Joomla login verification, password encryption

The joomla password is not simply encrypted with MD5.

The password in the database is stored as follows: (both the user name and password are admin)

ab9989726cacc2a382866650fe6c809d:64tjXqkuMhKth3GK9o6uBMilMTJhKJIe

There is a colon separated in the middle. we record the first part as Part1 and the second part as Part2.

That is:

part1:part2

Although we do not know how Part2 is encrypted (if anyone knows this, please give us some advice !)

But by looking at the joomla source code, we can know that Part1 is like this, Part1 = MD5 (username. Part2 );

We can write our own functions to verify the user name and password.

<? Phpdefine ('_ jexec', 1); define ('jpath _ base', dirname (_ file __)); // This is when we are in the rootdefine ('ds', directory_separator); // introduce the joomla framework to use the joomla class library require_once (jpath_base.ds. 'regionder '. DS. 'defines. PHP '); require_once (jpath_base.ds. 'regionder '. DS. 'framework. PHP '); $ mainframe = & jfactory: getapplication ('SITE'); $ mainframe-> initialise (); $ user = & jfactory: getuser (); If (! $ User-> get ("username") {?> You have not logged on! <? PHP} else {echo $ user-> get ("password "). "<br>"; // echo juserhelper: getcryptedpassword ("admin"); // echo MD5 ("admin "); // use the joomla class library to query $ db = jfactory: getdbo (); $ query = $ db-> getquery (true); $ query-> select ('Id, password '); $ query-> from (' #__ Users '); $ query-> where ('username = '. $ db-> quote ('admin'); $ db-> setquery ($ query); $ result = $ db-> loadobject (); $ parts = explode (': ', $ result-> password); $ testcrypt = MD5 ("admin ". $ Pa RTS [1]); echo $ testcrypt;?> <? PHP }?>

ab9989726cacc2a382866650fe6c809d:64tjXqkuMhKth3GK9o6uBMilMTJhKJIeab9989726cacc2a382866650fe6c809d