Jump to content
Sign in to follow this  
marko001

Check remote credentials

Recommended Posts

marko001

Hi all,

I'm using a MySQL DB on an hosting where people can subscribe and create their username/password.

I'm now building a tool that, first of all, wants to check if credentials are correct.

Using

#include <mysql.au3>

I can easily connect to DB.

I can see tables and WP_Users table.

What I wanted to to is check username & password, but, found the username, I can't convert password to hashed Wordpress method.

Using

MsgBox(0, "Decrypted data", BinaryToString(_Crypt_DecryptData("$P$BliO2IAijM.ouBc2.BqypXV4683OdB0", "", $CALG_MD5)))

and

MsgBox(0,"",BinaryToString(_Crypt_HashData("testpw",$CALG_MD5)))

gives me different results.

I see, looking in DB, that Wordpress saves pw in this kind of format: "$P$BliO2IAijM.ouBc2.BqypXV4683OdB0" (example of password)

There is also http://codex.wordpress.org/Function_Reference/wp_hash_password but I can't imagine how to use it inside AutoIt.

Is there a solution for this?

Thanks,

M.

Share this post


Link to post
Share on other sites
spudw2k

It appears that it uses either Base64, DES or Blowfish.

It would take me some time to convert this to au3, but I'm no expert.

http://core.trac.wordpress.org/browser/tags/3.2.1/wp-includes/class-phpass.php

Share this post


Link to post
Share on other sites
marko001

And there is no way to send to mysql the clean password letting it to do the dirty work? It's mandatory to send it the hashed pw? (so I need to know algorithm autoit-side)

M.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.