I have IPB 2.3.5. I need to decrypt (or encrypt) the passwords from the database so I can compare them to user input from another page. So, how does anyone happen to know how IPB encrypts their passwords? (Or how to decrypt them?)
Andrieux 0 Junior Poster in Training
jedi_ralf 0 Newbie Poster
I have IPB 2.3.5. I need to decrypt (or encrypt) the passwords from the database so I can compare them to user input from another page.
It's unlikely you'll decrypt them; they're hashed.
So, how does anyone happen to know how IPB encrypts their passwords? (Or how to decrypt them?)
A quick google search for "IPB password hashing" threw up this link:
http://www.neowin.net/forum/index.php?showtopic=317007
It seems to be talking about what you want to do;
"to generate the passwords, ipb generates an md5 hash of it, "salts" it, and then re-hashes the salt. the salt i beleive is stored in ibf_members_extra, but i am not sure. note: it is unique for each user"
Salem 5,199 Posting Sage
> so I can compare them to user input from another page
You encrypt the input using the same steps you did to store the encrypted password in the first place.
You then compare two encrypted results.
If they match, they're in!.
Andrieux 0 Junior Poster in Training
Thanks, guys. The salt was in the database, so I just had to use md5(md5($salt).md5($pass)) , and compare it with some other things in the DB. Thanks, again! md5(md5($salt['converge_pass_salt']).md5($password));
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.