Related table: V9_admin
Encryption method:
MD5 (MD5 (password) +encrypt)
First step: 32-bit lowercase MD5 for input password trim filter
Step two: Get random characters, encrypt value in corresponding record and link of first result
Step three: Second step result password 32-bit lowercase MD5
Example:
Password: 123456 encrypt:vcmkn3
<?php
$a = MD5 ("123456");
echo $a; $a results for e10adc3949ba59abbe56e057f20f883e
echo "
$e = MD5 ("E10adc3949ba59abbe56e057f20f883evcmkn3"); MD5 (password) +encrypt
Echo $e; Output of the $e 57cd0258e743463476e8d0028311ed44
So the result of 123456 after Phpcms v9 encryption rule is 57CD0258E743463476E8D0028311ED44
?>
In conclusion, when we get the password hash, we only need to take the first 32 bits of the plaintext before the hash, then check the plaintext before the hash is the real password.
The problem is that this long string can find a hash table. 0.0
Phpcms V9 Hash Encryption method