Syed Jahanzaib Personal Blog to Share Knowledge !

June 22, 2016

Retrieve User Old/Original Password in RM

Filed under: Radius Manager — Tags: — Syed Jahanzaib / Pinochio~:) @ 10:44 AM


Please beware that this post is just for Example purpose Only. In real production environment you must be very careful for providing such option. Make it tightly secure, add captcha code & provide this feature to requesting users only. AVOID using bash, RELY on PHP !

As requested by an client, Following is an script that can retrieve user’s current current password from 'radcheck' table. This method is useful in some situation where operator dont want to change the password for user, but to provide them there old/original password.

  • In RM, user’s password are encrypted with MD5. which is a Digest algorithm. Think of it as converting a cow into a steak. Now try to reverse that🙂
  • There are some online MD5 decrypter, but they can decrypt general or common words. If you have something complex password, it wont be able to decrypted.

So rather then getting into MD5 decryption mess, why not retrieve it under the table😉 by getting it from radcheck table.

There are few methods we can provide ‘current password retrieval’ funcion to user.

  1. We can configure playSMS to receive incoming SMS from user with specific command and username, then the system can retrieve user current password and sms to his Registered mobile number.
  2. Or we can make a simple PHP page where user can enter his user ID and then the system can send password to his Registered Mobile No. and Email address.

the Script ! [SAMPLE]

#set -x
CURDATE=$(date +"%Y-%m-%d")
echo $1 > /tmp/rawdata.txt
USERNAME=`cat /tmp/rawdata.txt |awk '{print $1}'`
echo ""
PASS=`mysql -u$SQLUSER -p$SQLPASS --skip-column-names -e "use radius; select value from radcheck where username = '$USERNAME';" | awk 'FNR == 1'`
echo "Dear $USERNAME,

Your Password is $PASS


Execute the script and see the result.


PHP Form base method using Shell Script !




Sample php/shell files uploaded to

Make sure you add good security measurements first !


Syed Jahanzaib



  1. sir,
    how to retrieve admin password (acp).

    Comment by rk — July 19, 2016 @ 4:41 PM

  2. how to retrieve admin old/original password ?

    Comment by rk — July 19, 2016 @ 5:53 PM

  3. Hello dear I want a help from u I hope u will help me regarding to Mikrotik hotspot.
    I configure mikrotik hotspot and I save the cookies of the users and the sum my client complaint that he not use internet that time but system show is online and use the data. I save the mac address with the client user name to make the secure but I think somebody tracks the mac addresses of my client and use the fake mac addresses changer software to access the internet. I cannot remove the cookies option and not want to change the hotspot.
    What will be I do plz help me reading that matter I am much worried about that

    Comment by Nasir Ali — August 28, 2016 @ 3:29 PM

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Create a free website or blog at

%d bloggers like this: