Posted by Sandip Choudhury on May 27, 2014 at 10:45am
For example - I have built a website and given the drupal files and database to someone, to host in the server. But I am not willing to give username and password of User one. So, is it possible to hack the drupal code and database to extract the username and password of user 1?
Or, I have forgot the username and password of user 1 after creation of the website. So, is it possible to get the details of user 1?
If possible, how?
Comments
I am not sure this is what
I am not sure this is what you are looking for but this might help https://drupal.org/node/44164.
password reset by php
Thanks, I have seen the links. I think password reset by php will help me - https://drupal.org/node/1556488. I will try this.
Regards,
Sandip Choudhury
www.UltraCorporatePixel.com
http://hostingultraso.com
quick note on passwords in db
Hi Sandip,
Part of your question is, "is it possible to hack the drupal code and database to extract the username and password of user 1?"
Since no one really touched on this, I'd just like to mention that if someone has a copy of the db (and your settings.php file if your site uses a hash salt) then it's possible to extract the passwords. The less strong the passwords, the faster a hacker can extract them. I'm not going to say how. But just wanted to stress the importance of keeping your db and hash secret.
Cheers,
Jeff
I believe it requires a lot
I believe it requires a lot of time and computing power to extract the password because you have to brute force it. If the password is "good" then it could take years to do (right?).
Here's a slidehsare and github repo that covers many aspects of attacking Drupal including how to crack passwords. Keeping the technique a secret doesn't help secure people - the "bad guys" know how to use john the ripper :)
knaddison blog | Morris Animal Foundation
[Solved] - Extracting username and password of User 1
Thanks for sharing the Slide. My purpose has been solved. And it is nice to talk with you and good to feel that I am getting guidance by the author of the top drupal book - Cracking Drupal.
Regards,
Sandip Choudhury
www.UltraCorporatePixel.com
http://hostingultraso.com