07-13-2012, 07:57 PM
Hello everyone!
I'm performing a pentest and was able to compromise a web application via SQLi. This database server was also being used for Drupal.
The latest version, 7 changed their hashing algorithm to SHA512 using this function:
http://api.drupal.org/api/drupal/include...password/7
I don't see support for Drupal 7 specifically, but I'm wondering if the generic sha512 support would work.
I'd normally just set up an instance of drupal and try but I'm not infront of my GPU machine....
I'm performing a pentest and was able to compromise a web application via SQLi. This database server was also being used for Drupal.
The latest version, 7 changed their hashing algorithm to SHA512 using this function:
http://api.drupal.org/api/drupal/include...password/7
I don't see support for Drupal 7 specifically, but I'm wondering if the generic sha512 support would work.
I'd normally just set up an instance of drupal and try but I'm not infront of my GPU machine....