如何解密magento企业版密码? [英] How to decrypt magento enterprise edition password?

查看:120
本文介绍了如何解密magento企业版密码?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我刚刚注意到magento企业版和社区版均使用不同的算法来存储密码.我知道社区版使用md5.谁能告诉我企业版使用哪种机制,如果要迁移到社区版,我们如何解密企业密码?

解决方案

我认为它在Magento EE的app/etc/local.xmlapp/etc/enterprise.xml

Magento企业版上的解密功能 

/**
 * Decrypt a string
 *
 * @param string $data
 * @return string
 */
public function decrypt($data)
{
    return str_replace("\x0", '', trim($this->_getCrypt()->decrypt(base64_decode((string)$data))));
}


/**
 * Instantiate crypt model
 *
 * @param string $key
 * @return Varien_Crypt_Mcrypt
 */
protected function _getCrypt($key = null)
{
    if (!$this->_crypt) {
        if (null === $key) {
            $key = (string)Mage::getConfig()->getNode('global/crypt/key');
        }
        $this->_crypt = Varien_Crypt::factory()->init($key);
    }
    return $this->_crypt;
}

企业版社区版上似乎具有相同的功能. 您应该向 Magento Enterprise Edition的所有者索要该加密密钥,并使用CE对其进行解密.很好,因为我要潜入 Magento企业版的代码,并且该代码与社区版 (用于加密/解密)相同

在评论1之后添加

/**
 * Hash a string
 *
 * @param string $data
 * @return string
 */
public function hash($data)
{
    return md5($data);
}

/**
 * Validate hash against hashing method (with or without salt)
 *
 * @param string $password
 * @param string $hash
 * @return bool
 * @throws Exception
 */
public function validateHash($password, $hash)
{
    $hashArr = explode(':', $hash);
    switch (count($hashArr)) {
        case 1:
            return $this->hash($password) === $hash;
        case 2:
            return $this->hash($hashArr[1] . $password) === $hashArr[0];
    }
    Mage::throwException('Invalid hash.');
}

I just noticed magento enterprise and community both edition uses different algorithms for storing password. I know community edition uses md5. Can anyone tell me which mechanism is used in enterprise edition and how can we decrypt enterprise password if we want to migrate to community edition?

解决方案

I think it's on your app/etc/local.xml or app/etc/enterprise.xml on Magento EE

The Decrypt function On Magento Enterprise Edition

/**
 * Decrypt a string
 *
 * @param string $data
 * @return string
 */
public function decrypt($data)
{
    return str_replace("\x0", '', trim($this->_getCrypt()->decrypt(base64_decode((string)$data))));
}

and 

/**
 * Instantiate crypt model
 *
 * @param string $key
 * @return Varien_Crypt_Mcrypt
 */
protected function _getCrypt($key = null)
{
    if (!$this->_crypt) {
        if (null === $key) {
            $key = (string)Mage::getConfig()->getNode('global/crypt/key');
        }
        $this->_crypt = Varien_Crypt::factory()->init($key);
    }
    return $this->_crypt;
}

it seems like the same function on Enterprise Edition or Community Edition. You should ask the cript key to Magento Enterprise Edition's Owner and decrypt it with CE. It would be fine because i'm sneaking to Magento Enterprise Edition's Code and the code is the same with Community Edition (for encryption/decryption)

added after comment 1:

/**
 * Hash a string
 *
 * @param string $data
 * @return string
 */
public function hash($data)
{
    return md5($data);
}

/**
 * Validate hash against hashing method (with or without salt)
 *
 * @param string $password
 * @param string $hash
 * @return bool
 * @throws Exception
 */
public function validateHash($password, $hash)
{
    $hashArr = explode(':', $hash);
    switch (count($hashArr)) {
        case 1:
            return $this->hash($password) === $hash;
        case 2:
            return $this->hash($hashArr[1] . $password) === $hashArr[0];
    }
    Mage::throwException('Invalid hash.');
}

这篇关于如何解密magento企业版密码?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
其他开发最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