0

I have an old application in joomla. But I have an isolated module which already completed coding in php using codeigniter to be integrated in joomla project. I searched in web and found that my joomla password which have to be used in new codeigniter app is salted. suppose password is "demo", it is written in db as below:

3086b528eaa84a667f53da2641ab2919:ANcIDPYOit4i4yQU8GOFx1jUUqOIDQre

Now I am retrieving this salt by applying a query which is given by checking the unique username in db for getting corresponding password. So I got salt as

ANcIDPYOit4i4yQU8GOFx1jUUqOIDQre

I searched and found that below method can be used for encryption in old joomla apps.

md5($givenpassword.$salt)+":"+$salt

But when I execute above code I am getting different encrypted value. Instead of getting

3086b528eaa84a667f53da2641ab2919:ANcIDPYOit4i4yQU8GOFx1jUUqOIDQre

. Could you please give me a solution to this problem. ?.

Dayz
  • 269
  • 2
  • 12
  • 1
    I think this is what you need exactly https://stackoverflow.com/questions/10428126/joomla-password-encryption – JYoThI Sep 20 '17 at 05:03
  • 1
    Don't use MD5 very unsecured now not suited for passwords use php http://php.net/manual/en/function.password-hash.php and to verify http://php.net/manual/en/function.password-verify.php –  Sep 20 '17 at 05:13

1 Answers1

0

It was a silly mistake. I got the solution.

changed

md5($givenpassword.$salt)+":"+$salt

to

$salted=md5($givenpassword.$salt);
$newval=$salted.":".$salt;
JYoThI
  • 11,977
  • 1
  • 11
  • 26
Dayz
  • 269
  • 2
  • 12
  • 1
    Don't use MD5 very unsecured now not suited for passwords use php http://php.net/manual/en/function.password-hash.php and to verify http://php.net/manual/en/function.password-verify.php –  Sep 20 '17 at 05:13