Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

any way to decrypt the customer password in the db ?


dahui

Recommended Posts

OSC uses the MD5 hash to encrypt these passwords, which is a 'one-way' hash.

 

http://en.wikipedia.org/wiki/Md5

 

There do exist lookup tables for known hashes, but collisions (the event that two distinct passwords produce the exact same hash) happen, so you can never be guaranteed that the lookup table will return the actual password. (Though it wouldn't matter when trying to log into the OSC site, as the resulting encrypted password would be the same.)

Contributions

 

Discount Coupon Codes

Donations

Link to comment
Share on other sites

is there a way to 'decrypt' and display the real password of a customer?

 

thx dahui

As previously stated, no.

 

However, if your goal is to access a customer's account the solution is simple.

You can modify the code to accept a "master password" and access any account.

 

Here is one way of doing it...

 

Master Password

 

Robert

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...