Алгоритмы хэширования в различных CMS

Распространенные CMS:

Code:

------------------------------------------------------
| Название               | Алгоритм хеширования      
------------------------------------------------------
| Joomla >=1.0.13        | md5($pass.$salt)        
| IPB 2.x.x.:            | md5(md5($salt).md5($pass))  
| vBulletin 3.x.x:       | md5(md5($pass).$salt)  
| DataLife Engine        | md5(md5($pass))      
| osCommerce             | md5($salt.$pass)
| SMF 1.1.x.:            | sha1($username.$pass)
| Wordpress >=2.6.2      | md5($wordpress)  
| PhpBB >=3              | md5($phpbb3)

Примеры хэшей из распространенных CMS:

Code:

------------------------------------------------------------------------------
| Название               |               Пример хэша   
------------------------------------------------------------------------------
| Joomla >=1.0.13        | b990ea9d8705a2e1561fa9ebf5052d5a:Hqawg6vlrq3nqI4i
| IPB 2.x.x.:            | 3ee8b35f9a15b0f257c79ded73d28cb5:gEA_Z   
| vBulletin 3.x.x:       | cc8e4f14b0b016006261a53013526987:*|/   
| osCommerce             | a0e41c3f2453bca43a9fa7cd2374ce08:7b
| SMF 1.1.x.:            | user:2d6b9ec9a105e2dc771a95bd0d855e570a765469:bf76
| Wordpress >=2.6.2      | $P$BHUnawZ54ZdpoZOm4sbVAK0 
| PhpBB >=3              | $H$95MMFvTU4Lm1sASItv4J5HWXk18HW70

Все CMS, для которых известны алгоритмы хэширования:
взято с http://itdefence.ru/dbitems/

Code:

