Solved

Password Encrypted MD5

Posted on 2011-09-08
25
532 Views
Last Modified: 2012-05-12
I had someone working on a database / website for me and I cannot contact him right now.  I have downloaded the database, but the password is encrypted.

I have two pages where the md5.asp is added to the admin page.  My thoughts are this:
Remove those references and upload the pages.
Upload the database (with a backup copy on my system) with a simple text password (i.e. password)
Then I should be able to sign in without any problems?  Or is there something that I missed.  I just need to get this going pretty soon

Thanks!
0
Comment
Question by:coreybryant
  • 13
  • 11
25 Comments
 
LVL 30

Expert Comment

by:Wayne Barron
Comment Utility
Hello Corey
You cannot reverse the md5.
And I strongly suggest that you do not remove it from your code.

Is the site setup to allow the creation of a new user?
If so, then create a new user, and a password for that user.
Then copy the password from that user to the admin user in the database
And then login to the system.

That is the best and safest way to do it.

Carrzkiss
0
 
LVL 29

Author Comment

by:coreybryant
Comment Utility
I seem to have most of it done.  Unfortunately, getting to a new user was not shown / uploaded.

I had this code
MM_rsUser.Open "SELECT adminUsername, adminPassword FROM config WHERE adminUsername='" & Replace(MM_valUsername,"'","''") &"' AND adminPassword='" & objMD5.HEXMD5 & "'",Database, 0, 1

Open in new window

and changed it to:
MM_rsUser.Open "SELECT adminUsername, adminPassword FROM config WHERE adminUsername='" & Replace(MM_valUsername,"'","''") &"' AND adminPassword='",Database, 0, 1

Open in new window

I get an error:
Microsoft JET Database Engine error '80040e14'
Syntax error in string in query expression 'adminUsername='admin' AND adminPassword=''.
/admin/admin.asp, line 26
I think I am on the right track and I can enable MD5 again once I fix this.  Going through all the emails though, I see the user / pass that should work but does not.

Thanks!
0
 
LVL 82

Expert Comment

by:hielo
Comment Utility
try resetting the password instead. Originally you had this:

MM_rsUser.Open "SELECT adminUsername, adminPassword FROM config WHERE adminUsername='" & Replace(MM_valUsername,"'","''") &"' AND adminPassword='" & objMD5.HEXMD5 & "'",Database, 0, 1


So, now change your code to this:

Database.Execute "UPDATE config set password='" & objMD5.HEXMD5 & "' WHERE adminUsername='" & Replace(MM_valUsername,"'","''") & "'"

MM_rsUser.Open "SELECT adminUsername, adminPassword FROM config WHERE adminUsername='" & Replace(MM_valUsername,"'","''") &"' AND adminPassword='" & objMD5.HEXMD5 & "'",Database, 0, 1

BUT as soon as you run that code once, remove the UPDATE code completely!
0
 
LVL 29

Author Comment

by:coreybryant
Comment Utility
The original code also had included files (that I removed)
<!--#include file="class_md5.asp" -->

Open in new window

Should I add that back first? (And replace the DB with the orig DB?)  I made copies of all the files / databases of course if I have to revert back to the other way.
0
 
LVL 82

Expert Comment

by:hielo
Comment Utility
>>Should I add that back first?
Of course. You'll need so that when the password is updated, it is once again md5 encrypted. Having "clear" passwords is NOT a good idea.

SO, again, on the ORIGINAL code where you got that "SELECT ..." from (most likely some login page), you need to put the UPDATE code just before it, which will allow you to reset the password to whatever you just typed in your login form.
0
 
LVL 29

Author Comment

by:coreybryant
Comment Utility
OK thanks,  I went back, added everything to what you suggested.

When I went to the page, it wanted a username / password.  I was not certain what to enter, so I entered the default and hit submit.

