+- SphereCommunity (https://forum.spherecommunity.net)
+-- Forum: Sphere 0.56d (/Forum-Sphere-0-56d)
+--- Forum: General Help (/Forum-General-Help)
+--- Thread: Impossible to reverse md5 passwords (/Thread-Impossible-to-reverse-md5-passwords)
Pages: 1 2
Impossible to reverse md5 passwords - Rizz - 08-14-2014 12:52 AM
In the past i used the option
// Store password hashed with MD5
Md5Passwords=1
Now i cannot set to 0 otherwise the MD5 code will be the newpass.
Is there a way to come back from MD5 without set manually all the pass?
RE: Impossible to reverse md5 passwords - Skul - 08-14-2014 01:14 AM
Quote:09-01-2007, FurioI assume you would want to change all your passwords back to normal plain text:
- Added: MD5HASH returning the md5 hash of the argument.
Code:
for a 0 <eval <serv.accounts> +-1>
serv.account.<local.a>.password <md5hash <serv.account.<local.a>.password>>
endforOh, here it really is:
Quote:17-08-2010, ShiryuXSo the code should be:
- Added #1566: MD5PASSWORD account function/property to instert or change a MD5 hash as password.
This way you can call: "SERV.ACCOUNT foobar MD5PASSWORD f4d9ff51c527e8ef67d924d4f0a6db66"
Code:
for a 0 <eval <serv.accounts> +-1>
serv.account <serv.account.<local.a>.name> md5password <serv.account.<local.a>.password>
endforMight want to do a worldsave and backup before performing the script.
RE: Impossible to reverse md5 passwords - Rizz - 08-14-2014 02:33 AM
Thx for the code, i will try in local and let you know.
RE: Impossible to reverse md5 passwords - Rizz - 08-14-2014 06:30 AM
Noway is not working... the code converts the MD5 password into something shorter but seems MD5 anyway...
0cc175b9c0f1b6a831c399e269772661 -> 0cc175b9c0f1b6a8
EDIT:
actually it cuts every md5 has but doesn't provide the right pass back to normal.
RE: Impossible to reverse md5 passwords - Ben - 08-14-2014 08:38 AM
there is no way to revert an MD5 hash...
best thing I can suggest would be to use f_onaccount_connect to do a manual password check and reset the password to the password supplied if passed, then set a tag on the account to show that the password was reset already.
RE: Impossible to reverse md5 passwords - Rizz - 08-14-2014 05:36 PM
There is a way but the rate of success is low: http://md5.gromweb.com/
RE: Impossible to reverse md5 passwords - Extreme - 08-15-2014 05:54 AM
(08-14-2014 05:36 PM)Rizz Wrote: There is a way but the rate of success is low: http://md5.gromweb.com/
No no, they create hashes from words/passwords and compare in database.
Decode md5 is impossible but with a database you can do it.
RE: Impossible to reverse md5 passwords - Ben - 08-15-2014 08:59 AM
ok this is what I was talking about... I just did not test it though.
[FUNCTION f_onaccount_connect] //Read carefully
// The f_onaccount_connect function is called before the sent password is checked.
// local.account --> username of the account connecting.
// local.password --> password given.
// RETURN
// 0 --> Let Sphere do its password checks.
// 1 --> Deny access assuming the given password is wrong.
// 6 --> Force login, without other password checks than the ones made in this function.
IF (!STRCMPI(<SERV.ACCOUNT.<local.account>.PASSWORD>,<MD5HASH <local.password>>) && !<SERV.MD5PASSWORDS>)
SERV.ACCOUNT.<local.account>.PASSWORD = <local.password>
ENDIF
RETURN 0
RE: Impossible to reverse md5 passwords - Rizz - 08-15-2014 05:40 PM
(08-15-2014 08:59 AM)Ben Wrote: ok this is what I was talking about... I just did not test it though.
[FUNCTION f_onaccount_connect] //Read carefully
// The f_onaccount_connect function is called before the sent password is checked.
// local.account --> username of the account connecting.
// local.password --> password given.
// RETURN
// 0 --> Let Sphere do its password checks.
// 1 --> Deny access assuming the given password is wrong.
// 6 --> Force login, without other password checks than the ones made in this function.
IF (!STRCMPI(<SERV.ACCOUNT.<local.account>.PASSWORD>,<MD5HASH <local.password>>) && !<SERV.MD5PASSWORDS>)
SERV.ACCOUNT.<local.account>.PASSWORD = <local.password>
ENDIF
RETURN 0
There is problem:
when i shut down the server to change MD5PASSWORDS to 0 then I start again sphere, sphere cuts the MD5 pass in this way:
0cc175b9c0f1b6a831c399e269772661 -> 0cc175b9c0f1b6a8
So the pass will be always wrong.
Code:
09:40:3:Client connected [Total:1] ('127.0.0.1' 1/1)
09:40:3: 'a' bad password
09:40:WARNING:3:Bad Login 3 (The password entered is not correct)
09:40:3:Client disconnected [Total:0] ('127.0.0.1')RE: Impossible to reverse md5 passwords - XuN - 08-15-2014 08:27 PM
serv.log Account <local.account> connecting with password '<local.password> (<MD5HASH <local.password>>)', real password is '<serv.account.<local.account>.password>'
Try this line before your code, I don't know how you get to receive that error but everything is ok to me.
Look at your code, you are missing a ')' at the end of the IF