Drupal 7 Superuser Password Reset

As just coming back from two weeks in the Catalan Pyrenees (Pirineu Catala) and Barcelona, and having finished reading Evil By Design I decided to I would implement my evil by design e-commerce site (as a test and more later). I have three virtual LAMP servers (alpha, beta and omega … dev, test and live). As I attempted to login into the Drupal 7 alpaha installation none of the passwords I tried were accepted, once more with dread I turn to the internet to find a solution.

I found some instructions here or here … but were is the fun in that, where is the challenge … so here it is … first the blag … the health warning … the well you know …

This script is free … no money back is guarenteed
It contains no classified material whatsoever …
It has been rigoriously tested to the point of destruction ….
100% satififaction that it does what it says in the code …
Now in full technicolor …
More effecient and effective than some advertised remedies … (see here above)
Fast acting (if correctly used)
Verbose … so no hidden extras and understandable to non perl witchies/wizzies …

Hopefully WordPress won’t mangal the code … when it mistakes perl pipe definitions.

#!/usr/bin/perl
use DBI;
my $base =  $ARGV[0];

if(-e $base) {
	if(-d $base) { $site = "$base"."sites/default/settings.php"};
	  my %conf_args = {};
	  if((-f $site) && open (DATA, "< $site")) {
      my %conf_args = {};

      while( <DATA>) {
        chomp $_;
        # jump comment rows
        next if(m/^(( |\/)\*+|#|$|\>)/);
        $m2=m/^ *\'(database|username|password|prefix)\'\ *\=> *\'([\w]*)\',$/;
        if ($1 && $2) {
          print "captured: $1 $2\n";
          $conf_args{$1} = $2;
          next;
        }
      }
      close (DATA);
      print "\nEnter new password: ";
      my $passwd = <STDIN>;
      chomp $passwd;
      my $cmd="php ./scripts/password-hash.sh $passwd";
      chdir "$base";
      my $has=qx/$cmd/;

      if($has =~  /hash: (.+)/) {
        my $hash=$1;
        chomp $hash;
        print "$hash\n";

        my $dbh = DBI->connect("DBI:mysql:$conf_args{'database'}", $conf_args{'username'}, $conf_args{'password'}, {RaiseError=>1})
          or die "Couldn't connect to database: " . DBI->errstr;
        my $user_tbl = "$conf_args{'prefix'}users";
        my $sql="UPDATE $user_tbl SET pass=\'$hash\' WHERE uid = 1";

        my $qu = $dbh->prepare($sql)
          or die "Prepared failed: " . $dbh->errstr;

        $affected = $qu->execute or die 'Execute failed: ' . $dbh->errstr;
          die "$dbh->errstr" if (!affected); # trap errors
          die "No rows updated" if ($affected eq '0E0');

        print "Drupal superuser account password reset!\n";

        $qu -> finish();
        $dbh->disconnect();
      }
	  }
    else {
      print "File $site not found.\n";
    }
}
else {
	print "Directory $base not found.\n";
}

Simple cut’n’paste into your favourite linux directory, giving the file an appropraiate name and pl extension and with cli. Run the script from the commandline.

perl the_file_name_of_your_choise.pl the_base_dir_of_your_drupal_7_installation

press return

You should consult a qualified Perl consultant before use … failure to do so is at your risk

It is recommended that you read the instructions from the first to last letter and translate them into Finnish (as I have spent the time scritping this listerning to RadioPookie). Why, it makes me more effecient … now I can listern to some Mary Chain

Advertisements

Reset Your Joomla Super Admin Password in 5 Seconds

With tried and tested to utter destruction perl script.

Yes, you can, 5 seconds is all it takes !

It’s tried, it tested, (are you feeling sleepy)

Empower yourself, save time and avoid stress

No need to wreck your brain trawling the configuration.php file for the db parameters you need.

No, this script does it all! (are you feeling sleeeeepy)

No money back guarantee

What will it cost you … just a pauper ransom, that’s 00.00 centissime!

Yes, I know I been reading one of those Web marketing books, were you hypnotised, are you feeling sleepy, by my copy. Simply put this perl script derives the database information from the Joomla configuration file – just supply the correct path to the joomla top level directory instance when executing the script.from the command line.

Enter the new password at the prompt and (as Francoise Hardy would say) voila, the password is reset.

The script is verbose so even non perl wizzes/witchees can understand it.

Warning – using the script is at your own risk!

#!/usr/bin/perl

use DBI;

my $jmldir =  $ARGV[0];

if(-e $ARGV[0])
{
  if(-d $ARGV[0]) { $jmldir = "$ARGV[0]"."configuration.php"};
  my %conf_args = {};
  if((-f $jmldir) && open (DATA, "< $jmldir"))
  {
    while( <DATA> )
    {
      chomp $_;
      #([\w]*)to capture all settings
      $m2=m/\$(user|db|password|dbprefix)\s\=.\'([\w]*)\'?/;
      if ($1 && $2) {
        $conf_args{$1} = $2;
      }
    }
    close (DATA);

    my $dbh = DBI->connect("DBI:mysql:$conf_args{'db'}", $conf_args{'user'}, $conf_args{'password'}, {RaiseError=>1})
      or die "Couldn't connect to database: " . DBI->errstr;
    my $jml_tbl = "$conf_args{'dbprefix'}users";

    print "\nEnter new password: ";
    my $name = ;;
    chomp($name);

    my $sql="UPDATE $jml_tbl SET PASSWORD=MD5('$name') WHERE username='admin'";
    my $qu = $dbh->prepare($sql)
      or die "Prepared failed: " . $dbh->errstr;

    $affected = $qu->execute or die 'Execute failed: ' . $dbh->errstr;
    die "$dbh->errstr" if (!affected); # trap errors
    die "No rows updated" if ($affected eq '0E0');

    print "Joomla admin account updated!\n";

    $qu -> finish();
    $dbh->disconnect();
  }
  else
  {
    print "can not open $jmldir!";
  }
}
else
{
  print "$jmldir does not exist!";
}
exit;

Joomla Password Reset

If you forget your Joomla (version 1.5 and above) super admin password and you have access to the local machine you can run the following PERL script to reset it. Note, if you have changed the default name of the super admin (which you should always do and the id) then you will have to change the SQL update WHERE clause to the appropriate value. The code is quite verbose: meaning anybody with a little PERL can modify it to include changing the super admins username.

#!/usr/bin/perl

use DBI;

if ($#ARGV != 3) {
  print “\nUsage: jmlpasswd.pl dbname prefix dbuser dbpasswd\n”;
  exit;
}

my $dbname = $ARGV[0];
my $jml_prefix = $ARGV[1] . ‘_users’;
my $dbuser = $ARGV[2];
my $dbpasswd = $ARGV[3];

my $dbh = DBI->connect(“DBI:mysql:$dbname”, $dbuser, $dbpasswd, {RaiseError=>1})
  or die “Couldn’t connect to database: ” . DBI->errstr;

print “Enter new password: “;

my $name = <STDIN>;;
chomp($name);

my $sql=”UPDATE $jml_prefix SET PASSWORD=MD5(‘$name’) WHERE username=’admin’”;
#’admin’ is the joomla default user name
my $qu = $dbh->prepare($sql)
  or die “Prepared failed: ” . $dbh->errstr;

$affected = $qu->execute or die ‘Execute failed: ‘ . $dbh->errstr;
die “$dbh->errstr” if (!affected); # trap errors
die “No rows updated” if ($affected eq ’0E0′);

print “Joomla admin password changed!\n”;

$qu -> finish();
$dbh->disconnect();