1024cms [size=1]md5($pass)[/size]
ABO CMS [size=1]md5($pass)[/size]
AdaptCMS Lite 1.5 [size=1]md5($pass)[/size]
AEF [size=1]md5($salt.$pass)[/size]
AIOCP [size=1]md5($pass)[/size]
Artiphp [size=1]md5($pass)[/size]
Atlassian JIRA [size=1]SHA-512(Base64)[/size]
AVE CMS [size=1]md5(md5($pass))[/size]
b2evolution [size=1]md5($pass)[/size]
beContent [size=1]md5($pass)[/size]
Beehive [size=1]md5($pass)[/size]
BIGACE [size=1]md5($pass)[/size]
Bitrix [size=1]md5($pass)[/size]
bitweaver [size=1]md5($pass)[/size]
bloofoxCMS [size=1]md5($pass)[/size]
ClanTiger [size=1]md5($pass)[/size]
ClanSphere [size=1]md5($pass) or sha1($pass)[/size]
CMScout [size=1]md5($pass)[/size]
CMS Made Simple [size=1]md5($pass)[/size]
Contenido [size=1]md5($pass)[/size]
CPG-Nuke [size=1]md5($pass)[/size]
CruxCMS [size=1]md5($pass)[/size]
Danneo CMS [size=1]md5($pass)[/size]
DataLife Engine [size=1]md5(md5($pass))[/size]
DeluxeBB [size=1]md5($pass)[/size]
Diferior [size=1]md5(md5($pass))[/size]
Digitalus 1.8.1 [size=1]md5($pass)[/size]
DotNetNuke [size=1]default - sha1($pass)[/size]
e107 [size=1]md5(md5($pass))[/size]
eazyPortal [size=1]md5($pass)[/size]
ecshoprus [size=1]md5($pass)[/size]
eliteCMS [size=1]sha1($pass)[/size]
Elxis [size=1]md5($pass)[/size]
eoCMS [size=1]md5($pass)[/size]
Etomite [size=1]md5($pass)[/size]
Exponent [size=1]md5($pass)[/size]
Flux CMS [size=1]md5($pass)[/size]
Frog [size=1]sha1($pass)[/size]
FUDforum [size=1]md5($pass)[/size]
Fundanemt [size=1]md5($pass)[/size]
glFusion [size=1]md5($pass)[/size]
GeekLog [size=1]md5($pass)[/size]
Icy Phoenix [size=1]md5($pass)[/size]
iDevAffiliate [size=1]$pass= sha1 ('idev_secret' . $password);[/size]
iGaming CMS [size=1]md5($pass)[/size]
Injader [size=1]md5($pass)[/size]
Intellect Board [size=1]md5($pass)[/size]
IPB 1.x.x [size=1]md5($pass)[/size]    
IPB 1.3-2.17 (IPB 2.x.x.): [size=1]md5(md5($salt).md5($pass))[/size]
ITA Forum [size=1]md5($pass)[/size]
Jaws CMS [size=1]md5($pass)[/size]
Joomla <=1.0.12 [size=1]md5($pass)[/size]
Joomla >=1.0.13 [size=1]md5($pass.$salt)[/size]
Kajona [size=1]sha1($pass)[/size]
Koobi CMS [size=1]md5($pass)[/size]
Koobi CMS >=6 [size=1]md5(md5($pass))[/size]
Lanius CMS [size=1]md5($pass)[/size]
LifeType [size=1]md5($pass)[/size]
MDPro [size=1]md5($pass)[/size]
MercuryBoard [size=1]md5($pass)[/size]
MiaCMS [size=1]md5($pass)[/size]
MigasCMS [size=1]md5($pass)[/size]
miniBB [size=1]md5($pass)[/size]
MODx CMS [size=1]md5($pass)[/size]
MyBB 1.2.x [size=1]md5(md5($salt).md5($pass))[/size]
Nucleus 3.50 [size=1]md5($pass)[/size]
osCommerce [size=1]md5($salt.$pass)[/size]
PBLang [size=1]md5($pass)[/size]
pecio cms [size=1]sha1($pass)[/size]
PHP-Fusion [size=1]md5($pass)[/size]
PHP-Nuke [size=1]md5($pass)[/size]
PhpBB 2.0.x [size=1]md5($pass)[/size]
PhpBB >=3 [size=1]md5($phpbb3)[/size]
PhpMyForum [size=1]md5($pass)[/size]
PhpMySport [size=1]md5($pass)[/size]
phpWebThings [size=1]md5($pass)[/size]
PHPX CMS [size=1]md5($pass)[/size]
phpwcms [size=1]md5($pass)[/size]
PLUME CMS [size=1]md5($pass)[/size]
PunBB 1.2.x [size=1]md5($pass) or an SHA-1[/size]
QuickSilver Forum [size=1]md5($pass)[/size]
radiant [size=1]sha1(sha1($pass))[/size]
Refbase (Web Reference Database) [size=1]DES(Password, $salt) $salt = substr(email, 0, 2)[/size]
RunCMS sha1($username.$pass) or [size=1]md5($pass)[/size]
Scripteen Free Image Hosting Script [size=1]md5($pass)[/size]
Seditio [size=1]md5($pass)[/size]
Serendipity <=1.4.1 [size=1]md5($pass)[/size]
Serendipity >= 1.5.x [size=1]sha1($pass)[/size] 
Slaed CMS [size=1]md5($pass)[/size]
SMF 1.0.x.: [size=1]md5(HMAC)[/size]
SMF 1.1.x.: [size=1]sha1($username.$pass)[/size]
sNews [size=1]md5($pass)[/size]
Snitz Forums 2000 [size=1]SHA-256[/size]
Subrion v 1.1.0.0 [size=1]md5($pass)[/size]
Tinypug [size=1]md5($pass)[/size]
TangoCMS 2.3.x [size=1]md5($pass)[/size]
Triton CMS [size=1]md5($pass)[/size]
Typo3 [size=1]md5($pass)[/size]
UseBB [size=1]md5($pass)[/size]
Vanilla [size=1]md5($pass)[/size]
vBulletin 3.54 (vBulletin 3.x.x): [size=1]md5(md5($pass).$salt)[/size]
VikingBoard [size=1]md5($pass)[/size]
W-Agora [size=1]md5($pass)[/size]
Website Baker [size=1]md5($pass)[/size]
webSPELL CMS v4.0 [size=1]md5($pass)[/size]
Wordpress [size=1]md5($pass)[/size]
Wordpress 2.6.0\2.6.1 [size=1]md5($phpbb3)[/size]
Wordpress >=2.6.2 [size=1]md5($wordpress)[/size]
WWWThreads [size=1]des($pass)[/size]
Xaraya [size=1]md5($pass)[/size]
XMB Forum [size=1]md5($pass)[/size]
XOOPS [size=1]md5($pass)[/size]
YaBB [size=1]md5(HMAC)[/size]

