My guess is phpbb3 uses a different type of md5 hashing?
|
I'm trying to intergrate my PHPBB3 forums with my server, however I'm getting the following problem.
Both passwords are the same (the one I used with logging in & the one into the MySQL database) however it returns both a another MD5 encryption.
I tested this onto the password 'w13m11rs'
Here the methods I'm using (Most credits go to Ultimate)Code:[00:00:36]: User INPUT: a8573850817e59f64c9c3393bbb025fe [00:00:36]: PHPBB3: $H$711OXgIf9h3Oo9F7O7i.iUf4QYg/e60
Anyone knows what's wrong?Code:public boolean checkAccount(String enteredUser, String enteredPass) { try { Statement stmt = MySQL.conn.createStatement(); ResultSet rs; rs = stmt .executeQuery("SELECT * FROM phpbb_users WHERE username = '" + enteredUser + "'"); while (rs.next()) { String password = rs.getString("user_password"); //String salt = rs.getString("salt"); String myInput = passHash(enteredPass); System.out.print("User INPUT: "+myInput+"\r\n"); System.out.print("PHPBB3: "+password+"\r\n"); if (enteredPass.equalsIgnoreCase(password)) { return true; } else { return false; } } stmt.close(); } catch (Exception e) { System.err.println(e.getMessage()); } return false; } public String passHash(String in) { String passM = new MD5(in).compute(); return new MD5(passM).compute(); }
Thanks,
William.D
My guess is phpbb3 uses a different type of md5 hashing?
do it//String salt = rs.getString("salt");
String salt = rs.getString("salt");
I already found a class whichh can set passwords to phpbb3 hash, trying it now. Thanks all.
Edit: NOT WORKING - I'm using this; http://larsho.blogspot.com/2008/02/p...n-phpbb-3.html They just remade the PHPBB3 functions in PHP (includes/functions.php). I checked it and everything seems fine. Anyone knows what wrong? The PHP Functions: http://pastebin.com/m1402ec1a
I think it has something to do with this bit:
Code:String _hash_crypt_private(String password, String setting) { String output = "*"; // Check for correct hash if (!setting.substring(0, 3).equals("$H$")) return output; int count_log2 = itoa64.indexOf(setting.charAt(3)); if (count_log2 < 7 || count_log2 > 30) return output; int count = 1 << count_log2; String salt = setting.substring(4, 12); if (salt.length() != 8) return output; String m1 = md5(salt + password); String hash = pack(m1); do { hash = pack(md5(hash + password)); } while (--count > 0); output = setting.substring(0, 12); output += _hash_encode64(hash, 16); return output; }
bump
« Previous Thread | Next Thread » |
Thread Information |
Users Browsing this ThreadThere are currently 1 users browsing this thread. (0 members and 1 guests) |