Plesk uses a database called ‘psa’ to save all the details about the domains, settings, users and their passwords in plain text. A person with root access to the server can easily retrieve email account passwords in a Plesk server from the Mysql prompt.
SSH to the server and connect to the Mysql server
# mysql -uadmin -p`cat /etc/psa/.psa.shadow`
At the mysql prompt, goto the ‘psa’ database which is used by Plesk.
mysql> use psa;
and execute the following command to retrieve passwords of all the email accounts on a domain
mysql> select mail_name, password from domains, mail, accounts where \
domains.name='domainname.com' and domains.id=mail.dom_id and \
mail.id=accounts.id;
where,
replace domainname.com with the actual domain name whose email account passwords you wish to retrieve.
domains, mail, accounts are the table names where different entries of an email account is stored.
Comments are closed.