This article explains how to assign an automatically generated passwords to Mambo 4.x/Joomla 1.0.x-12 User Database table. You will need PHPMyAdmin or a similar MySQL Client to be able to be able to execute the following.
Goal: Generate a new set of Passwords to All Mambo/Joomla Users and have a spreadsheet copy of this new set of passwords with corresponding usernames.
Note: The steps below aims to be verbose, so there are other possible ways to do this in a quicker way with less steps, but the broken down concept will always be similar to this,
Step 1.) Run this query (PHPMyAdmin recommended):
SELECT *, SUBSTRING(MD5(RAND()), -8) as password2 from mos_users;
Step 2.) Export the Results to an sql file (With Drop Database Option checked.)
NOTE: (To Export custom query results from PHPMyAdmin, use the "Export" button found in the "Query results operations" and NOT the "Export" link from the top tabs.)
Step 3.) Add a `password2` column to mos_users:
ALTER TABLE `mos_users` ADD COLUMN `password2` TEXT NOT NULL AFTER `params`;
Step 4.) Import the SQL File Generated from STEP 1 into mos_users table
Step 5.) Run the following query against mos_users table:
SELECT *, MD5(password2) as password3 from mos_users;
Step 6.) Export the Results to an sql file.
Step 7.) Add a `password3` column to mos_users:
ALTER TABLE `mos_users` ADD COLUMN `password3` TEXT NOT NULL AFTER `password2`;
Step 8.) Import the SQL File Generated from STEP 5 into mos_users table
Step 9.) Now drop the current password column
ALTER TABLE `mos_users` DROP COLUMN `password`;
Step 10.) Rename password3 column as password.
CHANGE COLUMN `password3` `password` TEXT NOT NULL;
NOTE: The `password 2 column is the unhashed plaintext 8 character passwords. You might want to jot the result of the following query down or save it as CSV for future reference:
SELECT username, password2 from mos_users;
The resultset from the query above will be the copy of username and unhashed passwords. Once copied, you can safely drop the password2 column by:
ALTER TABLE `mos_users` DROP COLUMN `password2`;
..a dose of zero-day know-hows ..
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment