Decrypt Password API not working?

[wellconnit]

Hi All,

 

I've started using the API lately and am looking at implementing a few different things.

 

I have used GetClientPassword to get the hashed version of the password out of the database, and then I've tried putting it through DecryptPassword but it gives me a response of "array(2) { ["result"]=> string(5) "error" ["message"]=> string(96) "Error generating JSON encoded response: Malformed UTF-8 characters, possibly incorrectly encoded" }" what am I doing wrong?

 

The API documentation referring to DecryptPassword is non-existent.

[sentq]

Hi All,

 

I've started using the API lately and am looking at implementing a few different things.

 

I have used GetClientPassword to get the hashed version of the password out of the database, and then I've tried putting it through DecryptPassword but it gives me a response of "array(2) { ["result"]=> string(5) "error" ["message"]=> string(96) "Error generating JSON encoded response: Malformed UTF-8 characters, possibly incorrectly encoded" }" what am I doing wrong?

 

The API documentation referring to DecryptPassword is non-existent.

https://developers.whmcs.com/api-reference/decryptpassword/

 

you may share the part of code that returning this error?

[wellconnit]

That documentation doesn't actually suggest provide any real instruction.

 

My code is just a a var_dump of the variable after I've done a json_decode on it.

[wellconnit]

https://developers.whmcs.com/api-reference/decryptpassword/

 

you may share the part of code that returning this error?

 

Here is the code; the $clientPassword['password'] variable gives a long hashed password which is giving the error message.

 

$customerpassword = $clientPassword['password'];

//Decypt Password
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $whmcsUrl . 'includes/api.php');
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POSTFIELDS,
   http_build_query(
       array(
           'action' => 'DecryptPassword',
           'username' => $username,
           'password' => $password,
           'password2' => $customerpassword,
           'responsetype' => 'json',
       )
   )
);
$decodedPassword = curl_exec($ch);
curl_close($ch);
$decodedPassword = json_decode($decodedPassword, true);

[wellconnit]

https://developers.whmcs.com/api-reference/decryptpassword/

 

you may share the part of code that returning this error?

 

Hi Sentq,

 

Did you get a chance to take a look at the code I'd pasted??

 

Any help is greatly appreciated with this.

 

Thanks again.

[markhughes]

Are you trying to decrypt the password of a client? You can't. You can only decrypt service and server passwords/hashes.

 

The client passwords are a one-way hash, using bcrypt. You can't even use a rainbow table as they are all attached with a unique salt.

 

You generally use GetClientPassword to set a session.

 

What are you trying to do?

[wellconnit]

Hi Mark,

 

Thanks for the response.

 

**If anyone from WHMCS reads this, maybe it's time to update the API documentation to advise that the Decrypt Password function is only for specific use cases.**

 

I was hoping to be able to display a customer overview to them on a page so that they had all their info in one spot.

 

Have you got a scenario where you'd need to decrypt a service/server password/hash, as all my cPanel passwords come out in plain text when I make the JSON API call?

 

Thanks for your response.