Has anyone tried patching the 1.2.x source to force logging of all passwords submitted during authentication, not just those that fail?
On 8.1.2011, at 2.19, Dave Brenner wrote:> Has anyone tried patching the 1.2.x source to force logging of all passwords submitted during authentication, not just those that fail?It depends on what you need.. but, as the subject suggests, auth_debug_passwords=yes does basically that for plaintext authentication. You just need to de-base64-decode base64 the base64-encoded data. If that's not enough for you, be more specific what exactly you need.
Possibly Parallel Threads
- How to troubleshoot admin auth values in url format http://admin:password@icecast.org:1234
- .mailboxlist location
- auth_debug_passwords only on mismatches?
- Over-quota bounces seeming to lack sender
- How to set `unicodePwd`? "it's not allowed to set the NT hash password directly"