Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Getting a user's password from %USERDATA

Discussion in 'cPanel Developers' started by RSimoes, Jan 20, 2010.

  1. RSimoes

    RSimoes Member
    PartnerNOC

    Joined:
    Oct 9, 2008
    Messages:
    18
    Likes Received:
    0
    Trophy Points:
    51
    Location:
    Austin, TX
    I see that the %Cpanel::USERDATA hashtable has a "pass" key, but this doesn't seem to ever have a value. Is there a reliable way to get a user's password, while logged in as the user, from %USERDATA or some other variable? I know when using PHP there is the $_SERVER array, but what about for Perl?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. RSimoes

    RSimoes Member
    PartnerNOC

    Joined:
    Oct 9, 2008
    Messages:
    18
    Likes Received:
    0
    Trophy Points:
    51
    Location:
    Austin, TX
    I tested retrieving the user's password from a few different sources:

    • The key-value pairs of the $_SERVER associative array in PHP
    • The output of the Linux "env" command via PHP's shell_exec() function
    • The key-value pairs of %Cpanel::USERDATA in Perl
    • The password array element straight from Cpanel::PwCache::getpwnam() in Perl
    • The output of Linux's "env" command via Perl backticks

    The password showed up in both the PHP methods, and none of the Perl methods (returned a value of empty string for the REMOTE_PASSWORD key). So unless this is working as intended, I'd like to file a bug report.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #2 RSimoes, Jan 22, 2010
    Last edited: Jan 22, 2010
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice