nil.enroll(aetheric_username, quantum_class_id) (adric) wrote,
nil.enroll(aetheric_username, quantum_class_id)
adric

This was not the joke I found.

from Moodle lib/libmoodle.php
} else {
    for ($i=1; $i<=20; $i++) { //20 alternative salts should be enough, right?
        $alt = 'passwordsaltalt'.$i;
        if (!empty($CFG->$alt)) {
            if ($user->password == md5($password.$CFG->$alt) or 
              $user->password == md5($convpassword.$CFG->$alt)) {
                $validated = true;
                break;
            }
        }
    }
}

Somehow WordPress not using salts at all now seems somehow slightly better.

Tags: bug
Subscribe

  • Scripting, iSight, madness, ruby

    So, I banged around in irb and Google working on this whole automate my Mac's built-in camera thing. I'm not averse to buying one of the neat-o cam…

  • Success?! (Yes, more Windows Scripting crap)

    PS C:\Users\Administrator> Get-WmiObject -namespace "root/WebAdministration" -query "select * from VirtualDirectory" | Select-Object…

  • WMI, IIS, CIM and other cursewords

    Finally, after hours of reading through mind-numbingly overcomplicated documentation about the incredible plural architectures for Windows system…

  • Post a new comment

    Error

    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

  • 0 comments