Reseting Wizard's Password

From TinyMUX
Jump to: navigation, search

There are a few techniques, and each technique has its advocates:

Use a tool:

  1. Download Omega from ftp://ftp.tinymux.org
  2. ./configure;make to build Omega
  3. ./omega -1 yourflatfile newflatfile
  4. diff -Nau yourflatfile newflatfile to verify that it only changed the password.

Omega resets the password of #1 to 'potrzebie' for PennMUSH, TinyMUSH, TinyMUX, and RhostMUSH flatfiles. It automatically detects the type and flatfile version, but you should still verify that it changes only the password.

Flatfile-only Technique:

  1. Create a player (or use an existing one) with a known password.
  2. Take note of the dbref (e.g., #1234).
  3. @shutdown the game.
  4. Unload to a flatfile.
  5. Search for a line with !1234 (regex is ^!1234$) representing the beginning of object #1234.
  6. Find attribute 5 (look for ^>5$), and on the line below that is a password with $SHA1$ in it.
  7. Copy the $SHA1$ line (clipboard or yank buffer or whatever your editor calls it).
  8. Search for a line with !1 (regex is ^!1$) representing the beginning of object #1. It will be located earlier in the file.
  9. Find attribute 5 (look for ^>5$), and on the line below that is a password with $SHA1$ in it.
  10. Replace #1's encrypted password with the one from #1234 by replacing that line with the one you copied in Step 7.
  11. Save and exit.
  12. Reload the flatfile cleanly.
  13. ./Startmux
  14. You should be able to logon to #1 with the same password that #1234 had.

Flatfile+Compile Technique:

  1. @shutdown the game.
  2. Unload to a flatfile.
  3. Search for a line with !1 (regex is ^!1$) representing the beginning of object #1.
  4. Find attribute 5 (look for ^>5$), and on the line below that is a password with $SHA1$ in it.
  5. Remove both lines (>5 and the line containing $SHA1$).
  6. Save and exit.
  7. Reload the flatfile cleanly.
  8. In player.cpp, around line 471 in function check_pass, change '#if 0' to "#if 1' and re-compile. This allows #1's password to be set from the login screen only if it is missing from the database.
  9. ./Startmux
  10. You should be able to logon to #1 with a new password.

Debugger Technique:

  1. Make sure you compiled with debugging turned on (the -g option which is on by default).
  2. Use gdb to attach to the netmux process.
  3. Set a break point on the check_pass() function.
  4. Attempt to logon as #1.
  5. At the end of check_pass(), use debugger commands to change bValidPass to 1.
  6. From withing #1, attempt to use @password to reset the password using any old passord you want, and perform the same steps above to ensure bValidPass is 1.

Compile-only Technique:

Change the code in player.cpp, in the check_pass() function so that it recognizing #1 specifically, looks for a specific, chosen string of your choosing, and allows it without even looking at the password stored in the database.