Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Mybb password algorithm
#1
hey there

i have my own pvp server but i need use little closed forum

Is there a way to change the mybb password algorithm make plaintext?
Reply
#2
Have alook at the the following files and lines for the password being encrypted and salted.

./inc/functionss_user.php:
Line 172:
Line 209:

./inc\datahandlers/user.php
Here you can find several password functions verify, generating.

To make the password really plaintext, remove md5 functions and mind the salt.

[ExiTuS]
Reply
#3
(09-20-2019, 11:26 AM)Theorie Wrote: Is there a way to change the mybb password algorithm make plaintext?

That's a terrible idea. Passwords should never, ever be stored in plaintext. Never ever ever.
No longer involved in the MyBB project.
Reply
#4
i know but we are like 50 players not much
Reply
#5
This user has been denied support. This user has been denied support.
That's a really sketchy thing to do... What are your intentions?
Reply
#6
(09-20-2019, 02:00 PM)Theorie Wrote: i know but we are like 50 players not much

Don’t care if it’s just you and your mother; you do not make passwords plaintext.

Users are stupid. They re-use passwords. You get breached, those passwords are now out in the open.
[Image: kAhpvOW.png]
Reply
#7
(09-20-2019, 02:00 PM)Theorie Wrote: i know but we are like 50 players not much

Let's say there are two players, you and your friend. Your passwords are stored in plaintext and your friend uses the same password for his online bank. The hacker transfers all his money out of his account and now your friend can't afford to pay his rent or buy food.

Actions have consequences.
No longer involved in the MyBB project.
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)