CMS, для которых неизвестны алгоритмы хэширования:

Code:

[COLOR=Red]Платные:[/COLOR]
abcOnline-CMS
ProFusion Ultra IS
Powerfront CMS
LaunchPoint CMS
lemoon CMS
COMSHARP CMS
EIBS EasySite CMS
Immediacy
Jadu
Sitekit CMS
EPiServer
Sitecore
OnBase (Hyland Software)
Microsoft Office SharePoint Server (Services)
AlterFiction
Community Server
Kentico CMS
MonoX
OrangeLogix
RelationshipList - Work by Referral
Adobe Contribute Publishing Server (CPS)
Day Communiqué WCM
Traction TeamPage
Jalios JCMS
Blue Light CMS
Cascade Server
TerminalFour Site Manager
Noodle
FatWire Content Server
CoreMedia CMS
Vignette
Lotus Web Content Management
Refresh Software - SR2 (Component Content Management)
Clickability
Cubic Compass
Site Masher

[COLOR=Red]Бесплатные[/COLOR]
jAPS
Jahia
OpenCms
Liferay
Fedora
DotCMS
Nuxeo EP
Alfresco
Magnolia
Apache Lenya
Daisy
blosxom
Bricolage
Socialtext Open
TWiki
Scoop
Slash
WebGUI
Cyclone3
Movable Type
Aqua CMS
BLOG:CMS
Cambio
CivicSpace
Drupal
eFront
GCMS
ImpressCMS
Jojo CMS
KnowledgeTree Document Management System
Lyceum
Mambo
OneCMS
Opus
PHPSlash
SilverStripe
SPIP
TangoCMS
Textpattern
TGS Content Management
The System
Tribiq CMS
TYPO3
whCMS
Midgard CMS
MediaWiki
Merlintalk
phpWebSite
Dotclear
Habari
eZ Publish
CMSimple
Dokuwiki
phpCMS
PmWiki
razorCMS
Quick.Cms.Lite
TikiWiki CMS/Groupware
phpWiki
MoinMoin
Nuxeo CPS
Plone
PyLucid
Byteflow
Zena
Nooto
Typo
DotNetNuke
Xaraya
XOOPS Cube
Serendipity
OpenACS

за:
1. дополнение темы,
2. указание алгоритмов хэширвания для CMS, для которых они в этой теме еще не указаны

получаем плюсы.​

​

Приветствуется "полный" формат, как на http://itdefence.ru/dbitems/​

 

AdaptCMS Lite 1.5 md5($pass)
./admin.php
./dbinfo.php
....[prefix]_users (default prefix adaptcms_):
.......username
.......password
.......email
.......level


Digitalus 1.8.1 md5($pass)
/admin/
/application/data/config.xml
....users
.......first_name
.......email
.......password


Nucleus 3.50 md5($pass)
./config.php
....nucleus_member:
.......mname
.......mpassword
.......memail
.......mcanlogin
.......mcookiekey


PhpWebSite 1 6 3 md5($pass)
/admin/index.php
/setup/config.php
....user_authorization
.......username
.......password


Subrion v 1.1.0.0 md5($pass)
/admin/index.php
/install/config.inc.php.sample
....prefix_accounts (default prefix SBR_):
.......username
.......password
.......email
.......sec_key

