In MongoDb use can add user to a database for access control. A user can be inserted with:
db.addUser({ user: "aaaa", pwd: "1234", roles: [...]})
and the inserted user is:
{
"user" : "aaa",
"pwd" : "08ccdf34dbb3ca05dcc195e30994b628",
"roles" : [
"userAdminAnyDatabase"
],
"_id" : ObjectId("52a88b45965c4e7ad46bb97b")
}
What function does MongoDB use to compute/hash the pwd
key?
cpp in the MongoDB sourcecode, the used hash function is indeed MD5.
Password hashing is used to verify the integrity of your password, sent during login, against the stored hash so that your actual password never has to be stored. Not all cryptographic algorithms are suitable for the modern industry.
MongoDB hashed indexes truncate floating point numbers to 64-bit integers before hashing. For example, a hashed index would store the same value for a field that held a value of 2.3 , 2.2 , and 2.9 .
The pwd is the hex encoding of MD5( username + ":mongo:" + password_text ).
From the official documentation.
The result does not coincide with the hash you show in your json, but I think you replaced the actual username and password anyway as you add "aaaa"
but retrieve "aaa"
.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With