1

我在 Joomla 3.2 中启用了 TFA,它运行良好,但我的智能手机无法访问。

然后我无法进入后端,我尝试禁用数据库中的插件 plg_twofactorauth_totp 但它保持启用状态。

通过重命名文件夹隐藏密钥输入来禁用,但我无法登录。

4

2 回答 2

3

转到您的 MySQL 数据库以获取 joomla,转到users表。清除otpKey的值。您现在应该可以在没有密钥的情况下登录。

于 2014-06-14T21:52:34.057 回答
-1

https://gist.github.com/medigeek/28a047be0d0d527a95769130a6faf559

此代码将禁用双因素身份验证插件并清除 Joomla 的密钥!超级用户。

此脚本禁用 Joomla! 的两因素身份验证插件并清除超级用户的 otpKey 和 otep 值。它允许您在出于任何原因无法使用 Google 身份验证器时登录。

用法:

将它放在 Joomla 中!3.x 根目录(configuration.php 和 index.php 所在的位置)并运行它。然后登录并将安全密钥字段留空。

警告:谨慎使用。使用前备份

代码快照

<?php
/* This script disables Joomla!'s two factor authentication
 * plugin and clears the otpKey and otep values for Super 
 * Users. It allows you to login when you aren't able to
 * use Google authenticator for any reason.

 * Usage:
 * Place it in the Joomla! 3.x root dir (where configuration.php 
 * and index.php are) and run it. Then login and leave the 
 * security key field empty.

 * Warning: Use with caution. Backup before use.
*/
define('_JEXEC', 1);
define('JPATH_BASE', __DIR__);
error_reporting(E_ALL);
ini_set('display_errors', 1);
// Load system defines
if (file_exists(JPATH_BASE . '/defines.php')) { require_once JPATH_BASE . '/defines.php'; }
if (!defined('_JDEFINES')) { require_once JPATH_BASE . '/includes/defines.php'; }
require_once JPATH_LIBRARIES . '/import.legacy.php'; // Get the framework.
require_once JPATH_LIBRARIES . '/cms.php'; // Bootstrap the CMS libraries.
class Reset2FA extends JApplicationCli
{
    public function execute()
    {
        $this->out('Initialising');
        $db = JFactory::getDbo();
        $query = $db->getQuery(true);
        $query2 = $db->getQuery(true);
        //get users by group: (array of integers)
        $sadminids = JAccess::getUsersByGroup(8); // 8 = Super Users
        $strsadminids = implode(',', $sadminids);
        $this->out(sprintf('Super User IDs: %s', $strsadminids));
        $this->out('Disabling twofactorauth plugin (totp and yubikey)');
        // Fields to update.
        $fields = array(sprintf('%s = 0', $db->quoteName('enabled')));
        // Conditions for which records should be updated.
        // plg_twofactorauth_totp
        // plg_twofactorauth_yubikey
        $conditions = array(sprintf('%s LIKE %s', $db->quoteName('name'), $db->quote('plg_twofactorauth_%')));
        $query->update($db->quoteName('#__extensions'))->set($fields)->where($conditions);
        $db->setQuery($query);
        $result = $db->execute();

        $this->out('Disabling/clearing otpKey and otep for all Super Users');
        // UPDATE 2
        $fields2 = array(
            $db->quoteName('otpKey') . " = ''",
            $db->quoteName('otep') . " = ''",
            );
        // Conditions for which records should be updated.
        // otpKey
        // otep
        $conditions2 = array(
            $db->quoteName('otpKey') . " != ''",
            $db->quoteName('otep') . " != ''",
            sprintf('%s IN (%s)', $db->quoteName('id'), $strsadminids)
        );
        $query2->update($db->quoteName('#__users'))->set($fields2)->where($conditions2);
        $db->setQuery($query2);
        $result2 = $db->execute();
        $this->out('Done');
    }
}
JApplicationCli::getInstance('Reset2FA')->execute();
?>
于 2018-04-10T14:50:08.717 回答