NukeCoder

Guest

ok ive lost my password for the admin area . i really need the password cause its for some other isites too Sad i made a backup of my site and it has my password there but its encrypted. What i need to know is how phpnuke encryptes your password so then i can find a decoder which will decode the encrypted password i have on my mysql backup!!

P.S. i forgot my pass..... and i really need it ! Sad

Posted: Fri Feb 03, 2006 2:17 pm

faaj,
The encryption level is to strong and would take immaculate amount of hours to have it translated. No matter what program you use. My suggestion is to empty the tables that contain the password....
That should allow you to recreate a new one from your index page.

Lets us know....

Ghost

Newbie Joined: Jan 28, 2006 Posts: 5

Lol definitely, else wouldn't it be easy to hack any passwords off of PN? Wink

Posted: Thu Feb 09, 2006 5:43 am

hmm wel if its that easy to encrypt it shouldnt it be that easy to decode it?

Posted: Thu Feb 09, 2006 4:41 pm

No because the encrption language is unknown, one would have to translate it first to determine that. And it is the Translation in which "these" programs perform. It is like the A=1 B=2 C=3 spy code that we all learned as kids. Except the encrpytion is much harder to decipher.

Ghost

Site Admin Joined: May 16, 2005 Posts: 23

I've never taken a super hard look at the login/auth code but it looks like the passwords are encrypted with a combination of the sitekey(defined in config.php), the date of registration and I can't quite tell but also a base64 number generator/encoder.

You have fun with that. Very Happy

Posted: Fri Mar 03, 2006 9:27 pm

Register a new user, with a new password, enter in phpmyadmin and insert the password for this new user into the password field of the admin.

LuVi

Posted: Thu Mar 09, 2006 11:07 am

Enter the following code into the “pwd” field and save it.

Code:

dc647eb65e6711e155375218212b3964

This will make the password for the account “Password”.

Newbie Joined: Aug 23, 2006 Posts: 1

i had a simuler problem with clientexec, i get locked out of my admin account, do u kno what i did, i went into phpMyAdmin and deleted the encrypted password and saved the tablewith no encrypted password...i then loged in with just my e-mail address and no password, then all i had to do was reset the password in my account settings.

Not shore it'll work with phpNuke though, will have to try it some day

Code Authors · Mr. Awesome Joined: Dec 09, 2006 Posts: 240

Removing the God (superuser) admin record in the nuke_users table will prompt you to create a new admin account when you go to the admin log-in screen.

Alternatively, delete the password from the DB field, enter a new one in plain text but save the ecord as MD5 as this is what is used to encrypt the password.

I don't know how mySQL determines an MD5 hash but in PHP it is based on the BSD MD5 crypt routine, this provides for 48 bits of salt, for a theoretical 281 trillion (281,474,976,710,656) possible representations of any password.