This error came up:
Microsoft JET Database Engine error '80040e14'
Syntax error in UPDATE statement.
/admin/admin.asp, line 45
Line 45
Database.Execute "UPDATE config set password='" & objMD5.HEXMD5 & "' WHERE adminUsername='" & Replace(MM_valUsername,"'","''") & "'"

Open in new window

0
 
LVL 82

Expert Comment

by:hielo
Comment Utility
What DB are you using?  How are you connecting to the db?

I'm assuming that ORIGINALLY (before you posted your question here) you were attempting to login to some page and on that page it kept telling "Invalid username or password" (or something equivalent). It is on THAT code that you were supposed to add the update statement, since based on your SELECT, it seems the variable Database IS a connection object - is it?
0
 
LVL 29

Author Comment

by:coreybryant
Comment Utility
Using MS Access.  Yes it was telling me incorrect login.  I do know the username is admin

When I changed to the MD5, I added the md5.asp file and included into two files (admin.asp / update_pass.asp).  admin.asp is the page where I login to the control section.
Connection String:
MM_blog_STRING = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=D:\Websites\example.com\db\blog.mdb;Persist Security Info=False"

Open in new window

0
 
LVL 82

Expert Comment

by:hielo
Comment Utility
What is in class_md5.asp? I need to see how you create an object and assign it a value because that's what you will need to insert into the db.
0
 
LVL 82

Expert Comment

by:hielo
Comment Utility
Going back to ID:36504993, since you said " I do know the username is admin", then you can simplify the execute to:

Database.Execute "UPDATE config set password='hello' WHERE adminUsername='admin' "

BUT that will insert a "plain" password instead of an md5 password. Your login page is actually taking a "plain" password, computes the md5, and THEN compares against the md5 you have stored in your db.  On the example above, if you were to type "admin" as your password, it will always fail because what it is actually doing is saving a plain password in the db, but your login script is first converting the user input to an md5 and then would compare the md5 against what's on the db (which in the admin example would be a plain password).  Hence my question about your class_md5.asp.
0
 
LVL 29

Author Comment

by:coreybryant
Comment Utility
No worries, here is the attachment.  

I was trying to find the original script before we added this, but so far, no luck.   I remember we only added a couple of lines.  Thanks!
md5.txt
0
 
LVL 82

Expert Comment

by:hielo
Comment Utility
try:
'if you change "newPassword" to the password that you want, then it should reset the password
'as soon as you attempt to login using 'admin' as the username.
'NOTE: be sure to remove the code below from your code immediately after you login.
Dim hielo
hielo=new MD5
hielo.text="newPassword"
Database.Execute "UPDATE config set password='" & hielo.HEXMD5 & "' WHERE adminUsername='admin'"
Set hielo=Nothing

MM_rsUser.Open "SELECT adminUsername, adminPassword FROM config WHERE adminUsername='" & Replace(MM_valUsername,"'","''") &"' AND adminPassword='" & objMD5.HEXMD5 & "'",Database, 0, 1

Open in new window

0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 
LVL 29

Author Comment

by:coreybryant
Comment Utility
Sorry, just to make sure - that should go into the admin.asp with all the original code (asp files) and database?  And when I bring up the admin.asp page, will it bring up a login form?

Thanks!
0
 
LVL 82

Expert Comment

by:hielo
Comment Utility
Based on post ID:36504891, yes, it seems that on admin.asp is where you originally had the SELECT. So the update needs to be executed before that select.
0
 
LVL 29

Author Comment

by:coreybryant
Comment Utility
I entered that information into the admin.asp page.  The username / password boxes came up.  So I enter admin / newPassword.  

This is the error:
Microsoft VBScript runtime error '800a01b6'
Object doesn't support this property or method
/admin/admin.asp, line 48

Line 48:
hielo=new MD5

Open in new window


I included the admin.asp to maybe help some.  Thanks again!
admin.txt
0
 
LVL 82

Expert Comment

by:hielo
Comment Utility
my apologies for the oversight. It should have been:
Set hielo=new MD5
0
 
LVL 29

Author Comment

by:coreybryant
Comment Utility
No worries.  I was able to bring up the admin.asp page.  I am guessing that when I entered this URL into the browser (http://www.example.com/admin/admin.asp) that it changed the password to newPassword?

