0

Joomla is storing a password inside a local cookie if the user checks the box 'remember me' when you login. This code then runs when a succesful login was made.

if (!in_array(false, $results, true))
        {
            // Set the remember me cookie if enabled.
            if (isset($options['remember']) && $options['remember'])
            {
                // Create the encryption key, apply extra hardening using the user agent string.
                $privateKey = self::getHash(@$_SERVER['HTTP_USER_AGENT']);

                $key = new JCryptKey('simple', $privateKey, $privateKey);
                $crypt = new JCrypt(new JCryptCipherSimple, $key);

                $rcookie = $crypt->encrypt(serialize($credentials));
                $lifetime = time() + 365 * 24 * 60 * 60;

                // Use domain and path set in config for cookie if it exists.
                $cookie_domain = $this->getCfg('cookie_domain', '');
                $cookie_path = $this->getCfg('cookie_path', '/');
                setcookie(self::getHash('JLOGIN_REMEMBER'), $rcookie, $lifetime, $cookie_path, $cookie_domain);
            }

            return true;
        }

Note $credentials has a ['password'] key value and it does contain the password from the login form. So if this is encrypted then it must be 2 way for the system to reverse this and populate the password field from the cookie ?

My question is how can I do this..the real clear password is not saved on the users table but an MD5 hashed one. So it must be from this cookie that joomla is able to save the password.

4

2 回答 2

1

根据我对如何在 Joomla 中进行身份验证的理解!工作,它是这样的:

  • 你填写用户名/密码
  • 他们通过身份验证插件进行检查
  • 如果成功,则创建并存储会话(通常在数据库中),并且会话 ID 将存储为 cookie
  • 只要会话没有过期,并且你用同一个浏览器打开Joomla,你基本上就自动认证了。

所以我真的怀疑Joomla!将任何密码存储在 cookie 中。密码也被加密存储。所以Joomla!无法知道原始密码是什么。

于 2013-01-24T21:55:19.600 回答
0

不,它不能是两种方式:您只是存储用户 + 密码的组合($credentials 是一个带有键“用户名”和“密码”的数组),我假设 Joomla 将相同的值保存到数据库中,并且'记住我'只是检查存储的值(加密)是否与 cookie 相同(也加密)。

如果应用相同的序列,这两个值将匹配(如您所见,还有一个带有网站私钥的散列)。

于 2013-01-24T21:59:06.800 回答