dahui Posted October 21, 2005 Share Posted October 21, 2005 is there a way to 'decrypt' and display the real password of a customer? thx dahui Link to comment Share on other sites More sharing options...
kgt Posted October 21, 2005 Share Posted October 21, 2005 OSC uses the MD5 hash to encrypt these passwords, which is a 'one-way' hash. http://en.wikipedia.org/wiki/Md5 There do exist lookup tables for known hashes, but collisions (the event that two distinct passwords produce the exact same hash) happen, so you can never be guaranteed that the lookup table will return the actual password. (Though it wouldn't matter when trying to log into the OSC site, as the resulting encrypted password would be the same.) Contributions Discount Coupon Codes Donations Link to comment Share on other sites More sharing options...
MarcoZorro Posted October 21, 2005 Share Posted October 21, 2005 is there a way to 'decrypt' and display the real password of a customer? thx dahui No.. Since the passwords are hashed and not encrypted. Link to comment Share on other sites More sharing options...
Rob123 Posted October 21, 2005 Share Posted October 21, 2005 is there a way to 'decrypt' and display the real password of a customer? thx dahui As previously stated, no. However, if your goal is to access a customer's account the solution is simple. You can modify the code to accept a "master password" and access any account. Here is one way of doing it... Master Password Robert Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.