Now, I need to close that window, remove the code:
 'if you change "newPassword" to the password that you want, then it should reset the password
'as soon as you attempt to login using 'admin' as the username.
'NOTE: be sure to remove the code below from your code immediately after you login.
Dim hielo
hielo=new MD5
hielo.text="newPassword"
Database.Execute "UPDATE config set password='" & hielo.HEXMD5 & "' WHERE adminUsername='admin'"
Set hielo=new MD5

Open in new window

upload admin.asp page, go to the URL again and enter username admin and password newPassword - and then change the password?

Thanks again!
0
 
LVL 82

Expert Comment

by:hielo
Comment Utility
>> I am guessing that when I entered this URL into the browser ... that it changed the password to newPassword?
No. Simply "loading" that page will not reset it. When that page loads, you should see a login form where you type your username/password.  Fill those fields (with anything for now). As soon as you submit the form then it will reset the password.  As a matter of fact, if you change:

hielo.text="newPassword"

with:
hielo.text=Request.Form("password")

whatever password you type in the password field will become your new password. THEN go back an remove the snippet of code I gave you so that the password is not reset over and over.
0
 
LVL 29

Author Comment

by:coreybryant
Comment Utility
OK, I kept it simple and used admin / newPassword.  I did not change any part of the code (except the part your provided).

When I hit submit, an error was generate:
Microsoft JET Database Engine error '80040e14'
Syntax error in UPDATE statement.
/admin/admin.asp, line 50
Set hielo=Nothing

Open in new window


Right now, the (new) code that is in there is
 'if you change "newPassword" to the password that you want, then it should reset the password
'as soon as you attempt to login using 'admin' as the username.
'NOTE: be sure to remove the code below from your code immediately after you login.
Dim hielo
Set hielo=new MD5
hielo.text="newPassword"
Database.Execute "UPDATE config set password='" & hielo.HEXMD5 & "' WHERE adminUsername='admin'"
Set hielo=Nothing

Open in new window

Thanks!
0
 
LVL 82

Expert Comment

by:hielo
Comment Utility
Try commenting it out:
'Set hielo=Nothing

OR get rid of that line completely.
0
 
LVL 29

Author Comment

by:coreybryant
Comment Utility
Received the same error on Line 50
Database.Execute "UPDATE config set password='" & hielo.HEXMD5 & "' WHERE adminUsername='admin'"

Open in new window

0
 
LVL 82

Accepted Solution

by:
hielo earned 500 total points
Comment Utility
OK, the problem is that password is a reserved word. To avoid these problems in the future, enclose your field and table names with brackets:

Database.Execute "UPDATE [config] set [password]='" & hielo.HEXMD5 & "' WHERE  [adminUsername]='admin'"

The same applies to the SELECT that follows:

      MM_rsUser.Open "SELECT [adminUsername], [adminPassword] FROM [config] WHERE [adminUsername]='" & Replace(MM_valUsername,"'","''") &"' AND [adminPassword]='" & objMD5.HEXMD5 & "'",Database, 0, 1

Which now brings me to another point. According to your SELECT statement, the field that stores the password is named "adminPassword", but on your UPDATE statement we have been trying/using "password". You need to double check the config table in your db. IF in fact the fieldname is "adminPassword", then use:

Database.Execute "UPDATE [config] set [adminPassword]='" & hielo.HEXMD5 & "' WHERE  [adminUsername]='admin'"

Since you already had that SELECT in place, my guess it that is should be "adminPassword", so below is an updated portion of your code.  Update your file accordingly.

...

