Wednesday, April 6, 2022

Groovy one-liner to check passwords stored in ICM Person table

Passwords are stored as MD5 hashes in the UCCE/PCCE/ICM Person table*. If you ever need to check for weak passwords, use the following one-liner: 
assert passwordEncryptedInDb.replace("{enc:1}","").decodeBase64()
==
passwordPlain.digest('md5').decodeHex()
And of course, we get the passwordEncryptedInDb value using 
SELECT per.Password FROM Person per 
JOIN Agent ag ON ag.PersonID = per.PersonID 
WHERE ag.PeripheralNumber = @loginId
* non-SSO
Bejegyezte: dátum: No comments:
Subscribe to: Posts (Atom)