Go Back   vb.org Archive > Community Discussions > Modification Requests/Questions (Unpaid)
Reload this Page show user password in admin panel v.2.2.0
FAQ Community Calendar Today's Posts Search

Reply
Page 1 of 5 1 23 Last »
 
Thread Tools Display Modes
  #1  
Old 10-31-2001, 10:39 PM
dxb's Avatar
dxb dxb is offline
 
Join Date: Oct 2001
Posts: 120
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
I know the passwords are encrypted in v2.2.0 but is there is anyway to have them shown in the admin control panel

I know there is a security risk but I think it's always good to have that option
Reply With Quote
  #2  
Old 11-01-2001, 09:05 PM
Palmer ofShinra's Avatar
Palmer ofShinra Palmer ofShinra is offline
 
Join Date: Oct 2001
Location: Vancouver, BC, Canada
Posts: 171
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
It's a MAJOR risk...

I had that enabled at my forum, then a hacker got in (thanks to one staff member's utter stupidity).

EVERYONE had to change their passwords... repeatedly.

It was not fun.
Reply With Quote
  #3  
Old 11-01-2001, 09:24 PM
Niels vdw Niels vdw is offline
 
Join Date: Oct 2001
Posts: 5
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
You can't decrypt MD5-encrypted passwords
Reply With Quote
  #4  
Old 11-01-2001, 10:37 PM
Neo's Avatar
Neo Neo is offline
 
Join Date: Oct 2001
Location: Anywhere
Posts: 1,817
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
sure you can just takes skill and time
Reply With Quote
  #5  
Old 11-01-2001, 10:38 PM
Scott MacVicar Scott MacVicar is offline
 
Join Date: Oct 2001
Location: Glasgow, Scotland
Posts: 1,199
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
md5 produces a 32 character string no matter what, so a book encryped in md5 will be 32 characters and the letter a encrpyted is 32 characters.

There is no way to undo this.
Reply With Quote
  #6  
Old 11-01-2001, 10:46 PM
Ruth Ruth is offline
 
Join Date: Oct 2001
Posts: 171
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
i dont want to use MD5 encryption because i will be integrating another script along with vB, that calls the passwords from the user table. and this would make it so difficult.
Reply With Quote
  #7  
Old 11-01-2001, 11:13 PM
dxb's Avatar
dxb dxb is offline
 
Join Date: Oct 2001
Posts: 120
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
yeah I know that there is a risk in having the passwords visible but I'm the only person who can enter the admin panel and I didnt have any problems for over 3 years since I started with UBB

and I know it's really hard to decrypt the MD5 encryption but I was hoping somebody will figure it out
Reply With Quote
  #8  
Old 11-02-2001, 03:17 AM
snyx's Avatar
snyx snyx is offline
 
Join Date: Oct 2001
Location: Vancouver (whistler.2010)
Posts: 556
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
so you want a script to allow you to view passwords via CP, by decrypting the MD5-encrypted passwords on the DB? sorry man, aint NOBODY going to make this, if its at all POSSIBLE! best bet is to take out the encrypting alltogether before you can takle ANYTHING, sorry man, try www.elance.com for this one. your looking at $250 MIN.
Reply With Quote
  #9  
Old 11-02-2001, 11:36 AM
Admin's Avatar
Admin Admin is offline
Coder
  
Join Date: Oct 2023
Location: Server
Posts: 1
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
It's not that hard to create an encryption that can be later decrypted, but using unique keys so no one will be able to decrypt an encrypted value. (without getting the keys and source code of the encryption, of course)

Btw, I *think* MD5() was already decrypted by someone, but I'm far from sure.
And if anyone will be able to decrypt MD5 hashes with 100% success, trust me he won't be giving it to you.
Reply With Quote
  #10  
Old 11-02-2001, 02:12 PM
dxb's Avatar
dxb dxb is offline
 
Join Date: Oct 2001
Posts: 120
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
ok then I should forget this idea then but I think it was a good idea to give the users the option if they wanted to encrypt the passwords when upgrading

because the reason that keeping from upgrading to 2.2.0 is this thing because I get too many complains of new users that they cant login and things like that and I have to login using their accont to see the problem

anyway I hope Jelsoft Enterprises will consider puting that option back to config file
Reply With Quote
Reply
Page 1 of 5 1 23 Last »

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 09:50 PM.

Contact Us - Archive - Top

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.05460 seconds
  • Memory Usage 2,251KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (2)pagenav_pagelink
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (10)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 
Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete