| View previous topic :: View next topic |
| Author |
Message |
danswano Voice
Joined: 07 Apr 2011 Posts: 20
|
Posted: Mon Apr 25, 2011 4:42 pm Post subject: |
|
|
Hello dude, i saw a field called "salt" in my vb_user table contain random characters that adds the extra encryption, can you write something so the tcl can read both the password and the salt fields together as vbulletin read them?
someone assured for me that vbulletin use this method of hashing:
| Code: | | $password_hash = md5(md5($password_text) . $user_salt); |
please help me  |
|
| Back to top |
|
 |
Murtific Voice
Joined: 06 Jul 2011 Posts: 1
|
Posted: Wed Jul 06, 2011 5:54 pm Post subject: |
|
|
I'm very interested in this, However I would like it if the bot had o:line access to be able to kick people off the server within 10 seconds if they did not /msg bot username pass.
I saw this in another forum and thought it might be helpful for this thread.
https://www.vbulletin.com/forum/showthread.php/363985-vBulletin-password-salt-issue?highlight=connecting
If it is at all possible for somebody to code this, this would be awesome.
I also want the bot to invite users to multiple channels on authorization and I want it to have commands so that I can add people to @ list +list and regular.
Also depending upon what access they have (@+) I'd like them to be invited to those channels as well.
WOULD LOVE TO SEE THIS!!!!!!!!!! I dont know anything about this type of coding or how to put it into my IRCD, but I'm willing to learn and if somebody is able to create this, would be nice for a step by step tutorial. <3 in advance. |
|
| Back to top |
|
 |
doggo Halfop
Joined: 05 Jan 2010 Posts: 97
|
Posted: Sun Oct 23, 2011 7:23 am Post subject: |
|
|
this should do the trick, bit late with the response but...
| Code: | package require mysqltcl 3.05
package require md5
namespace eval reqs {
namespace eval sett {
#START SETTINGS
variable req_chan "#YOUR_CHAN"
#DB CONNECTION
variable db_host "DB_HOST"
variable db_port "3306"
variable db_username "DB_USER"
variable db_password "DB_PASSWORD"
variable db_name "DB_NAME"
#CHANNEL USER TABLE
variable db_table "TABLE_NAME"
variable db_user "USERNAME_FIELD"
variable db_pass "PW_FIELD"
variable db_salt "SALT_FIELD"
#BINDS
bind MSGM -|- "*" reqs::user_add_voice::voice_add_user
#END SETTINGS NAMESPACE
}
# SCRIPT STARTS
namespace eval user_add_voice {
proc voice_add_user {nick uhost handle text} {
set check_nick [lindex $text 0]
set get_pass [lindex $text 1]
set salt [lindex $text 1]
# from what you said above
# $password_hash = md5(md5($password_text) . $user_salt);
# but without acces to a forum db i cannot test and have no idea on how the pws are stored/encrypted...
set check_pass [md5 [md5 $salt][md5[$getpass]]
set find_it [::mysql::connect -host $reqs::sett::db_host -port $reqs::sett::db_port -user $reqs::sett::db_username -password $reqs::sett::db_password -db $reqs::sett::db_name];
set it_find [::mysql::sel $find_it "SELECT $reqs::sett::db_user,$reqs::sett::db_pass FROM $reqs::sett::db_table WHERE $reqs::sett::db_user = '$check_nick' AND $reqs::sett::db_pass = '$check_pass'" AND $reqs::sett::db_salt = '$check_pass'"-flatlist];
::mysql::endquery $find_it
::mysql::close $find_it
if {$it_find == ""} {putquick "NOTICE $nick :invalid login";return} else {
set valid_nick [lindex $it_find 0]
set valid_pass [lindex $it_find 1]
if {![isvoice $nick $reqs::sett::req_chan] && $check_nick == "$valid_nick" && $check_pass == "$valid_pass"} {
putquick "MODE $reqs::sett::req_chan +v $nick"
putquick "NOTICE $nick :thanks for logging in.."
} else {
return
}
}
}
}
#END NAMESPACE
} |
untested  _________________ NON geeky!! http://gotcode4u.com/ |
|
| Back to top |
|
 |
|