Thread: vBulletin SHA1 Workaround?
View Single Post
  #5  
Old 07-07-2007, 08:15 AM
agallian86 agallian86 is offline
 
Join Date: Jun 2007
Posts: 14
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by Marco van Herwaarden View Post
Although not advised from a security POV, you can set 'DISABLE_PASSWORD_CLEARING' to true in your config.php, and the passwords will be passed to the server unencrypted.
Seems like a great step to what I need accomplished.

Though, since it would be now sent in plain text, would it be possible to call an SHA hash to compare against the SHA hash I have stored on the database (from SMF)? And then have that authenticate old users. And call an MD5 hash to compare against an MD5 hash stored in the database (from vBulletin).

Basically something like:
-capture pass in clear text
-sha hash it, if it matches the pw on the db allow login, else
-md5 hash it, if it matches the pw on the db allow login, else
-reject login credentials

I'm not interested in getting the passwords for my users per se, I'm interested in being able to compare old users passwords to their SHA hash from the old forum I was using and then (optionally) if that password works setting it to replace the pw field with the md5 hash so that eventually I could do away with the SHA hashing once everyone effectively gets their passwords md5'd. New users would simply work with the normal vBulletin hashing scheme and not have any issues.

I hope I'm conveying my need clearly, thanks for the directions thus far guys!
Reply With Quote
 
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.02446 seconds
  • Memory Usage 1,762KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD_SHOWPOST
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)bbcode_quote
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_box
  • (1)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit_info
  • (1)postbit
  • (1)postbit_onlinestatus
  • (1)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • reputationlevel
  • showthread
Included Files:
  • ./showpost.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showpost_start
  • bbcode_fetch_tags
  • bbcode_create
  • postbit_factory
  • showpost_post
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • showpost_complete