Login

Old MySQL Password Hash

Author:
tback
Posted:
May 15, 2009
Language:
Python
Version:
1.0
Tags:
mysql password hash old insecure
Score:
0 (after 0 ratings)

A python implementation of the old MySQL PASSWORD() function.

This is insecure. There is a reason MySQL changed this in version 4.1.

Use it only if you have to!

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
#!/usr/bin/python
def mysql_hash_password(password):
    nr = 1345345333
    add = 7
    nr2 = 0x12345671

    for c in (ord(x) for x in password if x not in (' ', '\t')):
        nr^= (((nr & 63)+add)*c)+ (nr << 8) & 0xFFFFFFFF
        nr2= (nr2 + ((nr2 << 8) ^ nr)) & 0xFFFFFFFF
        add= (add + c) & 0xFFFFFFFF

    return "%08x%08x" % (nr & 0x7FFFFFFF,nr2 & 0x7FFFFFFF)

if __name__ == '__main__':
    import sys
    if len(sys.argv) != 2:
        print >> sys.stderr , 'Python Implementation of MySQL\'s old password hash'
        print >> sys.stderr , 'Usage: %s password' % sys.argv[0]
        sys.exit(1) 
    print mysql_hash_password(sys.argv[1])

More like this

  1. phpbb (2.x) authentication backend by bram 7 years, 1 month ago
  2. Plaintext password by yetty 1 year, 10 months ago
  3. Drupal password hasher for migration by dgrtwo 3 years, 4 months ago
  4. Password Reset Form Newforms by glisha 8 years, 5 months ago
  5. drupal7 password check by bram 3 years, 2 months ago

Comments

Please login first before commenting.