Go Back   vb.org Archive > Community Discussions > Modification Requests/Questions (Unpaid)
Reload this Page md5(md5(password)) --> md5(password)
FAQ Members List Calendar Search Today's Posts Mark Forums Read
  #1  
Old 06-13-2005, 01:41 AM
tscbh tscbh is offline
 
Join Date: Jun 2005
Posts: 24
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default md5(md5(password)) --> md5(password)
Is there any hack that turn the complicated authentication into just md5(password) + salt. I want to validate my member against mod_auth_mysql which only take md5(password) + salt.

vBulleting Support tell me that some body outthere already made this modification. If you have any idea, please let me know.

Thanks for any suggestion

p.s. I also posted in vb2 forum. sorry wrong forum.

I solved the problem myself.

Instead of modify vb code, I modified mod_auth_mysql.c to meet the requirement of vb authentication algorithm.

For those interested, here is the code:
note: this for for mod_auth_mysql.c version 2.9.0. I don't know any other mod. I am very happy of my first ever achievement. I completed this modification within 1 hr w/o much knowledge of vb and c programing. I bought vBulletin 2 days ago :smoke: and never use any forum before. The completed source code is attached.

Repalce this:
Code:
return strcmp(real_pw,ap_md5(pool, (const unsigned char *) sent_pw)) == 0;
with this:
Code:
return strcmp(real_pw,ap_md5(pool, strcat(ap_md5(pool,(const unsigned char *) sent_pw), salt))) == 0;
Replace this:
Code:
{"md5", NO_SALT, pw_md5},
with this:
Code:
{"md5", SALT_REQUIRED, pw_md5}, //vBulletin Authentication
Reply With Quote
  #2  
Old 12-31-2006, 07:39 PM
jdalbis jdalbis is offline
 
Join Date: Nov 2006
Posts: 1
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Nice Job. Here's the version for vB 3.6.4 on RedHat ES 4 (mod_auth_mysql-2.6.1):

867c867,868
< if (encryption_type == PW_ENCRYPT_CRYPT && /* Salt is only for crypt'd passwords */
---
> if ((encryption_type == PW_ENCRYPT_CRYPT || /* Salt is only for crypt'd passwords */
> encryption_type == PW_ENCRYPT_MD5) && /* or MD5 */
902c903
< if(strcmp(real_pw,ap_md5(r->pool, (const unsigned char *) sent_pw)) == 0) {
---
> if(strcmp(real_pw,ap_md5(r->pool, strcat(ap_md5(r->pool,(const unsigned char *) sent_pw),salt))) == 0) {
904a906,916
> else if(strcmp(real_pw,ap_md5(r->pool, (const unsigned char *) sent_pw)) == 0) {
> passwords_match = 1;
> }
Reply With Quote
  #3  
Old 09-11-2008, 05:38 PM
svoeric svoeric is offline
 
Join Date: Apr 2008
Posts: 29
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Bump for a good job. I made the code changes in the first post to version 3.0.0, and it works. Thanks much!!!
2 years old, and still good info!
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 04:25 PM.

Contact Us - Archive - Top

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.03811 seconds
  • Memory Usage 2,174KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (4)bbcode_code
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (3)post_thanks_box
  • (3)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (3)post_thanks_postbit_info
  • (3)postbit
  • (3)postbit_onlinestatus
  • (3)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 
Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete