Password changed to md5?

Question

Password changed to md5?

Closed this issue 2 years ago · 9 comments

comfreak89 commented 2 years ago

Answer 1 · 2023-04-28T13:24:40.000Z

could I get some more words please?

Answer 2 · 2023-04-28T19:22:18.000Z

They require that the transmitted password is in md5 encoded now. Plaintext does not work anymore.

Also username and password is mixed up in "foxess-login.sh"

-d "{ \"user\": \"${FOXESS_PASSWORD}\", \"password\": \"${FOXESS_USERNAME}\"

Answer 3 · 2023-04-29T18:42:50.000Z

Thanks for pointing out the vars are wrong, I have also checked the login flow and I can still see my password in plain text.

If you have seen yours MD5ed, could you point me at the URL please?

Answer 4 · 2023-04-29T18:43:09.000Z

also new image should have built and be on the docker hub for you to test

Answer 5 · 2023-05-03T12:26:46.000Z

I do not have the issue - my colleage has it and I just wanted to point out, that he has to authenticate with an hashed md5 password.

The script did not work with the plain text password. After we decrypted the https traffic together from the website via wireshark (decoded TLS with Chrome) there saw that a JavaScript hashes the password with md5 locally before transmitting via https to their servers. After we hashed the password with md5, the script worked.

Answer 6 · 2023-05-11T20:29:49.000Z

So I have been working on a PHP version of this and I still have it working fine with MD5 hashing the password, could you try the dev build on the docker hub?

Answer 7 · 2023-05-18T19:29:08.000Z

yep, thats a thing I have just spotted 🤦🏼

I have a new PHP thing that should now work, your colleague will need to make some changes to get the new program to work

Answer 8 · 2023-05-22T09:32:46.000Z

this can be closed

Answer 9 · 2023-06-15T18:19:30.000Z

closing, new PHP re-write has fixed