If MM_valUsername <> "" Then
	MM_fldUserAuthorization=""
	MM_redirectLoginSuccess="main.asp"
	MM_redirectLoginFailed="admin.asp?lf=true"
	
	Set Database = Server.CreateObject("ADODB.connection")
	Database.Open  "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & Datafile & ";"

	Set MM_rsUser = Server.CreateObject("ADODB.recordset")

	'if you change "newPassword" to the password that you want, then it should reset the password
	'as soon as you attempt to login using 'admin' as the username.
	'NOTE: be sure to remove the code below from your code immediately after you login.
	Dim hielo
	Set hielo=new MD5
	hielo.text="newPassword"
	Database.Execute "UPDATE [config] set [adminPassword]='" & hielo.HEXMD5 & "' WHERE [adminUsername]='admin'"
	Set hielo=Nothing

	MM_rsUser.Open "SELECT [adminUsername], [adminPassword] FROM [config] WHERE [adminUsername]='" & Replace(MM_valUsername,"'","''") &"' AND [adminPassword]='" & objMD5.HEXMD5 & "'",Database, 0, 1
  

	If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then 
		' username and password match - this is a valid user
		Session("MM_Username") = MM_valUsername
		If (MM_fldUserAuthorization <> "") Then
			Session("MM_UserAuthorization") = CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization).Value)
		Else
			Session("MM_UserAuthorization") = ""
		End If
		if CStr(Request.QueryString("accessdenied")) <> "" And true Then
			MM_redirectLoginSuccess = Request.QueryString("accessdenied")
		End If
		MM_rsUser.Close
		Response.Redirect(MM_redirectLoginSuccess)
	End If
	MM_rsUser.Close
	Response.Redirect(MM_redirectLoginFailed)
End If
...

Open in new window

0
 
LVL 29

Author Comment

by:coreybryant
Comment Utility
Thanks, that worked.  Hopefully I can go back to the original code right now before changing the password.
0
 
LVL 29

Author Comment

by:coreybryant
Comment Utility
Since the change password was on another page, that part was successful.  But when I logged out and logged back in, I received an error
Microsoft JET Database Engine error '80040e14'
Syntax error in UPDATE statement.
/admin/admin.asp, line 43
Line 43-47
 Set MM_rsUser = Server.CreateObject("ADODB.recordset")
  MM_rsUser.Open "SELECT adminUsername, adminPassword FROM config WHERE adminUsername='" & Replace(MM_valUsername,"'","''") &"' AND adminPassword='" & objMD5.HEXMD5 & "'",Database, 0, 1
Database.Execute "UPDATE config set password='" & objMD5.HEXMD5 & "' WHERE adminUsername='" & Replace(MM_valUsername,"'","''") & "'"

MM_rsUser.Open "SELECT adminUsername, adminPassword FROM config WHERE adminUsername='" & Replace(MM_valUsername,"'","''") &"' AND adminPassword='" & objMD5.HEXMD5 & "'",Database, 0, 1

Open in new window

I am pretty sure I went back to the original admin.asp code, but I am not exactly sure.  I think I have a double line code in there.

In a Config table, there is AdminUsername and AdminPassword
0
 
LVL 29

Author Comment

by:coreybryant
Comment Utility
I forgot that I had a backup copy of this site in a zipped file.  I went back to reference that I updated the code to
 Set MM_rsUser = Server.CreateObject("ADODB.recordset")
  MM_rsUser.Open "SELECT adminUsername, adminPassword FROM config WHERE adminUsername='" & Replace(MM_valUsername,"'","''") &"' AND adminPassword='" & objMD5.HEXMD5 & "'",Database, 0, 1

  If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then 
    ' username and password match - this is a valid user

Open in new window

I was able to sign in with the username / password.  

I should have implemented the MD5 after the development was done, but the developer was going along at a good speed.  Thanks for hanging in there and helping
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Overview: This article:       (a) explains one principle method to cross-reference invoice items in Quickbooks®       (b) explores the reasons one might need to cross-reference invoice items       (c) provides a sample process for creating a M…
Introduction Since I wrote the original article about Handling Date and Time in PHP and MySQL (http://www.experts-exchange.com/articles/201/Handling-Date-and-Time-in-PHP-and-MySQL.html) several years ago, it seemed like now was a good time to updat…
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
HTML5 has deprecated a few of the older ways of showing media as well as offering up a new way to create games and animations. Audio, video, and canvas are just a few of the adjustments made between XHTML and HTML5. As we learned in our last micr…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now