[kwlug-disc] Dumb MySQL question

Charles M chaslinux at gmail.com
Fri Apr 3 15:59:08 EDT 2020


I managed to muddle through changing the password. Here's what I did:

I used https://www.md5hashgenerator.com/ to generate an md5 sum of a
new password, let's say for example: ThisPassword

It spat out: 82aa4d3a83cae98a08a1c5859d777bbb

I then ran

update users set userpass="82aa4d3a83cae98a08a1c5859d777bbb" where
username="myusername";

I was able to log into the application using myusername and
ThisPassword, then go into the application and change it again. It
hashed with a completely different hash when I checked the table in
MySQL. Thanks for all the responses.

On Fri, Apr 3, 2020 at 2:57 PM Khalid Baheyeldin <kb at 2bits.com> wrote:
>
> On Fri, Apr 3, 2020 at 2:41 PM Charles M <chaslinux at gmail.com> wrote:
>>
>> I have a PHP application that has some users stored in a mysql
>> database. I can log into mysql and have permission to change the
>> database tables. If the table within the database is called users can
>> I just:
>>
>> INSERT into user (userpass) values ('NewMadeUpPass');
>>
>> Would this work since MySQL hashes passwords? I'd then log into the
>> web app and change the password, hopefully rehashing the new password.
>
>
> The passwords in Drupal are hashed.
>
> For Drupal 7, use the command line script that generates it:
>
> $ cd /whereever/drupal/is
>
> $ ./scripts/password-hash.sh your-password
>
> Then, you can do:
>
> UPDATE users SET pass = 'hash-from-previous-step' WHERE uid = 123;
>
> If you want to create a new user, then you need to use drush:
>
> $ drush help user-create
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> https://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org



-- 
Charles McColm
Fasteroids: http://www.fasteroids.ca
Twitter/Identica/Google+: @chaslinux




More information about the kwlug-disc mailing list