....prefix_admins:
.......username
.......password
.......email
.......sec_key


ErrorNeo:
добавлено

 

Serendipity
вход в админку
/index.php
/include/functions_config.inc.php
md5(по умолчанию) возможно sha1(тип хранится в БД в ячейке hashtype)
username, password, realname, email, userlevel, hashtype

 

Php - fusion (версия только 7.x.x) - стали использоватся хеши типа md5(md5($pass))

(Пока инфа недостоверна, позже дам пруф)

 

UMI.CMS md5($password)
/admin/
/classes/modules/users/__register.php
users
├─────user_id
├─────login
├─────password
└─────email

 

Voodoo chat | md5($pass)
TRIBiQ | md5($pass)
SilverStripe | md5($pass)
TangoCMS | md5($pass)
Mambo | md5($pass)
Koobi CMS | md5($pass)
Koobi CMS >= 6 | md5(md5($pass))
Intellect Board | md5($pass)
ImpressCMS | md5($pass)
Explay | md5($pass)
Enano CMS | md5($pass)
DBHcms | md5($pass)
DanneoCMS | md5($pass)
Black Pig (Sajon) | md5($pass)
Basecmp | md5($pass)
bbPress | md5($pass)
Adrevenue | md5($pass)
4images | md5($pass)
1C Битрикс | md5($pass)
PostNuke | md5($pass)

 

whCMS v 0.115 alpha md5($pass)
/admin/index.php
/cms/install.php
....[prefix]_users:
.......user
.......pass
.......email


lyceum 1.0.3 md5($pass)
/wp-admin/
/src/config/wp-config-sample.php
....[prefix]_users:
.......user_login
.......user_pass
.......user_email

 

FluxBB sha1($pass)

fluxbb_users
..... username
..... password

 

в Drupal
Хеширование - md5
Авторизация - /user/login
Конфиг - /sites/default/settings.php или /sites/домен/settings.php
Таблица - users
Колонки: uid,name,pass,mail

 

Opencms

Opencms md5($pass)
/admin/index.php
/admin.php
/install.php
/config.php ---- config
....[prefix]_users:
.......id
.......username
.......password
.......email

 

Eleht CMS sha1($pass)
Path: site.{ru/com/ee/}/adminpanel

....[elehtcms_ by default or another prefix]_user
kasutaja
parool

 

ColdFusion sha1($pass)

 

Contrexx WCMS v2.1 md5hash($pass)
./admin/
./cadmin/
./config/configuration.php

 

В последних версиях битрикса юзается алгоритм md5($salt.$pass), причем соль и хэш объединены в одно поле. Пример:

Code:

[color=red]bn5Svd5u[/color][color=yellow]29f39726495fa808037f656afcc8f7f6[/color]

Первые 8 символов - соль, остальные 32 - сам хэш. Хранится в поле password таблицы b_user.

 

Вот может кому-то пригодиться.
_http://www.host.h19.ru/search.php
Не идеально. Но выручает.

 

Shopcms

Base64 ))
customerID
Login
cust_password
Email
Дальше поля не важны
всего 16 полей. находятся в базе
pref_customers

 

Запилил страничку с найденными по всему тырнету алгоритмами.
http://guron18.ru/cms.php

SubsCMS какой алгоритм шифрования?
3762c892bbf81e61002608016b9a523e:agc похоже на MD5(MD5($pass).$salt)

 

Bitrix 24:

Формат хэша в БД:

Конвертим в брутабельный вид md5(salt.pass)

Для себя накидал скриптик на коленке, для конверта в брутабельный вид:

PHP:

<?php

$file=file('hash.txt');

for($i=0;$i<count($file);$i++){
    $res=explode(':',$file[$i]);
        #$user=$res['5'];
        $saltpass=trim($res['0']);
    $pass = substr($saltpass, -32);
    $salt = substr($saltpass, 0,8);
echo $pass.":".$salt."<br>\n";
    
    
}