Monday, February 1, 2010

Recover Joomla Admin Password

To update Joomla Admin password, you need to run the following SQL query:
UPDATE `jos_users` SET `password` = md5('PASSWORD HERE') WHERE `jos_users`.`id` =62 LIMIT 1

This will simply update the password of user admin. This will work in all joomla versions. (I tried it myself)

Secondly, I was trying to enter a new user to Joomla DB. It need a different trick :P

First thing is simple add a new record to jos_users table.

Query will be:

INSERT INTO `jos_users` (`id`, `name`, `username`, `email`, `password`, `usertype`, `block`, `sendEmail`, `gid`, `registerDate`, `lastvisitDate`, `activation`, `params`) VALUES (NULL, 'Name', 'username', 'email', MD5('password_text'), 'Super Administrator', '0', '0', '25', '0000-00-00 00:00:00', '0000-00-00 00:00:00', '', '');


Just replace the password_text with password you need to set and put username, email and Name etc.

Now this is not it.

You need to add another record in jos_core_acl_aro table.

Query is:

INSERT INTO `jos_core_acl_aro` (`id`, `section_value`, `value`, `order_value`, `name`, `hidden`) VALUES (NULL, 'users', 'ID_FROM_LAST TABLE', '0', 'Name', '0');


ID_FROM_LAST_TABLE should be replaced with the ID returned in jos_users table for our record we entered in last query. Update Name too.

Now Finally, note down the ID from last query in core_acl_pro

and run following

INSERT INTO `jos_core_acl_groups_aro_map` (`group_id`, `section_value`, `aro_id`) VALUES (25, , 'ID_FROM_LAST TABLE');
Its done now. You can login with your new username and password.
---------------------------------

NOW about how Joomla generates its password. Actually if we see jos_users table in Joomla, we will notice a password with colons and stuff. The way joomla generates it is as follows:

$salt = JUserHelper::genRandomPassword(32);
$crypt = JUserHelper::getCryptedPassword("password", $salt);

$password = $crypt . ':' . $salt;


The return password will be the password used by Joomla.
---------------------------------
Passwords to be saved in DB:

Password  ::::::::::::::::: MD5
---------------------------------------------------------------------------
admin        ::::::::::::::::: 21232f297a57a5a743894a0e4a801fc3

password  :::::::::::::::: 5f4dcc3b5aa765d61d8327deb882cf99

1 comment:

  1. Fantastic article! I thoroughly enjoyed your content …very effectively written.Thanks for this service that you have provided for us to have the ability to fresh our minds.

    ReplyDelete

Developer Instincts