superbalgas Posted December 10, 2009 Posted December 10, 2009 hello, I lost the password access the administration panel... I tried to retrieve from the database, but it's encrypted... There is no way to change or decrypted? thank you very much beforehand. ------------- Hola, perdí la contraseña de acceso al panel de administracion... intenté recuperarla desde la base de datos, pero está encryptada... es posible cambiarla o desencryptarla?? Muchas gracias de ante mano... Salu2!
jigga1234 Posted December 10, 2009 Posted December 10, 2009 Download the .htaccess file under the admin directory. Open it up and find out where the htpasswd file is being kept. download the htpasswd file and add in your own login credentials using a program like this : http://home.flash.net/cgi-bin/pw.pl Re-upload the htpasswd file back into the correct directory Hit http://domain.com/catalog/admin/ and enter your new creds. Any joy? Credit goes to nameiscorrie
superbalgas Posted December 11, 2009 Author Posted December 11, 2009 hello, thanks for answering, my .htaccess only reads as follows: # $Id: $ # # This is used with Apache WebServers # # For this to work, you must include the parameter 'Options' to # the AllowOverride configuration # # Example: # # <Directory "/usr/local/apache/htdocs"> # AllowOverride Options # </Directory> # # 'All' with also work. (This configuration is in the # apache/conf/httpd.conf file) # The following makes adjustments to the SSL protocol for Internet # Explorer browsers #<IfModule mod_setenvif.c> # <IfDefine SSL> # SetEnvIf User-Agent ".*MSIE.*" \ # nokeepalive ssl-unclean-shutdown \ # downgrade-1.0 force-response-1.0 # </IfDefine> #</IfModule> # If Search Engine Friendly URLs do not work, try enabling the # following Apache configuration parameter # AcceptPathInfo On # Fix certain PHP values # (commented out by default to prevent errors occuring on certain # servers) # php_value session.use_trans_sid 0 # php_value register_globals 1 says nothing about htpasswd Web server is mounted in a 000webhost
♥mdtaylorlrim Posted December 11, 2009 Posted December 11, 2009 You are not using the .htaccess file (although you should be.) I think you are talking about the username/password login generated by OSc. If you can access the database you can either... delete the password altogether, and use OSc to put in a new one, or use an update sql statement to change the password right in the db. Community Bootstrap Edition, Edge Avoid the most asked question. See How to Secure My Site and How do I...?
a.forever Posted December 13, 2009 Posted December 13, 2009 Consider this add-on: http://addons.oscommerce.com/info/5857 And you might want to back everything up before using it, database as well. Not quite sure what its end product would, but I stumbled onto this a few months back and bookmarked it cause it seemed nifty. And once you regain your administration panel password, research how to use .htaccess to establish a password. All these recent hack attacks I read about make my head spin.
superbalgas Posted December 13, 2009 Author Posted December 13, 2009 thank!... TRUNCATE TABLE `administrators` xD!!
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.