define("ENCRYPTION_ALGO",'sha256');
Here the default algorithm is sha256 (but others, such as md5 or sha512 could be used). Because mysql does not offer all of these as builtins, something is needed to generate this value as a useful way to reset admin passwords, when they are lost/forgotten (which is every time they are needed).
Google, was not helping, so I rolled my own.
A php script containing something along the lines of:
print hash('sha256',$PWD)."\n";
would suffice, but I am more adept at bash scripting. My effort is listed below. Please note:
- Choice is offered between the shell and the php implementation - compare them if in doubt.
- Actually changing the password involves doing something along the lines of:
mysql> update pfx_admin set password='1924097d39cde7d0e84c8888d1d134f95f9a033fa7e2db464e45432a616c9b45' where loginname='admin';
at the mysql propmt or moral equivalent. Change pfx and admin to match your installation and needs. - phplist uses no password salting.
#!/bin/bash ALGO=sha256 SUM=/usr/bin/sha256sum ver=0.1 author="Alessandro Forghieri" usage () { name=`basename $0` echo "$name $ver $author" echo echo "Usage: $name [-a md5|sha1|sha224|sha256|sha384|sha512] [-p] [-v] password" echo echo "prints hash of (usalted) string, for use in php passwd" echo echo " -a algo: specify hashing algo (check config file) default is $ALGO" echo " -p try to use the php version" echo } #http://stackoverflow.com/questions/3915040/bash-fish-command-to-print-absolute-path-to-a-file abspath() { curdir=$(pwd) if [[ -d "$1" ]]; then retval=$( cd "$1" ; pwd ) else retval=$( cd $( dirname "$1" ); pwd )/$(basename "$1") fi cd $curdir echo $retval } vbs() { [[ x$opt_v != x ]] && echo $1 1>&2 } while getopts dhvpa: opt ; do case "$opt" in d) set -x ;; v) opt_v=1 ;; p) opt_p=1 ;; a) ALGO="$OPTARG" ;; h) usage; exit ;; ?) usage; exit ;; esac done shift `expr $OPTIND - 1` # /usr/bin/md5sum # /usr/bin/sha1sum # /usr/bin/sha224sum # /usr/bin/sha256sum # /usr/bin/sha384sum # /usr/bin/sha512sum SUM="/usr/bin/${ALGO}sum" [[ x$1 != x ]] || { usage ; exit ; } vbs "**$ALGO hash of $1" if [[ x$opt_p != x ]]; then php -r "print hash('$ALGO','$1').\"\n\";" else [[ -f $SUM ]] || { echo "No algorithm $ALGO" 1>&2 ; usage ; exit ; } echo -n "$1" | $SUM | cut -d ' ' -f 1 fi
No comments:
Post a Comment