If you delete the hash, it should fall back on the default, of
nospam4me.
On May 2, 2009, at 9:47 PM, Alex Davidson wrote:
> Just wondering out loud how I would be able to reset the password to
> log in to the web interface to ASSP should I ever forget or mis-
> change the password.
> Would
>Just wondering out loud how I would be able to reset the password to log in to
>the web interface to ASSP should I ever forget or mis-change the password.
>Would it be as simple as deleting the hashed value and using no password to
>get in or is it more difficult than that?
It defaults to nospa
Just wondering out loud how I would be able to reset the password to log in to
the web interface to ASSP should I ever forget or mis-change the password.
Would it be as simple as deleting the hashed value and using no password to get
in or is it more difficult than that?
Hello Jason,
MD5 (32 bits) or SHA1 (64 bits) is better than plantext.
Implementation of a simple hash to store password take only a little time.
The best to do is both things.
On Jan 14, 2008 6:35 PM, Jason Pruim <[EMAIL PROTECTED]> wrote:
> Once you know the hash though, it's a simple matter
Once you know the hash though, it's a simple matter from what I've
heard to decrypt it with a brute force attack setup on your server.
Sure it takes a little effort, but it is possible.
even if you use all kinds of mixed case, different characters,
punctuation, etc. to create the hash, with
Someone can get read access to assp.cfg without write.
default umask is 022, what mean files are created with 0644, so by default
them can read not write
MD5 hash will help to protect sysadmins which do not checked their
permissions.
I know is easier to chmod 0600 assp.cfg, but, my opinion is to
Roberto Berto wrote:
> On Jan 14, 2008 3:00 PM, GrayHat <[EMAIL PROTECTED]> wrote:
>
>>> webAdminEncryptedPassword
>> it's a nonsense; imVHo it would just suffice to use MD5 to generate
>> an hash of the admin password and store the hash inside the config
>> file in place of the plain text pwd; at
On Jan 14, 2008 3:00 PM, GrayHat <[EMAIL PROTECTED]> wrote:
> > webAdminEncryptedPassword
>
> it's a nonsense; imVHo it would just suffice to use MD5 to generate
> an hash of the admin password and store the hash inside the config
> file in place of the plain text pwd; at any rate, if someone will
> webAdminEncryptedPassword
it's a nonsense; imVHo it would just suffice to use MD5 to generate
an hash of the admin password and store the hash inside the config
file in place of the plain text pwd; at any rate, if someone will be
able
to read your cfg file, then I suspect you'll have bigger prob
Hello,
What about create a two new parameters at assp.cfg?
webAdminEncryptedPassword: if not null, will skip webAdminPassword and will
use webAdminEncryptedPassword as password. Encryptation can be MD5, for
example
webAdminUsername: for change the default admin username
-
10 matches
Mail list logo
