Page Index Toggle Pages: 1
There are no actions to perform.
Normal Topic from YaBB 2.1 to Drupal-7 password decode (Read 7,134 times)
ar2008
YaBB Newcomer
*
Offline



Posts: 13
from YaBB 2.1 to Drupal-7 password decode
Jun 28th, 2012 at 8:34am
There are no actions to perform.
Hello
Need to go from YaBB 2.1 to Drupal 7. How can I decode the password in the YaBB 2.1 to migrate users?
  
Back to top
 
IP Logged
 
JonB
YaBB Administrator
YaBB Next Team
Operations Team
Beta Testers
Support Team
*****
Offline



Posts: 4,201
Location: Land of the Blazing Sun!

YaBB 2.6.1
Re: from YaBB 2.1 to Drupal-7 password decode
Reply #1 - Jun 28th, 2012 at 7:43pm
There are no actions to perform.
AFAIK, you can't actually decode the YaBB passwords, they are a one-way hash. 

Good Luck
Cool
  

I find your lack of faith disturbing.
Back to top
IP Logged
 
ar2008
YaBB Newcomer
*
Offline



Posts: 13
Re: from YaBB 2.1 to Drupal-7 password decode
Reply #2 - Jul 16th, 2012 at 11:47am
There are no actions to perform.
So, which is encrypting method use the YaBB2.1?
it does not seem to MD5
  
Back to top
 
IP Logged
 
JonB
YaBB Administrator
YaBB Next Team
Operations Team
Beta Testers
Support Team
*****
Offline



Posts: 4,201
Location: Land of the Blazing Sun!

YaBB 2.6.1
Re: from YaBB 2.1 to Drupal-7 password decode
Reply #3 - Jul 16th, 2012 at 2:21pm
There are no actions to perform.
this is the relevant code:

Code (Perl)
Select All
# convert non encrypted password to MD5 crypted one
		if ($spass eq $FORM{'passwrd'} && $spass ne $cryptpass) {
			# only encrypt the password if it's not already MD5 encrypted
			# MD5 hashes in YaBB are always 22 chars long (base64)
			if (length(${$uid.$username}{'password'}) != 22) {
				${$uid.$username}{'password'} = $cryptpass;
				&UserAccount($username);
				$spass = $cryptpass; 



Hashed pw's can't be decrypted, they can only be 'guessed' at. áAn intersection or collision can be derived by 'list comparison'. (Think MD5 pw sites) áIn plain English, that means more than one 'plain-text' can have the same encrypted key.  For instance 'do56bgh' "might" hash to the same result as "x7jkukd"  (fictional values).

reference for your benefit:
http://www.php-fusion.co.uk/forum/viewthread.php?thread_id=19034

You might also look at SMF's converters, as they have to deal with that issue, although I think they just transcode it into their user tables.

Good Luck
Cool
« Last Edit: Jul 16th, 2012 at 2:26pm by JonB »  

I find your lack of faith disturbing.
Back to top
IP Logged
 
Page Index Toggle Pages: 1
There are no actions to perform.