Zhimeng dedecms background forgot password modification reset

Last Update:2017-01-13 Source: Internet

Author: User

Tags md5 php file administrator password

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

Method 1: use the password reset tool

When we use dedecms, the password is admin when most people install it. After the installation is successful, I thought it could be modified from the background or database, but unexpectedly it could not be modified, this makes the background insecure! This tool is used to create a new employee who forgets the administrator password and only needs to reset radminpass. copy the php file to the root directory and run "http: // yousite/radminpass. php (yousite is your website domain name) ", you can follow the operation. Please delete this file in time after recovery is complete!

The code is as follows:

Copy code

<? Php

Require_once (dirname (_ FILE _). "/include/common. inc. php ");
If (empty ($ step ))
{
$ Step = 1;
}
?>
<! DOCTYPE html PUBLIC "-// W3C // dtd xhtml 1.0 Transitional // EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<Html xmlns = "http://www.w3.org/1999/xhtml">
<Head>
<Meta http-equiv = "Content-Type" content = "text/html; charset = gb2312"/>
<Title> password resetting tool _ GBK </title>
<Style type = "text/css">
<! --
Body {
Font-family: "MS Serif", "New York", serif;
Font-size: 12px;
Color: #000;
}
Table {
Border-top-width: 1px;
Border-right-width: 1px;
Border-left-width: 1px;
Border-top-style: dotted;
Border-right-style: dotted;
Border-left-style: dotted;
Border-top-color: # CCC;
Border-right-color: # CCC;
Border-left-color: # CCC;
}
Td {
Border-bottom-width: 1px;
Border-bottom-style: dotted;
Border-bottom-color: # CCC;
}
-->
</Style>
</Head>
<Body>
<? Php
If ($ step = 1)
{
$ Dsql-> SetQuery ("Select * From '# @__ admin' where usertype = '10 '");
$ Dsql-> Execute ("ut ");
?>
<Table width = "98%" border = "0" align = "center" cellpadding = "3" cellspacing = "1">
<Tr>
<Td height = "19" bgcolor = "# E7E7E7"> <table width = "96%" border = "0" cellspacing = "1" cellpadding = "1">
<Tr>
<Td width = "24%"> <B> <strong> Step 1: select an administrator account </strong> </B> </td>
<Td width = "76%" align = "right"> & nbsp; </td>
</Tr>
</Table> </td>
</Tr>
<Tr>
<Td height = "215" align = "center" valign = "top" bgcolor = "# FFFFFF"> <form action = "radminpass. php "method =" post "name =" form1 "id =" form1 ">
<Input type = "hidden" name = "step" value = "2"/>
<Table width = "98%" border = "0" cellspacing = "1" cellpadding = "1">
<Tr>
<Td height = "60" colspan = "2" align = "left"> This tool is created for newcomers who forget the administrator password and need to reset radminpass. copy the php file to the root directory and run & ldquo; http: // yousite/radminpass. php (yousite is the website domain name) & rdquo;, follow the instructions. <Font color = "# FF0000"> Please delete this file in time after recovery is complete! </Font> </td>
</Tr>
<Tr>
<Td width = "16%" height = "30" align = "left"> select the super administrator ID: </td>
& Lt; td width = "84%" align = "left" & gt;
<Select name = 'id' style = 'width: 150px '>
<? Php
While ($ myrow = $ dsql-> GetObject ("ut "))
     {
Echo "<option value = '". $ myrow-> id. "'>". $ myrow-> userid. "</option> rn ";
     }
?>
</Select>

</Td>
</Tr>
<Tr>
<Td height = "60" align = "left"> & nbsp; </td>
<Td align = "left"> <input type = "submit" name = "Submit" value = "Next & gt;" class = "coolbg np"/> </td>
</Tr>
</Table>
</Form> </td>
</Tr>
</Table>
<? Php
} Elseif ($ step = 2 ){
$ Row = $ dsql-> GetOne ("Select * From '#@__ admin' where id =' $ ID '");
?>
<Table width = "98%" border = "0" align = "center" cellpadding = "3" cellspacing = "1">
<Tr>
<Td height = "19" bgcolor = "# E7E7E7"> <table width = "96%" border = "0" cellspacing = "1" cellpadding = "1">
<Tr>
<Td width = "24%"> <B> <strong> Step 2: Change the administrator password </strong> </B> </td>
<Td width = "76%" align = "right"> & nbsp; </td>
</Tr>
</Table> </td>
</Tr>
<Tr>
<Td height = "215" align = "center" valign = "top" bgcolor = "# FFFFFF"> <form action = "radminpass. php "method =" post "name =" form1 "id =" form1 ">
<Input name = "step" type = "hidden" id = "step" value = "3"/>
<Input type = "hidden" name = "id" value = "<? Php echo $ row ['id']?> "/>
<Table width = "98%" border = "0" cellspacing = "1" cellpadding = "1">
<Tr>
<Td width = "16%" height = "30" align = "left"> user logon ID: </td>
<Td width = "84%" align = "left"> <? Php echo $ row ['userid']?> </Td>
</Tr>
<Tr>
<Td height = "30" align = "left"> user pen name: </td>
<Td align = "left"> <input name = "uname" type = "text" id = "uname" size = "16" value = "<? Php echo $ row ['uname']?> "Style =" width: 200px "/>
</Td>
</Tr>
<Tr>
<Td height = "30" align = "left"> user password: </td>
<Td align = "left"> <input name = "pwd" type = "text" id = "pwd" size = "16" style = "width: 200px"/>
& Nbsp; (leave it blank without modification. You can only use '0-9a-zA-Z .@_-! 'Characters within the specified range) </td>
</Tr>
<Tr>
<Td height = "60" align = "left"> & nbsp; </td>
<Td align = "left"> <input type = "submit" name = "Submit" value = "confirm to modify" class = "coolbg np"/> </td>
</Tr>
</Table>
</Form> </td>
</Tr>
</Table>
<? Php
} Elseif ($ step = 3 ){
$ Pwdm = '';
If ($ pwd! = ''){
$ Pwdm = ", pwd = '". md5 ($ pwd )."'";
$ Pwd = ", pwd = '". substr (md5 ($ pwd), 5, 20 )."'";
}
$ Query = "update' #@__ admin' set uname = '$ uname' $ pwd where id =' $ ID '";
$ Dsql-> ExecuteNoneQuery ($ query );
$ Query = "update' #@__ member 'set uname = '$ uname' $ pwdm where mid =' $ ID '";
$ Dsql-> ExecuteNoneQuery ($ query );
ShowMsg ("an account is successfully changed! "," Radminpass. php ");
}
?>
</Body>
</Html>

Method 2: go directly to your mysql database management. Here we use phpmyadmin as an instance.

1. First enter your MYSQL background, and then find dede_admin in your name as shown in the figure:

Image 1

2. Click "browse" on the right and click "View right"

Image 2

3. The following figure is displayed:

Image 3

4. Then we can see our username and the MD5 encrypted password. I don't know how many bits of DEDE are encrypted. I have tried a lot of MD5 and I cannot solve it. Now you only need to change the password. First, check the previous options and click the "change" button (that is, the pen) below, as shown in the figure:

Image 4

See the figure below:

Image 5

Note: to modify the username used to log on to the background, modify the userid.

5. Replace the following MD5 code with the previous MD5 code.
The password for dedecms 5.3 and later versions is admin.
21232f297a57a5a743894a0e
Dedecms 5.1 has a password of 123456.
C3949ba59abbe56e057f
In fact, the best way is to install the corresponding dedecms version locally, check the password value of the pwd field, and modify it.
6. Click "execute" and change your password to admin in the background.

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More