Menu
I created a protection for my web pages with apache2 in ubuntu. Now I am creating an application in c++ and I want it uses the same file that Apache2 uses for authentification, but my problem is that I don't know how to decrypt the password generated by apache2. (Maybe I need a key that is used for encryption).
Thank you.
440
htpasswd entries are HASHES. They are not encrypted passwords. Hashes are designed not to be decryptable.
It can encrypt and display password information for use in other types of data stores, though. To use a DBM database see dbmmanage or htdbm . htpasswd encrypts passwords using either bcrypt, a version of MD5 modified for Apache, SHA1, or the system's crypt() routine.
htpasswd hashes passwords using either bcrypt, a version of MD5 modified for Apache, SHA-1, or the system's crypt() routine.
.htpasswd entries are HASHES. They are not encrypted passwords. Hashes are designed not to be decryptable. Hence there is no way (unless you bruteforce for a loooong time) to get the password from the .htpasswd file.
What you need to do is apply the same hash algorithm to the password provided to you and compare it to the hash in the .htpasswd file. If the user and hash are the same then you're a go.
181
See in particular Apache HTTPd Password Formats
7
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
