Please beware that this post is just for Example purpose Only. In real production environment you must be very careful for providing such option. Make it tightly secure, add captcha code & provide this feature to requesting users only. AVOID using bash, RELY on PHP !
As requested by an client, Following is an script that can retrieve user’s current current password from 'radcheck' table. This method is useful in some situation where operator dont want to change the password for user, but to provide them there old/original password.
- In RM, user’s password are encrypted with MD5. which is a Digest algorithm. Think of it as converting a cow into a steak. Now try to reverse that 🙂
- There are some online MD5 decrypter, but they can decrypt general or common words. If you have something complex password, it wont be able to decrypted.
So rather then getting into MD5 decryption mess, why not retrieve it under the table 😉 by getting it from radcheck table.
There are few methods we can provide ‘current password retrieval’ funcion to user.
- We can configure playSMS to receive incoming SMS from user with specific command and username, then the system can retrieve user current password and sms to his Registered mobile number.
- Or we can make a simple PHP page where user can enter his user ID and then the system can send password to his Registered Mobile No. and Email address.
the Script ! [SAMPLE]
#!/bin/sh
#set -x
SQLUSER="SQL_USER"
SQLPASS="SQL_PASSWORD"
COMPANY="MyCompany"
CURDATE=$(date +"%Y-%m-%d")
echo $1 > /tmp/rawdata.txt
USERNAME=`cat /tmp/rawdata.txt |awk '{print $1}'`
echo ""
PASS=`mysql -u$SQLUSER -p$SQLPASS --skip-column-names -e "use radius; select value from radcheck where username = '$USERNAME';" | awk 'FNR == 1'`
echo "Dear $USERNAME,
Your Password is $PASS
Regard's
$COMPANY"
Execute the script and see the result.
PHP Form base method using Shell Script !
Sample php/shell files uploaded to
Make sure you add good security measurements first !
Regard’s
Syed Jahanzaib
sir,
how to retrieve admin password (acp).
LikeLike
Comment by rk — July 19, 2016 @ 4:41 PM
how to retrieve admin old/original password ?
LikeLike
Comment by rk — July 19, 2016 @ 5:53 PM
Hello dear I want a help from u I hope u will help me regarding to Mikrotik hotspot.
I configure mikrotik hotspot and I save the cookies of the users and the sum my client complaint that he not use internet that time but system show is online and use the data. I save the mac address with the client user name to make the secure but I think somebody tracks the mac addresses of my client and use the fake mac addresses changer software to access the internet. I cannot remove the cookies option and not want to change the hotspot.
What will be I do plz help me reading that matter I am much worried about that
LikeLike
Comment by Nasir Ali — August 28, 2016 @ 3:29 PM
PHP file link not working kindly give an update.
LikeLike
Comment by Shubham Sahu — February 14, 2018 @ 4:47 PM