• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Email Passwords hashed! how to retrive email password in plesk 11.0.9

Status
Not open for further replies.
IgorG said:
Guys, sorry for my mistake. Xml backup contains encrypted passwords. They are encrypted with server's key. Correct answer is using /usr/local/psa/admin/bin/mail_auth_view utility. For example:

mysql> select mail_name,name,password from mail left join domains on mail.dom_id = domains.id inner join accounts where mail.account_id = accounts.id and postbox='true' order by name asc, mail_name asc;
+-----------+------------+----------------------------------------------------------------+
| mail_name | name | password |
+-----------+------------+----------------------------------------------------------------+
| rt | tttest.gov | $AES-128-CBC$f9qDGZ0SZqJv3yoUd8pMSA==$uoVzaIWEz/dDyy6Nglf7mw== |
+-----------+------------+----------------------------------------------------------------+
1 row in set (0.00 sec)

# /usr/local/psa/admin/bin/mail_auth_view
Authentication database contents:
+--------------------------------------+-----+--------------------------------------+
| address |flags| password |
+--------------------------------------+-----+--------------------------------------+
| rt@tttest.gov | | vbn321 |
+--------------------------------------+-----+--------------------------------------+
Flags
A - account disabled
D - domain disabled
E - password encrypted
Click to expand...

Thanks you in advance it was helpful really.
Do you know how to access to db's passwords?

Thanks,
 
IgorG said:
Db password is Plesk admin's password.
You can login to psa database with
mysql -uadmin -p`cat /etc/psa/.psa.shadow` psa
Click to expand...

I mean its not psa database and I mean all of user's databases. in psa database all passwords (dbs pass) saved hash. how to understand passwords of databases?

Thanks,
 
IgorG said:
Guys, sorry for my mistake. Xml backup contains encrypted passwords. They are encrypted with server's key. Correct answer is using /usr/local/psa/admin/bin/mail_auth_view utility. For example:

mysql> select mail_name,name,password from mail left join domains on mail.dom_id = domains.id inner join accounts where mail.account_id = accounts.id and postbox='true' order by name asc, mail_name asc;
+-----------+------------+----------------------------------------------------------------+
| mail_name | name | password |
+-----------+------------+----------------------------------------------------------------+
| rt | tttest.gov | $AES-128-CBC$f9qDGZ0SZqJv3yoUd8pMSA==$uoVzaIWEz/dDyy6Nglf7mw== |
+-----------+------------+----------------------------------------------------------------+
1 row in set (0.00 sec)

# /usr/local/psa/admin/bin/mail_auth_view
Authentication database contents:
+--------------------------------------+-----+--------------------------------------+
| address |flags| password |
+--------------------------------------+-----+--------------------------------------+
| rt@tttest.gov | | vbn321 |
+--------------------------------------+-----+--------------------------------------+
Flags
A - account disabled
D - domain disabled
E - password encrypted
Click to expand...

thanks for your guide,
Do you have any idea for password of MYSQL databases?
 
IgorG said:
Guys, sorry for my mistake. Xml backup contains encrypted passwords. They are encrypted with server's key. Correct answer is using /usr/local/psa/admin/bin/mail_auth_view utility. For example:

mysql> select mail_name,name,password from mail left join domains on mail.dom_id = domains.id inner join accounts where mail.account_id = accounts.id and postbox='true' order by name asc, mail_name asc;
+-----------+------------+----------------------------------------------------------------+
| mail_name | name | password |
+-----------+------------+----------------------------------------------------------------+
| rt | tttest.gov | $AES-128-CBC$f9qDGZ0SZqJv3yoUd8pMSA==$uoVzaIWEz/dDyy6Nglf7mw== |
+-----------+------------+----------------------------------------------------------------+
1 row in set (0.00 sec)
Click to expand...

Hi,

so if I wanted to create the password hash for a given password in order to compare the hashes for an authentication mechanism, how would I do this on Plesk 11.5.30?

Plesk hash is # $AES-256-CBC:pKCS$JB3hfh3dZWjvhZeddAA9bA==$XukiiA813aZrdL5t31MzlA== (from /var/spool/postfix/plesk/passwd.db)
The password is S3pK623gd76Fa3k

I tried something along the lines of

# echo "S3pK623gd76Fa3k" | openssl enc -aes-256-cbc -pass pass:`cat /etc/psa/private/secret_key` | base64
U2FsdGVkX18pripkh479YhqaTKQvNG5yTRQTsg9lN7QrcTO0NpTExYqmp9KXBT+v

but that seems to be wrong. It is also not using a salt. Could somebody steer me into the right direction?
Thanks!
 
TrungL said:
how does it work?
could you guide me more? i've just started using it
Click to expand...

There are no any options. Just run

# /usr/local/psa/admin/bin/mail_auth_view

and you will see Authentication database content.
 
Nikolay. said:
mail_auth_view?
Click to expand...

Thanks for your reply. I know mail_auth_view and could just parse its output. (example here: http://forum.parallels.com/showthre...re-in-Plesk-11&p=701468&viewfull=1#post701468)

But the output of mail_auth_view could change anytime, and I don't want to rely on it too heavily.

My actual goal objective is to write a custom SASL auth daemon that reads /var/spool/postfix/plesk/passwd.db and authenticates SMTP logins against it (a replacement for plesk_saslauthd). In order to do that, I'd need to decrypt the passwords with the server key to be able to compare them with the crypted passwords stored in passwd.db.

Has anybody done this yet and can shed a bit of light on it?

(If not, I'm going to stick with parsing mail_auth_view and comparing the plain text passwords.)
Cheers!
 
Status
Not open for further replies.

Similar threads

R
Question DKIM signing password reset emails
Replies
2
Views
378
redactie_uvw
R
F
Issue Adding another Database Server without knowing the admin password
Replies
11
Views
783
Kaspar
K
U
Question How to configure postfix to pipe all incoming email to a script using Plesk?
Replies
0
Views
678
unwej_justenese
U
K
Resolved How to create a database user with a known password hash
Replies
6
Views
6K
Kaspar
K
B
Question Unable to Send Emails Using PHPMailer on Plesk Server
Replies
4
Views
1K
King555
K
Back
Top