PM
I am trying to integrate a script with vB and I am missing one small item that seems to have changed from 3.0 to 3.5.

You need to open the following files in your vBulletin (v3.x) package: sessions.php
which locates in: /path/to/vb3/includes/sessions.php
Look for this:
---------------------------------------------------------------------------------
/*================================================= =====================*\
|| ################################################## ################## ||
|| # vBulletin 3.0.0 Beta 3 - Licence Number [ENCRYPTION SEED HERE]
|| # ---------------------------------------------------------------- # ||
---------------------------------------------------------------------------------
or search for: md5($bbuserinfo['password']
----------------------------------------------
It will take you to:
if (md5($bbuserinfo['password'] . '[ENCRYPTION SEED HERE]') == $_COOKIE['bbpassword'])
================================================== ================================
Take a note of the "string" where it says [ENCRYPTION SEED HERE]. For example:
EX:
if (md5($bbuserinfo['password'] . '916875ca') == $_COOKIE['bbpassword'])
The string for [ENCRYPTION SEED HERE] is 916875ca


Since sessions.php is not included in the newer versions, where can I find the encryption seed?

Thanks,

-JRW
jrwap
06-11-2006, 11:22 PM
Anyone?
Kirk Y
06-11-2006, 11:24 PM
Is it your license number?
Zachery
06-12-2006, 12:02 AM
class_core.php
jrwap
06-12-2006, 07:04 PM
Thanks for the reply. Its not your customer number...

I checked out class_core.php and found 2 lines that were similar but no encryption seed. It has 'salt' in its place.

Any more ideas?

-JRW
Zachery
06-12-2006, 07:09 PM
I'm not sure exactly what you are looking for?
jrwap
06-12-2006, 07:11 PM
I posted the instructions above. Its looking for a number which (it seems) is unique. I have to take that 'number' or code and insert it in another script for them to work together.

For those wondering... this is for nePHP.

-JRW
MrZeropage
06-12-2006, 07:40 PM
Not sure if I catched what you want, but vBulletin 3.5 automatically uses its own "seed" named "salt".

Each user gets a "salt"-value which is stored in DB (per user) and attached to the first md5-password-hash.

So md5(md5($password).$salt) is how they did it, which is alot better than having a common (unique per forum) salt ;)
Adult SEO
06-19-2006, 03:37 PM
Doesn't seem to work in 3.5.4

I tried md5(md5($password).$salt) but it doesn't work.

The salt is 3 characters in VB 3.5.4 btw:
salt char(3)

Please help!
jrwap
06-19-2006, 03:41 PM
Doesn't seem to work in 3.5.4

I tried md5(md5($password).$salt) but it doesn't work.

The salt is 3 characters in VB 3.5.4 btw:
salt char(3)

Please help!

I emailed Kenny and guess what.... NO RESPONSE.... guess I shouldn't be shocked by that!!

-JRW

I emailed Kenny and guess what.... NO RESPONSE.... guess I shouldn't be shocked by that!!

-JRW

Actually, Kenny just emailed me. I guess they are not releasing patches any more. They simply ask for your FTP details and will do the upgrade themselves. Interesting way of doing things....

-JRW