[geeks] Encrypted hash question
Bill Bradford
mrbill at mrbill.net
Wed Jun 16 12:51:38 CDT 2004
On Thu, Jun 17, 2004 at 05:48:36AM +1200, James Braid wrote:
> They dont "look right" for SHA1; a standard SHA1 160-bit hash is
> normally 40 characters long when stored as a plain text string (and only
> has hex digits in it). But the application could have munged them or
> something. Maybe they are weirdly crypt()'d or something.
>
> If you have the source for the app it should be easy enough to find how
> it stores the passwords, and then change the app's password once you
> have the root pw for MySQL.
If I've got a mysqldump of the entire mysql installation on that
box, how would you go around finding out what hash method its using?
Is that possible?
Bill
--
bill bradford
austin texas
More information about the geeks
mailing list