How to decrypt magento enterprise edition password?

Question

I just noticed magento enterprise and community both edition uses different algorithms for storing password. I know community edition uses md5. Can anyone tell me which mech

Answer 1

I think it's on your app/etc/local.xml or app/etc/enterprise.xml on Magento EE

The Decrypt function On Magento Enterprise Edition

/**
 * Decrypt a string
 *
 * @param string $data
 * @return string
 */
public function decrypt($data)
{
    return str_replace("\x0", '', trim($this->_getCrypt()->decrypt(base64_decode((string)$data))));
}

and

/**
 * Instantiate crypt model
 *
 * @param string $key
 * @return Varien_Crypt_Mcrypt
 */
protected function _getCrypt($key = null)
{
    if (!$this->_crypt) {
        if (null === $key) {
            $key = (string)Mage::getConfig()->getNode('global/crypt/key');
        }
        $this->_crypt = Varien_Crypt::factory()->init($key);
    }
    return $this->_crypt;
}

it seems like the same function on Enterprise Edition or Community Edition. You should ask the cript key to Magento Enterprise Edition's Owner and decrypt it with CE. It would be fine because i'm sneaking to Magento Enterprise Edition's Code and the code is the same with Community Edition (for encryption/decryption)

added after comment 1:

/**
 * Hash a string
 *
 * @param string $data
 * @return string
 */
public function hash($data)
{
    return md5($data);
}

/**
 * Validate hash against hashing method (with or without salt)
 *
 * @param string $password
 * @param string $hash
 * @return bool
 * @throws Exception
 */
public function validateHash($password, $hash)
{
    $hashArr = explode(':', $hash);
    switch (count($hashArr)) {
        case 1:
            return $this->hash($password) === $hash;
        case 2:
            return $this->hash($hashArr[1] . $password) === $hashArr[0];
    }
    Mage::throwException('Invalid hash.');
}