Go Back   vb.org Archive > Community Discussions > Modification Requests/Questions (Unpaid)
FAQ Community Calendar Today's Posts Search

Closed Thread
 
Thread Tools Display Modes
  #1  
Old 08-22-2003, 05:06 AM
kid_ttvn kid_ttvn is offline
 
Join Date: May 2003
Location: VIETNAM
Posts: 10
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Admin : know password of member

Have any hack force admin know pass of memmber???

Thanks
  #2  
Old 08-22-2003, 05:41 AM
pie pie is offline
 
Join Date: May 2003
Location: Devon, England
Posts: 226
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

That could be done many ways, but the easiest is to take off md5 encryption and thats not what u want really.

There is a reason that users have passwords!!!!!!!
  #3  
Old 08-22-2003, 06:46 AM
Erwin's Avatar
Erwin Erwin is offline
 
Join Date: Jan 2002
Posts: 7,604
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Not possible.
  #4  
Old 08-22-2003, 11:56 AM
pie pie is offline
 
Join Date: May 2003
Location: Devon, England
Posts: 226
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

@Erwin... There are a few ways i got in mind that'd work. Ill pm them if your interested but dont want others to get hold of them.
  #5  
Old 08-22-2003, 01:27 PM
Alcar Lazuli Alcar Lazuli is offline
 
Join Date: Sep 2002
Location: Ozztralia
Posts: 11
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

It's not possible. md5 encryption is one way. The only way around it is too remove the md5 system completely. Then you would have to update everyone's passwords, not too mention the changes to files.

It's not worth it in my opinion.
  #6  
Old 08-22-2003, 01:44 PM
NTLDR's Avatar
NTLDR NTLDR is offline
Coder
 
Join Date: Apr 2002
Location: Bristol, UK
Posts: 3,644
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

This has been discussed many times, each time resulting in the majority of the hackers saying the wouldn't release a hack to remove the md5()'ing of passwords.

Indeed md5 is one way, it is posible to brute force the hash though (However, that doesn't mean you'll get the same word as it is posible, just not likly for two different strings to have the same md5 sum).
  #7  
Old 08-22-2003, 06:00 PM
drives fast's Avatar
drives fast drives fast is offline
 
Join Date: Nov 2001
Posts: 263
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

it would be real handy for me though since for some reason.....90% of my members receive the "Invalid e-mail address" error screen when they try to reset their passwords.....without the encryption like it was back when I first bought vbulletin....I could tell them their passwords..

now I have to have them send me a password and reset it through the admin.....so what good is the encryption if I have to get them to send me one?
  #8  
Old 08-22-2003, 06:22 PM
NTLDR's Avatar
NTLDR NTLDR is offline
Coder
 
Join Date: Apr 2002
Location: Bristol, UK
Posts: 3,644
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Well thats the members fault if they don't keep their email address upto date.

Perhaps a radical suguestion, but you could give them a password and send it to them
  #9  
Old 08-22-2003, 09:50 PM
Neo's Avatar
Neo Neo is offline
 
Join Date: Oct 2001
Location: Anywhere
Posts: 1,817
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

The problem is, is that most hackers are to lazy to make up their own hashing process which they make the abilities to hash and unhash certain context while still keeping security.

It would be really easy to make something like this.
  #10  
Old 08-22-2003, 10:03 PM
filburt1 filburt1 is offline
 
Join Date: Feb 2002
Location: Maryland, US
Posts: 6,144
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I'm sorry but for security reasons, I can't allow this discussion to continue. There are no direct ways as Erwin said, anyway.
Closed Thread


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 01:32 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.07239 seconds
  • Memory Usage 2,240KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (10)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete