Ejemplo n.º 1
0
def do_login(db):
    username = request.forms.get('username')
    password = request.forms.get('password')
    error = None
    user = get_user(db, username)
    print(user)
    if (request.forms.get("login")):
        if user is None:
            response.status = 401
            error = "{} is not registered.".format(username)
        elif user.password != password:
            response.status = 401
            error = "Wrong password for {}.".format(username)
        else:
            pass  # Successful login
    elif (request.forms.get("register")):
        # TODO: ex2.1
        load_breaches(db)  # Load here -> load each time
        (plaintext_breaches, hashed_breaches,
         salted_breaches) = get_breaches(db, username)
        for breach in plaintext_breaches:
            if breach.password == password:
                response.status = 401
                error = "Credential is already breached for {} and current password.".format(
                    username)
                break
        if not error:
            for breach in hashed_breaches:
                if breach.hashed_password == hash_sha256(password):
                    response.status = 401
                    error = "Credential is already breached for {} and current password.".format(
                        username)
                    break
        if not error:
            for breach in salted_breaches:
                if breach.salted_password == hash_pbkdf2(
                        password, breach.salt):
                    response.status = 401
                    error = "Credential is already breached for {} and current password.".format(
                        username)
                    break
        if not error and user is not None:
            response.status = 401
            error = "{} is already taken.".format(username)
        if not error:
            create_user(db, username, password)
    else:
        response.status = 400
        error = "Submission error."
    if error is None:  # Perform login
        existing_session = get_session_by_username(db, username)
        if existing_session is not None:
            delete_session(db, existing_session)
        session = create_session(db, username)
        response.set_cookie("session", str(session.get_id()))
        return redirect("/{}".format(username))
    return template("login", error=error)
Ejemplo n.º 2
0
def do_login(db):
    username = request.forms.get('username')
    password = request.forms.get('password')
    error = None
    user = get_user(db, username)
    if (request.forms.get("login")):
        if user is None:
            response.status = 401
            error = "{} is not registered.".format(username)  
        elif user.password != hash_pbkdf2(password, user.salt):
            response.status = 401
            error = "Wrong password for {}.".format(username)
        else:
            pass  # Successful login
    elif (request.forms.get("register")):
        if user is not None:
            response.status = 401
            error = "{} is already taken.".format(username)
        
 ############## My Code ############################################    
        else:
            p,h,s = get_breaches(db, username)
   
            for i in range(len(p)):
                print(i)
                if( password == p[i].password):
                    error = "User/Password Combo Found in Breach"
            
            hp = hash_sha256(password)
            for i in range(len(h)):
                 if(hp == h[i].hashed_password):
                    error = "User/Password Combo Found in Breach"

            for i in range(len(s)):
                sp =  hash_pbkdf2(password, s[i].salt)
                if(sp == s[i].salted_password):
                   error = "User/Password Combo Found in Breach"

 ###################### My Code #############################################    
            create_user(db, username, password)
    else:
        response.status = 400
        error = "Submission error."
    if error is None:  # Perform login
        existing_session = get_session_by_username(db, username)
        if existing_session is not None:
            delete_session(db, existing_session)
        session = create_session(db, username)
        response.set_cookie("session", str(session.get_id()))
        return redirect("/{}".format(username))
    return template("login", error=error)
Ejemplo n.º 3
0
def do_login(db):
    username = request.forms.get('username')
    password = request.forms.get('password')
    error = None
    user = get_user(db, username)
    print(user)

    plaintext_breaches, hashed_breaches, salted_breaches = get_breaches(
        db, username)
    breached = False
    for cred in plaintext_breaches:
        if cred.password == password:
            breached = True
    for cred_h in hashed_breaches:
        if cred_h.hashed_password == hash_sha256(password):
            breached = True
    for cred_s in salted_breaches:
        if cred_s.salted_password == hash_pbkdf2(password, cred_s.salt):
            breached = True

    if (request.forms.get("login")):
        if user is None:
            response.status = 401
            error = "{} is not registered.".format(username)
        elif user.password != hash_pbkdf2(password, user.salt):
            response.status = 401
            error = "Wrong password for {}.".format(username)
        else:
            pass  # Successful login
    elif (request.forms.get("register")):
        if user is not None:
            response.status = 401
            error = "{} is already taken.".format(username)
        elif breached:
            response.status = 401
            error = "This username and password pair is breached!"
        else:
            create_user(db, username, password)
    else:
        response.status = 400
        error = "Submission error."
    if error is None:  # Perform login
        existing_session = get_session_by_username(db, username)
        if existing_session is not None:
            delete_session(db, existing_session)
        session = create_session(db, username)
        response.set_cookie("session", str(session.get_id()))
        return redirect("/{}".format(username))
    return template("login", error=error)
Ejemplo n.º 4
0
def creds_in_breaches(db, username, password):
    plaintext_breaches, hashed_breaches, salted_breaches = get_breaches(
        db, username)
    for user in plaintext_breaches:
        if user.username == username and user.password == password:
            #print('found in plaintext breaches')
            return True

    for user in hashed_breaches:
        hash_pswd = hash_sha256(password)
        if user.username == username and user.hashed_password == hash_pswd:
            #print('found in hashed breaches')
            return True

    for user in salted_breaches:
        salt = user.salt
        salted_hash = hash_pbkdf2(password, salt)
        if user.username == username and user.salted_password == salted_hash:
            #print('found in salted breaches')
            return True

    return False
Ejemplo n.º 5
0
def do_login(db):
    username = request.forms.get('username')
    password = request.forms.get('password')
    error = None
    user = get_user(db, username)
    print(user)
    if (request.forms.get("login")):
        if user is None:
            response.status = 401
            error = "{} is not registered.".format(username)
        elif user.password != hash_pbkdf2(password, user.salt):
            response.status = 401
            error = "Wrong password for {}.".format(username)
        else:
            pass  # Successful login
    elif (request.forms.get("register")):
        flag = 0
        if (user is not None):
            response.status = 401
            error = "{} is already taken.".format(username)
        else:
            if get_breaches(db, username) != ([], [], []):
                pb = load_breach(PLAINTEXT_BREACH_PATH)
                hb = load_breach(HASHED_BREACH_PATH)
                sb = load_breach(SALTED_BREACH_PATH)
                hashed = hash_sha256(password)
                (p, h, s) = get_breaches(db, username)
                print(s)
                if p != []:
                    x = [x for x in pb if username in x][0]
                    if pb[pb.index(x)][1] == password:
                        response.status = 401
                        error = "{}'s password is breached.".format(username)
                        flag = 1
                elif h != []:
                    x = [x for x in hb if username in x][0]
                    if hb[hb.index(x)][1] == hashed:
                        response.status = 401
                        error = "{}'s password is breached.".format(username)
                        flag = 1
                elif s != []:
                    x = [x for x in sb if username in x][0]
                    salted = hash_pbkdf2(password, sb[sb.index(x)][2])
                    if sb[sb.index(x)][1] == salted:
                        response.status = 401
                        error = "{}'s password is breached.".format(username)
                        flag = 1
                if flag != 1:
                    create_user(db, username, password)
            else:
                create_user(db, username, password)
    else:
        response.status = 400
        error = "Submission error."
    if error is None:  # Perform login
        existing_session = get_session_by_username(db, username)
        if existing_session is not None:
            delete_session(db, existing_session)
        session = create_session(db, username)
        response.set_cookie("session", str(session.get_id()))
        return redirect("/{}".format(username))
    return template("login", error=error)
Ejemplo n.º 6
0
def is_hashed_breached(password, hashed_breaches):
    for hashed_breach in hashed_breaches:
        hashed_pwd = hash_sha256(password)
        if hashed_breach.hashed_password == hashed_pwd:
            return True
    return False
Ejemplo n.º 7
0
def hashed_breached(breaches, password):
    for breach in breaches:
        if (hash_sha256(password) == breach.hashed_password):
            return True
    return False
Ejemplo n.º 8
0
def do_login(db):
    username = request.forms.get('username')
    password = request.forms.get('password')
    error = None
    user = get_user(db, username)
    print(user)

    if (request.forms.get("login")):
        if user is None:
            response.status = 401
            error = "{} is not registered.".format(username)

        #for this elif statement, we change password to be the hashed/salted
        #version of the plain text password. We do this by using the hash_pbkdf2
        #function from hash.py using the plain text password and the
        #random_salt assigned to the user. This allows us to throw an error
        #if the hash of the password used to login does not match the hash of
        #the password used to register.
        elif user.password != hash_pbkdf2(password, user.random_salt):
            response.status = 401
            error = "Wrong password for {}.".format(username)
        else:
            pass  # Successful login

    elif (request.forms.get("register")):
        if user is not None:
            response.status = 401
            error = "{} is already taken.".format(username)

        #Within this block of code, we first load in the breaches. Then we have
        #several if statements -- the first checks if the username trying to log
        #in is in the plain text breach. If it is, it checks if the entered
        #password matches the password in the breach -- if it does, it blocks
        #the registration and throws an error. If it does not, no error is
        #thrown and the next if statement is checked. The same process is
        #repeated for the next two if statements (one for the hashed breach and
        #one for the salted breach). All 3 of these if statements will be
        #executed -- this accounts for cases where a username might be present
        #in more than 1 of the breaches. If no errors are thrown, the username
        #and password are approved/created.
        #To test, we took a username from the plain text breach and tested it
        #with the password from the breach -- it was rejected. When we tested
        #with a random password, it was approved. We did the same for the
        #hashed breach by converting one of the hashes into a plain text
        #password -- same results. We also did the same thing for the salted
        #breach, using the password we outputed in brute.py -- same results.
        #This confirmed that our system catches dangerous pairs from all
        #breaches.
        else:
            load_breaches(db)
            breaches = get_breaches(db, username)

            if len(breaches[0]) != 0:
                if password == breaches[0][0].password:
                    response.status = 401
                    error = "This is a dangerous username-password pair. Please choose a different password for {}".format(
                        username)
            if len(breaches[1]) != 0:
                pw_hash = hash_sha256(password)
                if pw_hash == breaches[1][0].hashed_password:
                    response.status = 401
                    error = "This is a dangerous username-password pair. Please choose a different password for {}".format(
                        username)
            if len(breaches[2]) != 0:
                pw_salt = hash_pbkdf2(password, breaches[2][0].salt)
                if pw_salt == breaches[2][0].salted_password:
                    response.status = 401
                    error = "This is a dangerous username-password pair. Please choose a different password for {}".format(
                        username)
            if error == None:
                create_user(db, username, password)

    else:
        response.status = 400
        error = "Submission error."

    if error is None:  # Perform login
        existing_session = get_session_by_username(db, username)
        if existing_session is not None:
            delete_session(db, existing_session)
        session = create_session(db, username)
        response.set_cookie("session", str(session.get_id()))
        return redirect("/{}".format(username))
    return template("login", error=error)
Ejemplo n.º 9
0
def credential_stuffing_attack(creds):
    for cred in creds:
        username, password = cred[0], cred[1]
        if (attempt_login(username, password)
                or attempt_login(username, hash_sha256(password))):
            print(cred)