The Problem
Recently i had to login into an abandoned instance of GLPI. GLPI is an Information Resource-Manager with an additional Administration- Interface. You can use it to build up a database with an inventory for your company (computer, software, printers...). It has enhanced functions to make the daily life for the administrators easier, like a job-tracking-system with mail-notification and methods to build a database with basic information about your network-topology. Unfortunately the administrator who set up the instance had quit his job without writing down the passwords to log into the system. So i had to find a way how to reset the password.
The Solution
Passwords for webapplications are usually stored in a database. The webapplication logs into the database and verifies the password that is entered in the frontend. So the first step was to find the correct database login. The file 'config_db.php' revealed the database login credentials for the application:
With this credentials you can log into the database (using the MySQL Commandline Client):
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 1739
Server version: 5.1.42-community MySQL Community Server (GPL)
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> use glpi;
Database changed
mysql> select id,name,password from glpi_users;
+----+-----------+----------------------------------+
| id | name | password |
+----+-----------+----------------------------------+
| 2 | glpi | c37093b421c8131b8999d75fd73c55fd |
| 3 | post-only | c37093b421c8131b8999d75fd73c55fd |
| 4 | tech | c37093b421c8131b8999d75fd73c55fd |
| 5 | normal | c37093b421c8131b8999d75fd73c55fd |
+----+-----------+----------------------------------+
4 rows in set (0.00 sec)
mysql> update glpi_users set password= MD5('newPassword') where name='glpi';
Query OK, 1 row affected (0.00 sec)
Rows matched: 1 Changed: 1 Warnings: 0
mysql> select id,name,password from glpi_users;
+----+-----------+----------------------------------+
| id | name | password |
+----+-----------+----------------------------------+
| 2 | glpi | 14a88b9d2f52c55b5fbcf9c5d9c11875 |
| 3 | post-only | c37093b421c8131b8999d75fd73c55fd |
| 4 | tech | c37093b421c8131b8999d75fd73c55fd |
| 5 | normal | c37093b421c8131b8999d75fd73c55fd |
+----+-----------+----------------------------------+
4 rows in set (0.00 sec)
mysql> exit
Bye.
The trick is to log into the database (using the account from the config file), to find the users table and to overwrite the old password hash (in my case a MD5 hash) with a new one. This should work for a lot of web-applications that use authentication via a user table.
Another approach to avoid this type of situation is to use a password manager to store your user credentials. Creating a strong password is important in ensuring the security of your personal and business accounts. However, memorizing numerous passwords can be difficult and challenging which leads to using weak passwords, reusing the same passwords, and writing them down. With a password manager, you don’t have to remember these passwords. A list of the best password managers provided by the guys at digital.com which spent hours testing and utilizing more than 140 password managers available on the market.
![[RSS]](/resources/icons/silk/bullet_feed.png){kind=icon}
