def cStep2(self): # STEP 2: # RECEIVE Rb, Server's DH, H(Ra, K_sss) s1 = self.s.recv(2000).decode() self.Log( "Challenge, Diffie-Hellman key part and Response-to-Challenge received." ) # split the message into R_Server, DH_Server, H_Server result = [x.strip() for x in s1.split(',')] DH_Server = int(result[1]) R_Server = result[0] self.R_Server = R_Server H_server = result[2] self.Log("R_Server = " + str(R_Server)) self.Log("DH_Server = " + str(DH_Server)) self.Log("Hash_Server = " + str(H_server)) self.key = pow(DH_Server, self.a) % 77171 self.Log("DH Key: %s" % str(self.key)) # calculate hash and see if it matches with server's response data = self.R_Client + self.SharedSecret hash_val = sha3.sha3_224(data.encode('utf-8')).hexdigest() self.Log("Expected hash = " + str(hash_val)) if (hash_val == H_server): self.Log("Server Identity is Confirmed") self.Log("Click continue to send Response-to-Challenge\n\n") else: self.Log("Server Identity is NOT Confirmed") self.s.close()
def create_acct(): if request.method == "GET": return render_template("create_acct.html") if request.method == "POST": # check if username already exists in DB username = request.form.get("Username") password = sha3.sha3_224( str(request.form.get("Password")).encode('utf-8')).hexdigest() check = db.execute("SELECT * FROM accounts WHERE username = :username", { "username": username }).fetchone() if check is None: db.execute( "INSERT INTO accounts(username, password) VALUES(:username, :password)", { "username": username, "password": password }) db.commit() # get the username of the current user logged in session["username"] = username return render_template("user_home.html", username=username) else: return render_template("create_acct.html", username_taken="Username already taken")
def __init__(self): # Define Supported hashes hashes = dict() hashes['md2'] = lambda x: self._get_md2_hash(x) hashes['md4'] = lambda x: self._get_hashlib_hash('md4', x) hashes['md5'] = lambda x: hashlib.md5(x).hexdigest() hashes['sha'] = lambda x: self._get_hashlib_hash('sha', x) hashes['sha1'] = lambda x: hashlib.sha1(x).hexdigest() hashes['sha256'] = lambda x: hashlib.sha256(x).hexdigest() hashes['sha224'] = lambda x: hashlib.sha224(x).hexdigest() hashes['sha384'] = lambda x: hashlib.sha384(x).hexdigest() hashes['sha512'] = lambda x: hashlib.sha512(x).hexdigest() hashes['sha3_224'] = lambda x: sha3.sha3_224(x).hexdigest() hashes['sha3_256'] = lambda x: sha3.sha3_256(x).hexdigest() hashes['sha3_384'] = lambda x: sha3.sha3_384(x).hexdigest() hashes['sha3_512'] = lambda x: sha3.sha3_512(x).hexdigest() hashes['mmh2'] = lambda x: str(mmhash.get_hash(x)) hashes['mmh2_unsigned'] = lambda x: str(mmhash.get_unsigned_hash(x)) hashes['mmh3_32'] = lambda x: str(mmh3.hash(x)) hashes['mmh3_64_1'] = lambda x: str(mmh3.hash64(x)[0]) hashes['mmh3_64_2'] = lambda x: str(mmh3.hash64(x)[1]) hashes['mmh3_128'] = lambda x: str(mmh3.hash128(x)) hashes['ripemd160'] = lambda x: self._get_hashlib_hash('ripemd160', x) hashes['whirlpool'] = lambda x: self._get_hashlib_hash('whirlpool', x) hashes['blake2b'] = lambda x: pyblake2.blake2b(x).hexdigest() hashes['blake2s'] = lambda x: pyblake2.blake2s(x).hexdigest() hashes['crc32'] = lambda x: str(zlib.crc32(x)) hashes['adler32'] = lambda x: str(zlib.adler32(x)) self._hashes = hashes self.hashes_and_checksums = self._hashes.keys() self.supported_hashes = HASHES
def insert_server_software(domain_id, software, version): software_hash = sha3.sha3_224(str(software + version).encode('utf-8')).hexdigest() stmt = "INSERT IGNORE INTO " + database + ".server_software " \ "(software_hash, domain_id, software, version, created_at) " \ "VALUES (%s, %s, %s, %s, NOW())" params = (software_hash, domain_id, software, version) do_and_done(stmt, params)
def insert_server_has_server_vulnerability(cve, software, version): software_hash = sha3.sha3_224(str(software + version).encode('utf-8')).hexdigest() stmt = "INSERT IGNORE INTO " + database + ".server_software_has_server_vulnerabilities " \ "(cve, software_hash) " \ "VALUES (%s, %s)" params = (cve, software_hash) do_and_done(stmt, params)
def cStep3(self): # STEP 3: # SEND H(R_Server, K_sss) data = self.R_Server + self.SharedSecret hash_val = sha3.sha3_224(data.encode('utf-8')).hexdigest() self.Log("Sending Hash of R_Server and the shared secret = " + str(hash_val)) self.s.send(hash_val.encode()) self.Log("You Can Safely Talk to Server Now")
def make_vulnerability_id(vulnerability): vulnerability_id = '' if "references" in vulnerability: if "cve" in vulnerability['references']: vulnerability_id = 'CVE-' + vulnerability['references']['cve'][0] if vulnerability_id == '': vulnerability_id = sha3.sha3_224( str(vulnerability).encode('utf-8')).hexdigest() return vulnerability_id
