How do you change Or find out what the admin password is i have many scrips but are no good as i dont know what the password is for admin can someone please lead me in the wright way to finding and changing my admin passwords please thanks
Can you please make it specific? What particular software you are referring to? Sidenote: if you are referring to any existing open source projects most of them implementing the md5() encryption, which means that nobody can decrypt it. MD5, SHA1 and it equivalents are one-way encryption. So you cannot be able to find the admin password, but changing it should be possible.
If this is a the case, simply generate a new password, and insert it into the database, or the config file, in place of the old password. <?php echo md5("mynewpassword"); ?> PHP: or you can use base64encode I've seen quite a few open source projects using this method.
@JeremyMorgan, Absolutely, but be sure to check the code on how they implement the password encryption. Most of the time, I will generate a password using some salts before encrypting it in md5 or similar. My usual implementation would be: $plain_password = 'thisismypassword'; $static_salt = 'qGPBA8iCM3cUuCbBAQx3E0uOkKTrSeEUiSOrAkykEk4sEniyP67Q2BTp8vtDqoqw'; $dynamic_salt = microtime(); // you can use some other alternatives $encrypted_password = md5($static_salt.$plain_password.$dynamic_salt); // you can also change the order of concatenation as you want PHP: $encrypted_password and $dynamic_salt is always stored in database together with username, while the static salt must be placed anywhere you want, you can place it either in code (hard-coded static salt), config, or even database, the choice depends on you.
I do that as well, I usually just salt it with a timestamp, but I've noticed a lot of open source php projects dont. It's too bad, too I think this extra security goes a long way.