Is there a hack to let me see users passwords
 

And if so were can I find it

<i>Nope, I believe passwords are encrypted in the database.</i>

They are encrypted, and I think that's a good thing. I imagine most users use the same password for most of there accounts, and personally, I'd rather admins on all the boards I've signed up on not be able to get my password.

Why would you want to do such a thing anyway?

I would suggest closing this thread, since the OP is requesting information to commit an "unethical act" :)

You have no evidence of what he intends to do ;)

The answer however is no, it can't be done.

Not if I choose to remove your post :p

I disagree Paul M, everything can be done, you just got to know how.

You can disagree all you want, but you still can't display something that does not exist.

you could probably remove all encryption from every page which is effected by encryption and then newly registered/changed ones would be unencrypted.. but that really really wouldn't be a smart move at all.

this is just a guess though.

Feel free to post again once you have figured it out.

It's not as simple as "seeing" passwords from the database, but it can be done, and I won't post how publicly.

EDIT: to all the people who are PMing me, asking how to do it, don't bother lol.

so... Analogpoint fancy sending me that? via PM

Absolutely not.

But again, what would you want such a thing for?

Well about 1.5 year ago my friend signed up on a forum for psp games and then his computer got hacked, it took him ages to save back up for a nice new laptop, he used a froum master pass which he forgpt and since i recently became and admin on that and befroe that bought my own vbullletin site he thought I could help him

/login.php?do=lostpw

Just have him do that on whatever forums he lost his password for. BTW when his computer got hacked, did he reformat or something? Little confused about the laptop part.

Feel free to PM me with your solution.

PS If you think rainbow tables is the solution, then you can forget it. ;)

His computer got hacked so he brought a new one?! That made me LOL! Does he really know nothing about computers :p

If only people learnt to read the "Forgotten Password" text. Oh wait isn't it displayed on every failed login page?
Hmmmm something doesn't smell right. :confused:

cool so ill they send him his pass via email?

--------------- Added [DATE]1195320984[/DATE] at [TIME]1195320984[/TIME] ---------------

oh wait this happens when i click send pass to email for his account:
The requested URL /login.php was not found on this server.

--------------- Added [DATE]1195321122[/DATE] at [TIME]1195321122[/TIME] ---------------

and he says this doesnt send him his odl pass which is what he wants

No, I don't have time to d/l 60 gigs of rainbow tables. :)

Whoever thinks they can get users passwords after encryption must have some talent, as far as I know its virtually impossible & if someone has worked that out it would have taken some time & effort to do so which worries me as why would someone go to that trouble? I really wouldnt want to know either. All i would say is that if I was the persons user of the forum, I would be seriously concerned.

You can't you only have the option to reset passwords. Why do you need to know the exact old password anyway? All options will be available by resetting the password.

nah cos he used it for like all the forums then he had one for games on one for ebay, amazon ect. so he asked me to get it for him but nvm lol this seems to have caused to much contorversey

I try do that
It work if password was english
go to phpmyadmin
then open user table you will find password as MH5
all what you need know convert it from mh5 to real entry
there are many tool crack mh5 try google

as I say I try this with english just

and maybe not work now

ok so can anyone recomend a good tool to crack this?

BTW this is what my password file says:
password varchar(50) latin1_swedish_ci No

--------------- Added [DATE]1195344312[/DATE] at [TIME]1195344312[/TIME] ---------------

wait ok so i see his pass it is something like this:
cfed53f0c485700bd1e717160ec4499f

how can i turn this into real letters?

You seem to be missing what everyone is saying. You cannot. What is stored is not the password, not really even a encrypted version of the password, but a hash of it. This is a one way function, you cannot recover the text based on it.

Heres a suggestion.. Which may help you.. where the forms are for user login why not just add another function that records what they entered if everything validates as true?

Unknown, dont give him any ideas. He OBVIOUSLY does not want to do this to any good with,
As for this "error" your "friend" is recieveing apon trying to send his new password, if login.php did not exist, noone would go to the forum anymore, therefore voiding any use of recovering any password.

Passwords can be changed not viewed, they can be changed by converting a string to md5 and pasting it in the user table under password (if i remember correctly)

You'd have to incorporate the user's salt into the hash as well. Wouldn't it be easier to change their password in the ACP?

yeah, but i remember having my admin password changed on my old boards (like 3 years ago?)
and i was able to use that method.
they must have changed it :D

So you want to access your old Admin accounts on forums to which you don't Administer anymore?