phpMyAdmin跳过登陆
2021-05-05 17:28
标签:art code lib eve payload ssi check 修改 enc 本地总是需要登陆才行,嫌麻烦,就找了底层代码直接修改代码跳过登陆,修改方式如下: phpMyAdmin跳过登陆 标签:art code lib eve payload ssi check 修改 enc 原文地址:https://www.cnblogs.com/mengwangchuan/p/12106643.html
phpMyAdmin\libraries\classes\Plugins\Auth\AuthenticationCookie.php 文件 readCredentials() 方法
添加了两段代码,下面截取部分代码,红色为添加的代码 $value = $this->cookieDecrypt(
$_COOKIE[‘pmaUser-‘ . $GLOBALS[‘server‘]],
$this->_getEncryptionSecret()
);
$value = ‘root‘;
$_SESSION[‘browser_access_time‘] = array(‘default‘=> time());
$_COOKIE[‘pmaAuth-1‘] = ‘{"iv":"40aTBsj8bIVduuNICE544w==","mac":"9a51ccbeb899a0ac4a37837bf35056663e218e5a","payload":"tZWA9CPztU8aAyAVMhFDgZy5NTuIQBISDQ3xPa8aVVg="}‘;
if ($value === false) {
return false;
}
$this->user = $value;
// user was never logged in since session start
if (empty($_SESSION[‘browser_access_time‘])) {
return false;
}
// check password cookie
if (empty($_COOKIE[‘pmaAuth-‘ . $GLOBALS[‘server‘]])) {
return false;
}
$value = $this->cookieDecrypt(
$_COOKIE[‘pmaAuth-‘ . $GLOBALS[‘server‘]],
$this->_getSessionEncryptionSecret()
);
$value = ‘{"password":"root"}‘;
if ($value === false) {
return false;
}
$auth_data = json_decode($value, true);
上一篇:http