The Arcive of Official vBulletin Modifications Site.

About Developer · **Released**: 07-25-2001

I think this is the right forum...is there any way of getting a password from any of the files???

Steve Machol · #52 09-09-2002, 04:31 PM

[QUOTE]Originally posted by TECK
steve, look in admin/adminlog.php at line 308. it's still present as part of the code.

Merjawy · #53 09-20-2002, 01:18 PM

I don't know if this works for everyone or not.. but I have managed to make two admin folders.. one is old like vB2.0.0 or something like that.. and when I need to check passwords I use that side making sure command line to show password in config is there and set to 2. and I was able to see the passwords both ways.. crypted and also have seen the plain text on vB2.2.6

NTLDR · #54 09-20-2002, 04:35 PM

Quote:

Originally posted by Merjawy
I was able to see the passwords both ways.. crypted and also have seen the plain text on vB2.2.6

Now for some reason why don't I belive you

g-force2k2 · #55 09-20-2002, 06:29 PM

the only way that is possible is if you take out the md5() functions as listed by PPN... unless you got your forum from somewhere else other then vb.com they don't show passwords

regards...

g-force2k2

TECK · #56 09-21-2002, 12:42 PM

i know i will not signup with a board that can read my password. that's why i own VB.

Xenon · #57 09-21-2002, 03:54 PM

Quote:

Originally posted by TECK
i know i will not signup with a board that can read my password. that's why i own VB.

well that's the problem. An admin with some coding skills can easily change the way passwords are encryptedt by saving em in the db unencrypted also.

so you always have to trust an Admin (also an admin of a vB) that he doesn't do it....
That's why everyone should use different passwords on different pages, just a way of security

N9ne · #58 09-21-2002, 03:59 PM

Yep, I sign up on a lot of forums but make sure I use a different password on each...

Gaz.t · #59 12-19-2002, 03:41 PM

umm Best way never use the same PW as your ADMIN CP

BfB · #60 01-05-2003, 02:20 PM

FWIW, the owner of a site has installed a hack that emails him the password upon new registrations. It's not the "Who might this New User be?" hack, I'm pretty sure. He is also using the latest vBB. Read here:

Quote:

Here is a little bit more free education on vBulletin and MD5 encryption.

MD5 encryption is one-way encryption. If you have the unencrypted password, you can use vBulletin's built-in functionality to search for users with that password.

When you register, your password, unencrypted, is included in the email notification I receive.

========
There is a new user, *************** at ********* Forums
To view their profile, go here:
http://www.**********.com/forums/mem...o&userid=*****
IP Address: ***.241.245.34
Host Name:
Password: ******
Email Address : ****************@hotmail.com
========

Any ideas how he's doing this?

okrogius · #61 01-05-2003, 07:55 PM

Yes, and it's quite easy to do it to.

The question again is wy you would need clear plain text passwords. Name me one good reason and I'll be glad to help you out.

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.04508 seconds Memory Usage 2,299KB Queries Executed 25 (?)
More Information
Template Usage: (1)SHOWTHREAD (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)ad_showthread_beforeqr (3)bbcode_quote (1)footer (1)forumjump (1)forumrules (1)gobutton (1)header (1)headinclude (1)modsystem_post (1)navbar (6)navbar_link (120)option (1)pagenav (1)pagenav_curpage (3)pagenav_pagelink (11)post_thanks_box (11)post_thanks_button (1)post_thanks_javascript (1)post_thanks_navbar_search (11)post_thanks_postbit_info (10)postbit (10)postbit_onlinestatus (11)postbit_wrapper (1)spacer_close (1)spacer_open (1)tagbit_wrapper Phrase Groups Available: global inlinemod postbit posting reputationlevel showthread	Included Files: ./showthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/functions_bigthree.php ./includes/class_postbit.php ./includes/class_bbcode.php ./includes/functions_reputation.php ./includes/functions_post_thanks.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete showthread_start showthread_getinfo forumjump showthread_post_start showthread_query_postids showthread_query bbcode_fetch_tags bbcode_create showthread_postbit_create postbit_factory postbit_display_start post_thanks_function_post_thanks_off_start post_thanks_function_post_thanks_off_end post_thanks_function_fetch_thanks_start post_thanks_function_fetch_thanks_end post_thanks_function_thanked_already_start post_thanks_function_thanked_already_end fetch_musername bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete postbit_display_complete post_thanks_function_can_thank_this_post_start postbit_imicons pagenav_page pagenav_complete tag_fetchbit_complete forumrules navbits navbits_complete showthread_complete
Messages:

The Arcive of Official vBulletin Modifications Site.

It is not a VB3 engine, just a parsed copy!