cookies wordpresspass_* and wordpressuser_*

  • I was looking at the cookies that wp-login made, and i saw three.

    One was wordpresspass_(bunch of characters) and the other was wordpressuser_(bunch of characters). The (bunch of characters) are the same, but the content is different. wppass_ has more characters, whereas wpuser_ has the word “admin”.

    I’m guessing that it’s saying that because admin is my username, and i’m guessing that the characters in the content is a hash of my password. (please correct me if i’m incorrect)

    I am wondering though, what is the (bunch of characters) made from? How do I recreate it?

    Also there was another cookie called wordpress_test_cookie. the content is “WP+Cookie+check”. Is that important?

    Thanks

Viewing 2 replies - 1 through 2 (of 2 total)

  • People’ve used rainbow tables to try and crack hashes of things like popular forum system passwords and whatnot.

    How Hash Works:

    Hashing takes any amount of data (binary or text) and creates a constant-length hash representing a checksum for the data. For example, the hash might be 16 bytes. Different hashing algorithms produce different size hashes. You obviously cannot re-create the original data from the hash, but you can hash the data again to see if the same hash value is generated. One-way Unix-based passwords work this way. The password is stored as a hash value, and to log onto a system, the password you type is hashed, and the hash value is compared against the hash of the real password. If they match, then you must’ve typed the correct password.

    ‘Dunno if that helps..

    In this particular case and speaking about WordPress 2.2.3, the (bunchofcharacters) is the MD5 sum of the site url minus any trailing slash.

    Example: Let my site url be
    https://localhost/wordpress/

    Omitting the trailing slash and having this site
    compute the md5 hash value will result in

    bbfa5b726c6b7a9cf3cda9370be3ee91

    which is precisely the (bunchofcharacters) found in the cookie.

    I think the value suitable for reproduction is stored in the database table wp_options. Look for the value “siteurl” within the column option_name.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘cookies wordpresspass_* and wordpressuser_*’ is closed to new replies.