I've been coding some maintenance tools in Perl and PHP to be run from our site's cgi-bin directory, and was thinking of having the tools ask for a login to improve security. This login would ask for a Miva username and password and then authenticate against users.dbf.
Problem is, I don't know how Miva encrypts the users' passwords. I remember reading somewhere that the actual encryption method used by Miva depends on the server it's running on, but not how it implements this mystery encryption method so I could attempt running it from the shell. I know enough that they're not md5 or sha1 hashes.
I suppose I'm looking for one of two things:
Problem is, I don't know how Miva encrypts the users' passwords. I remember reading somewhere that the actual encryption method used by Miva depends on the server it's running on, but not how it implements this mystery encryption method so I could attempt running it from the shell. I know enough that they're not md5 or sha1 hashes.
I suppose I'm looking for one of two things:
- Learn how Miva uses a server/shell's encryption method so I can implement this in my own Perl/PHP script.
- Find a way to run a password through miva/mivavm and have it spit out the encrypted password.
Comment