L'uso di questo sito
autorizza anche l'uso dei cookie
necessari al suo funzionamento.
(Altre informazioni)

Wednesday, April 23, 2014

Admin password generation for phplist3

In phplist, starting (at least) with  version 3 admin passwords are stored as hashed values. The hashing technique is specified in phplist's config file:

define("ENCRYPTION_ALGO",'sha256');

Here the default algorithm is sha256 (but others, such as md5 or sha512 could be used). Because mysql does not offer all of these as builtins, something is needed to generate this value as a useful  way to reset admin passwords, when they are lost/forgotten (which is every time they are needed).

Google, was not helping, so I rolled my own.

A php script containing something along the lines of:

print hash('sha256',$PWD)."\n";

would suffice, but I am more adept at bash scripting. My effort is listed below. Please note:

  1. Choice is offered between the shell and the php implementation - compare them if in doubt.
  2. Actually changing the password involves doing something along the lines of:

    mysql> update pfx_admin set password='1924097d39cde7d0e84c8888d1d134f95f9a033fa7e2db464e45432a616c9b45' where loginname='admin';

    at the  mysql propmt or moral equivalent. Change pfx and admin to match your installation and needs.
  3. phplist uses no password salting.


#!/bin/bash

ALGO=sha256
SUM=/usr/bin/sha256sum

ver=0.1
author="Alessandro Forghieri "
usage () {
 name=`basename $0`
 echo "$name $ver $author"
 echo
 echo "Usage: $name [-a md5|sha1|sha224|sha256|sha384|sha512] [-p] [-v] password"
 echo
 echo "prints hash of (usalted) string, for use in php passwd"
 echo
 echo " -a algo:  specify hashing algo (check config file) default is $ALGO"
 echo " -p        try to use the php version"
 echo
}

#http://stackoverflow.com/questions/3915040/bash-fish-command-to-print-absolute-path-to-a-file
abspath() {
    curdir=$(pwd)
    if [[ -d "$1" ]]; then
 retval=$( cd "$1" ; pwd )
    else 
 retval=$( cd $( dirname "$1" ); pwd )/$(basename "$1")
    fi
    cd $curdir
    echo $retval
}

vbs() {
    [[ x$opt_v != x ]] && echo $1 1>&2
}

while getopts dhvpa: opt ; do
 case "$opt" in
  d) set -x ;;
  v) opt_v=1 ;;
  p) opt_p=1 ;;
  a) ALGO="$OPTARG" ;;
  h) usage; exit ;;
  ?) usage; exit ;;
 esac
done

shift `expr $OPTIND - 1`

# /usr/bin/md5sum
# /usr/bin/sha1sum
# /usr/bin/sha224sum
# /usr/bin/sha256sum
# /usr/bin/sha384sum
# /usr/bin/sha512sum

SUM="/usr/bin/${ALGO}sum"
[[ x$1 != x ]] || { usage ; exit ; } 

vbs "**$ALGO hash of $1"
if [[ x$opt_p != x ]]; then
    php -r  "print hash('$ALGO','$1').\"\n\";"
else
    [[ -f $SUM  ]] || { echo "No algorithm $ALGO" 1>&2 ; usage ; exit ; } 
    echo -n   "$1" | $SUM | cut -d ' ' -f 1
fi

No comments: