WordPress authentication through a C++ program

Short version: I have a server program that I wrote with C++, and a website with WordPress. I would like to compare the password given by the user to the password stored in WordPress to log the user in.

Long version: At the beginning I thought that WordPress uses MD5 hashes due to the password reset mechanism, but it turns out that WordPress changes the hash after resetting the password, so it’s not MD5 anymore. I have access to the database and I can import the users table. The webserver, the database and the C++ server I wrote run on the same machine with Debian. How can verify a password on C/C++ from WordPress?

Related posts

1 comment

  1. I always assumed wordpress did use MD5 unless you configure it otherwise. The reason why you see the hash changing is probably due to their use of a random salt.

    I think your 2 choices boil down to:

    • Query the MySQL DB directly
    • Shell out to a PHP bootstrap program that includes the skeleton wordpress and pass the username/password via command line to the wordpress API credential check

Comments are closed.