I created a protection for my web pages with apache2 in ubuntu. Now I am creating an application in c++ and I want it uses the same file that Apache2 uses for authentification, but my problem is that I don't know how to decrypt the password generated by apache2. (Maybe I need a key that is used for encryption).

Thank you.

1

2 Answers

.htpasswd entries are HASHES. They are not encrypted passwords. Hashes are designed not to be decryptable. Hence there is no way (unless you bruteforce for a loooong time) to get the password from the .htpasswd file.

What you need to do is apply the same hash algorithm to the password provided to you and compare it to the hash in the .htpasswd file. If the user and hash are the same then you're a go.

9

See in particular Apache HTTPd Password Formats

0

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password

Post as a guest

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge that you have read and understand our privacy policy and code of conduct.