[geeks] Encrypted hash question
Bill Bradford
mrbill at mrbill.net
Wed Jun 16 12:15:55 CDT 2004
On Wed, Jun 16, 2004 at 12:13:13PM -0500, Jonathan C. Patschke wrote:
> Not going to happen. Hashes do not decrypt. They have to be
> brute-forced.
> >However, these aren't MD5 hashes, and the "John the Ripper" password
> >cracker wont' recognize them either when I plug them into a password
> >file.
> >INSERT INTO user_password VALUES ('administrator','iiQ4AxZsPtUZ3r00');
> >INSERT INTO user_password VALUES ('operator','7ePNxD3QNoHP9r00');
> I seem to remember MySQL using SHA1 hashes.
AHA. Thanks.
> Is there a reason why, if you can confirm the hashing algorithm used,
> you cannot just plop in your own hashed value from a known password?
I dont have the MySQL administrator password for that system. I guess
I *could* stop everything and drop in a replacement database (after munging
it on another box), but I want to avoid that if possible.
Bill
--
bill bradford
austin texas
More information about the geeks
mailing list