The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
|
|||||||
|
#1
03-06-2015, 03:29 AM
|
|||
|
|||
Passwords in plaintext for user migration
Is there an easy way to get the passwords in plaintext out of the database of my VB4 install? I have DB access, obviously.
I am migrating to a custom login api. I need to get the passwords in plaintext, so I can re-encrypt them and insert them into the new system. Is there any documentation for the VB4 login system? --------------- Added [DATE]1425620464[/DATE] at [TIME]1425620464[/TIME] --------------- Looks like my choices are to either use VB's algorithm along with the existing passwords in my new design, or ask the users to specify a new password when they log in. 
|
|
#5
03-06-2015, 10:55 AM
|
|||
|
|||
|
What is the point of hashing passwords when you can just "de-crypt" them back to plain-text?
No, that's not possible. You have 2 options: - You clone the password hashing function of vBulletin and additionally add your own hashing function on top of vBulletin. - You use your own password hashing and reset the password of everyone
|
|
#6
03-06-2015, 07:19 PM
|
||||
|
||||
|
Like other people said, its impossible to de-hash/de-crypt an already encrypted vbulletin password. If this was easily possible, it would be a very major security issue in the vBulletin Software. When a hacker gain access to a server that running your forum, the first place he goes is MySQL to download a copy of your entire forum database. The hacker then has all Emails and Encrypted Passwords of your forum.
If it was possible to decrypt the passwords easily, most of those email accounts will also be hacked. Not including Facebook Accounts, Twitter, and the list goes on. Because a lot of people use the same password and email for everything in their life.
|
 |
«
Previous Thread
|
Next Thread
»
Linear Mode
|
|
All times are GMT. The time now is 08:39 PM.