+- ispCP - Board - Support (http://www.isp-control.net/forum)
+-- Forum: ispCP Omega Development Area (/forum-1.html)
+--- Forum: General discussion (/forum-11.html)
+--- Thread: Decrypting FTP Passwords (/thread-7119.html)
Decrypting FTP Passwords - rsmithgs - 07-04-2009 05:32 AM
Hi Guys,
Sorry about this, I'm sure this has been posted before but I cannot find it.
How do I decrypt the FTP passwords stored in the database?
Cheers
Rich
RE: Decrypting FTP Passwords - joximu - 07-04-2009 08:49 AM
Will be difficult because the password is crypted with random salt:
$cryptpw = crypt($clearpw, generate_rand_salt())
The mailpasswords (and user sql passwords) are crypted in a different way so that ispcp can decrypt and use the cleartext password.
/J
RE: Decrypting FTP Passwords - rsmithgs - 07-04-2009 05:43 PM
(07-04-2009 08:49 AM)joximu Wrote: Will be difficult because the password is crypted with random salt:
$cryptpw = crypt($clearpw, generate_rand_salt())
The mailpasswords (and user sql passwords) are crypted in a different way so that ispcp can decrypt and use the cleartext password.
/J
Thanks Joximu, so I assume if I want to recover the passwords I will have to do a brute force attack?
Many Thanks
Richard
OK think I have found a way to help me.
I wanted to migrate 2 ISPCP servers into one. One of the servers only has a few FTP accounts on it, I have found I can just copy the data with encrypted password from one database to another which allows login.
RE: Decrypting FTP Passwords - Knut - 07-04-2009 07:16 PM
You can use dsniff.
Code:
screen dsniff port 21 -w ftplogin.txtKnut
RE: Decrypting FTP Passwords - joximu - 07-05-2009 08:15 AM
also tcpdump will do it... just log to a file with a long sniflen...
/J
RE: Decrypting FTP Passwords - rsmithgs - 07-06-2009 03:40 AM
Sniffing is another idea but it may be a month or so until everyone has logged in :-)