vb.org Archive - vBulletin SHA1 Workaround?

Page 2 of 2

Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)

- vB3 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=111)

- - vBulletin SHA1 Workaround? (https://vborg.vbsupport.ru/showthread.php?t=151539)

Marco van Herwaarden

07-09-2007 05:17 PM

No you got the function of this constant wrong. When set vBulletin will still sent the hashed password to the server, and will still do the password check on the hashed password. It will however also sent the unencrypted password in a seperate variable to the server to be processed on the server side. (Normal the unencrypted password is not sent over the network to the server but stripped on the client side).

agallian86

07-09-2007 05:32 PM

Quote:

Originally Posted by Marco van Herwaarden (Post 1286855)

It will however also sent the unencrypted password in a seperate variable to the server to be processed on the server side.

I see. So, what exactly do I need to do on the db server side?

Is there a location these seemingly undocumented things are...documented?

Thanks guys.

Marco van Herwaarden

07-09-2007 07:42 PM

Hmm what you COULD do:
- Check if the MD5 password matches
- If not encrypt the unencrypted password with SHA1, and check the password. If it is a match, re-hash the unencrypted password with MD5 and write to the database so the next attempt will match the normal MD5 hash vBulletin uses.

After some time most SHA1 hashed passwords should be gone.

agallian86

07-09-2007 07:50 PM

Quote:

Originally Posted by Marco van Herwaarden (Post 1286965)

That's actually the plan.

The only thing is, I'm not sure how to actually implement it.

Any ideas?

Muppettt

07-09-2007 08:33 PM

I am also interested in how to check if the md5 passwords match for a script i am currently working on

https://vborg.vbsupport.ru/showthread.php?t=151787

agallian86

07-09-2007 10:26 PM

Well thanks for the hijacking, someone would've seen your thread.

Alas, I have a feeling if any progress is made for either one of our causes it'll be helpful to the other.

Marco van Herwaarden

07-10-2007 05:24 AM

To get assistence in coding these plugins, please post in Programming Discussions

Muppettt

07-11-2007 07:47 PM

Quote:

Originally Posted by agallian86 (Post 1287098)

Well thanks for the hijacking, someone would've seen your thread.

Alas, I have a feeling if any progress is made for either one of our causes it'll be helpful to the other.

They may of seen it but failed to give any reasonable answer/explaination as usual.

All times are GMT. The time now is 08:06 PM.

Page 2 of 2

Show 40 post(s) from this thread on one page

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.01136 seconds Memory Usage 1,729KB Queries Executed 10 (?)
More Information
Template Usage: (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (3)bbcode_quote_printable (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)pagenav (1)pagenav_curpage (1)pagenav_pagelink (1)post_thanks_navbar_search (1)printthread (8)printthreadbit (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit showthread	Included Files: ./printthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/class_bbcode_alt.php ./includes/class_bbcode.php ./includes/functions_bigthree.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete printthread_start pagenav_page pagenav_complete bbcode_fetch_tags bbcode_create bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete printthread_post printthread_complete
Messages: