Password Recovery tools issue
- abdulhalim
- Master Bludit
- Posts: 128
- Joined: Thu Mar 10, 2016 6:25 pm
- Location: Bandar Abbas
- Has thanked: 1 time
- Been thanked: 4 times
- Contact:
Hello,
Today I just tested the Password Recovery Tools.
So I put it in the Bludit root and browse in via FF, the script said "username not found", I found out, I disabled the admin user!
What can I do in that case? so I change the admin values in the script and change to the e.g: "administrater" ( with miss typing ) - assume my real username is "administrator", so the script should say the "administrater" user does not exist! but it returns "administrater" and a password.
I noticed I miss typed the username, I correct it in the script, again: "username not found".
the worse thing is I remember my password, the script change it but not print it, so I am blocked right now
Is it a Bug or I break sth.
P.S: I am testing on the localhost with PHP 7.2.11 (Laravel)
Today I just tested the Password Recovery Tools.
So I put it in the Bludit root and browse in via FF, the script said "username not found", I found out, I disabled the admin user!
What can I do in that case? so I change the admin values in the script and change to the e.g: "administrater" ( with miss typing ) - assume my real username is "administrator", so the script should say the "administrater" user does not exist! but it returns "administrater" and a password.
I noticed I miss typed the username, I correct it in the script, again: "username not found".
the worse thing is I remember my password, the script change it but not print it, so I am blocked right now
Is it a Bug or I break sth.
P.S: I am testing on the localhost with PHP 7.2.11 (Laravel)
- abdulhalim
- Master Bludit
- Posts: 128
- Joined: Thu Mar 10, 2016 6:25 pm
- Location: Bandar Abbas
- Has thanked: 1 time
- Been thanked: 4 times
- Contact:
Is it possible to change password without salt?
I mean sth like following passwords
admin = 433903e0a9d6a712e00251e44d29bf87:UJ0b9J5fufL3FKfCc0TLsYJBh2PFULvT
secret = d2064d358136996bd22421584a7cb33e:trd7TvKHx6dMeoMmBVxYmg0vuXEA4199
OU812 = 5e3128b27a2c1f8eb53689f511c4ca9e:J584KAEv9d8VKwRGhb8ve7GdKoG7isMm
I mean sth like following passwords
admin = 433903e0a9d6a712e00251e44d29bf87:UJ0b9J5fufL3FKfCc0TLsYJBh2PFULvT
secret = d2064d358136996bd22421584a7cb33e:trd7TvKHx6dMeoMmBVxYmg0vuXEA4199
OU812 = 5e3128b27a2c1f8eb53689f511c4ca9e:J584KAEv9d8VKwRGhb8ve7GdKoG7isMm
- Edi
- Site Admin
- Posts: 3168
- Joined: Sun Aug 09, 2015 5:01 pm
- Location: Zurich
- Has thanked: 66 times
- Been thanked: 90 times
- Contact:
The hash for the password is created using the salt.
You can use a hash generator like the following one:
http://www.lorem-ipsum.co.uk/hasher.php
Bludit uses SHA1.
- abdulhalim
- Master Bludit
- Posts: 128
- Joined: Thu Mar 10, 2016 6:25 pm
- Location: Bandar Abbas
- Has thanked: 1 time
- Been thanked: 4 times
- Contact:
Thank you Edi,Edi wrote: ↑Mon Apr 01, 2019 11:18 pmThe hash for the password is created using the salt.
You can use a hash generator like the following one:
http://www.lorem-ipsum.co.uk/hasher.php
Bludit uses SHA1.
I use the following method to change the password.
in the file users.php from the database, I change the following values (for available admin user)
Code: Select all
password: 5a93ae6060f19e6156abd4d2b88d4fdf5d9c18a5
salt: 5ca33055160dd
tokenAuth: c98200a8e59c5dd1e1ec76f856302201
after logging in should change the password
- abdulhalim
- Master Bludit
- Posts: 128
- Joined: Thu Mar 10, 2016 6:25 pm
- Location: Bandar Abbas
- Has thanked: 1 time
- Been thanked: 4 times
- Contact:
Yes, But it didn't work for me, I used another method. I grab information from a fresh Bludit installation and change the values for the forgotten one. it works fine
-
- Sr. Bludit
- Posts: 42
- Joined: Tue Sep 05, 2023 1:33 pm
- Has thanked: 9 times
- Been thanked: 1 time
Yes, But it didn't work for me, I used another method. I grab information from a fresh Bludit installation and change the values for the forgotten one. it works fine
[/quote]
The password recovery tool doesn`t work for me, and the team was not able to help me (viewtopic.php?p=12965). Can you help? I can pay for your support. Thanks in advance.
[/quote]
The password recovery tool doesn`t work for me, and the team was not able to help me (viewtopic.php?p=12965). Can you help? I can pay for your support. Thanks in advance.
-
- Sr. Bludit
- Posts: 42
- Joined: Tue Sep 05, 2023 1:33 pm
- Has thanked: 9 times
- Been thanked: 1 time
Yes, But it didn't work for me, I used another method. I grab information from a fresh Bludit installation and change the values for the forgotten one. it works fine
[/quote]
Thank you very much for this hint.. I created a fresh installation, with most files copied and replaced.. some values edited as well.. Now I`m able to login to the site again, with everything kept, working and running.. under a new URL.. then moved them back to the original URL.. with some settings and edits re-done again.. it was very hard and took 2 re-installations. Some settings will be done again,, but it`s OK.
[/quote]
Thank you very much for this hint.. I created a fresh installation, with most files copied and replaced.. some values edited as well.. Now I`m able to login to the site again, with everything kept, working and running.. under a new URL.. then moved them back to the original URL.. with some settings and edits re-done again.. it was very hard and took 2 re-installations. Some settings will be done again,, but it`s OK.