Login credentials via C++ ?

Mr. Strange

Member
So I'm writing an application in c++ needs to check to see if a user's login credentials are valid.

I'm able to query the xf_user_authenticate.data for a given user and I get something like this:
a:1:{s:4:"hash";s:34:"$P$DJbii5ji4owDu.Sgm8k9E0.ofjeeyJ0Ó";}

My question is, how can the user's password get encrypted into the data above?

Looking online, I see that $P$ signifies that it's an MD5 hash. I thought xenForo used SHA1/256? My company must be using an old version of xenForo. All MD5 algorthims I look up don't give me anything close to what is shown above. Most just give me back 16 bytes, not 34. Are the old passwords using the salted double hash? Anything else I should know?

Thanks!
 

EQnoble

Well-known member
So I'm writing an application in c++ needs to check to see if a user's login credentials are valid.

I'm able to query the xf_user_authenticate.data for a given user and I get something like this:
a:1:{s:4:"hash";s:34:"$P$DJbii5ji4owDu.Sgm8k9E0.ofjeeyJ0Ó";}

My question is, how can the user's password get encrypted into the data above?

Looking online, I see that $P$ signifies that it's an MD5 hash. I thought xenForo used SHA1/256? My company must be using an old version of xenForo. All MD5 algorthims I look up don't give me anything close to what is shown above. Most just give me back 16 bytes, not 34. Are the old passwords using the salted double hash? Anything else I should know?

Thanks!
Have you came across this post in your searches by chance yet?

https://xenforo.com/community/threads/password-formula.32191/#post-367845
 
Top