Waraxe IT Security Portal

funtime · Regular user

Pretty simple question I want to know if any of you know of any scripts (forums and guestbooks are a plus)

THAT DO NOT HASH THE PASSWORDS

My friend told me there is some mod for phpbb that changes it to it doesn't do md5 anymore and the passwords are raw.

That means you can look them up in the database without having to waste your time with md5 cracking sites.

Anyone know of anything? I have been looking around and no luck. Hope someone can help me out!

Cool

ToXiC · Moderator

funtime · Regular user

let me explain better there is a lot of scripts out there and not everyone has their passwords convert to md5. some go into a flatfile or your sql database just as plain text and that's want i'm looking for. why waste your time TRYING to convert passwords when you could use a script made (forum or a guestbook which requires member to register) and get all the passwords from the database or flatfile with no effort. do you see what i mean? if you are thinking this is not true then you are wrong because i got a script from trendy website creator (yep everyone who wants to get peoples password go hunt it down i'm telling you a secret lol). it shows you the passwords of your members accounts. BUT ITS NOT A FORUM it's a automatic website creation tool for your members (customers).

so here is the question again does anyone know of any script that will show the owner (cause it will be put on a host i own so i have total control over it and any data it records) the passwords set by the user of every account made on that forum or guestbook?

OR BETTER YET know how to remove the md5 code in the "registered new user" and explain how to set it so it INSTEAD adds plain text for the password then bthe md5 crap.

OK this changed from asimple newbie question to a better put on the thinking cap lol.

As i am asking you this question i am looking onlinefor scripts (from really cheap poorly made companies) and hoping iget lucky. if i find anything i will share with all of you. but if you know anything that can help please share your info with me i could use any help you have to offer.

(i found this siimple forum script called chipmonk forum and here is the link)
http://www.chipmunk-scripts.com/page.php?ID=8

i wonder is anyone can tell me how to alter the reguser.php so it inserts the users password as plain text. looks a lot less crazy then phpbb or even smf.

I tried just copy the code for how it enters the info into the sql for name and that didnt work.

Sad

waraxe · Site admin

You can make additional table "phpbb_plaintext" and add 1-2 lines new code, which will in case of new user registration insert md5 to old table AND plaintext password to new table. Better yet - in phpmyadmin just copy the old users table (structure only) and then use original sql clause form source code with little modification (password instead md5).

funtime · Regular user

WOW Waraxe you are a god ok now comes the big super question can YOU please help me with this? Is there anyway I can ask you to either show me a tutor that is out there or what the code that I supposed to add looks like? I'm great at adding mods to boards but not a pro at php and sql but I am a FAST learner! the chipmonk board I posted the link for is perfect if you can show me something for that or even phpbb or hell ANY board I am not picky anything will do. I'm happy enough JUST to get a answer from someone who knows what I am asking about! Again thank you for answering my question. I hope you can help me by making a tutor or even a premade file or anything so I can get this uploaded and get it going.

Very Happy

funtime · Regular user

OK messing around with it this is what is happening

I changed the md5 (which is in ONLY 2 files reguser.php in the root of the chipmonk forum folder and one in the admin folder called reguser.php)

and I Changed it to password
(so it said this before)
if ($password==$pass2 && $_POST['password'])
{
$password=md5($password);

and now it says

if ($password==$pass2 && $_POST['password'])
{
$password=password($password);

Also I added a copy of the table users and called it users2 but i'm kinda stuck how do I alter it so it will make a copy to that table can you help? Can anyone help?

When I did the password instead of md5 I got this error

Fatal error: Call to undefined function: password() in /public_html/monk/reguser.php on line 72

I'm Soooooooooo close I can taste it!

P.S. I am using this as my forum so that way everyone knows what I am messing with.

http://www.chipmunk-scripts.com/page.php?ID=8

If anyone knows how to do this or has it done allready with another board style (invision,phpbb,smf) I will gladly try what you got but I am only doing this one since its really small and easy to understand.

pexli · Valuable expert

Some idea to think.

Code is delete by me Laughing

funtime · Regular user

WOW! this is what I am looking for!

*****UPDATE******
WOW THAT TOTALLY WORKS! That is the neatest shit I have ever seen in my life the person who made that is a freaking god! I'm freaking OUT! it's so awesome!!! OK like I said I will uploaded this and if the link dies just pm me on this board and I will reupload.
*****UPDATE******

If anyone has anything like this for any ANOTHER forum / board / script please post it cause that would really be awesome! I will upload this vb script (precracked and ready to go) when I got it working just as a thanks for everyone helping me out on this. Again I want to say thank you to EVERYONE who has posted on my thread. You guys are really pretty awesome here so thanks a lot!.