def hash_id(str_id, method='sha3'): # case where str_id is not a number try: random_num = float(str_id) + random() * 100 random_num_str = str(random_num).encode() except: random_num_str = str_id + str(random() * 100) random_num_str = random_num_str.encode() if method == 'md5': random_hash_str = hashlib.md5(random_num_str) elif method == 'sha3': random_hash_str = sha3.sha3_224(random_num_str) # print("Row num:", str_id, "Random num: ", random_num_str, "Random Hash: ", random_hash_str.hexdigest()) return random_hash_str.hexdigest()
def encrypt(msg, password): bufferSize = 64 * 1024 # pobieram dane so wyslania f = open("data.txt", "a") f.write(msg) # tworzenie hashu do sprawdzenia wyjsciowej wiadomosci s = sha3.sha3_224(msg.encode('utf-8')).hexdigest() # encrypt pyAesCrypt.encryptFile("data.txt", "data.txt.aes", password[0], bufferSize) pyAesCrypt.encryptFile("data.txt.aes", "output.txt.aes", password[len(password) - 1], bufferSize) return s
def sStep3(self): # STEP 3: # RECEIVE H(R_Server, K_sss) s1 = self.c.recv(2000).decode() self.Log("Response-to-Challenge received.") self.Log("Hash_Client = " + str(s1)) # Calculate hash and see if it matches with client's response data = self.R_Server + self.SharedSecret hash_val = sha3.sha3_224(data.encode('utf-8')).hexdigest() self.Log("Expected hash = " + hash_val) if (hash_val == s1): self.Log("Client Identity is Confirmed") self.Log("You Can Safely Talk to Client Now") else: self.Log("Client Identity is NOT Confirmed") self.c.close()
def sha3_224(string, salt=None, front=False, back=False, **placeholder): """ Create a SHA3 224 hash from a given string > :param string: string to be hashed > :return: an SHA3 224 hash Example: >>> sha3_224("test") 3797bf0afbbfca4a7bbba7602a2b552746876517a7f9b7ce2db0ae7b """ obj = sha3.sha3_224() if salt is not None and front is True and not back: obj.update(salt + string) elif salt is not None and back is True and not front: obj.update(string + salt) else: obj.update(string) return obj.hexdigest()
def sStep1(self): # STEP 1: # RECEIVE Client's DH AND Ra s1 = self.c.recv(2000).decode() self.Log("Diffie-Hellman key part and Challenge received.\n") # split the message into DH_Client and R_Client result = [x.strip() for x in s1.split(',')] DH_Client = int(result[0]) self.DH_Client = DH_Client R_Client = result[1] self.Log("DH_Client = " + str(DH_Client)) self.Log("R_Client = " + str(R_Client)) data = R_Client + self.SharedSecret self.hash_val = sha3.sha3_224(data.encode('utf-8')).hexdigest() self.Log("Hash of R_Client and the shared secret = " + str(self.hash_val)) self.Log( "Click continue to send Challenge, Diffie-Hellman key part and Response-to-Challenge(the hash)\n\n" )
def index(): if request.method == "GET": return render_template("index.html") if request.method == "POST": username = request.form.get("Username") hashed_pass = sha3.sha3_224( str(request.form.get("Password")).encode('utf-8')).hexdigest() check = db.execute( "SELECT * FROM accounts WHERE username = :username AND password = :password", { "username": request.form.get("Username"), "password": hashed_pass }).fetchone() if check is None: message = "Incorrect username or password" return render_template("index.html", result=message) else: session["username"] = username return render_template("user_home.html", username=username)
import sha3 data = 'maydata' s = sha3.sha3_224(data.encode('utf-8')).hexdigest() print(s) data = 'maydata' s = sha3.sha3_384(data.encode('utf-8')).hexdigest() print(s) data = 'maydata' s = sha3.sha3_512(data.encode('utf-8')).hexdigest() print(s)
client_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM) client_socket.connect((HOST, PORT)) print('Connecting to server ....', client_socket.getpeername()) print('Connection established ...', client_socket.getsockname()) print('---------') endTime = time.time() + 60 * 5 while time.time() <= endTime: print(' \n-------- ',count+1,' ------- ') print(dt.datetime.now(),': client message sent .... ') start_round_time = time.time() sha_cli_msg = sha3.sha3_224(CLI_MSG).hexdigest() client_socket.sendall(sha_cli_msg.encode('utf-8')) return_data = client_socket.recv(1024).decode('utf-8') sha_ser_msg = sha3.sha3_224(SER_MSG.encode('utf-8')).hexdigest() if (sha_ser_msg == return_data): round_trip_time.append(time.time() - start_round_time) print(dt.datetime.now(),': client received msg ... Nice to see you') count += 1 time.sleep(2) client_socket.close() print('\n',dt.datetime.now(),': Connection closed ...\n')
def hash(password: str) -> str: # Логика хеширования данных return sha3.sha3_224(password.encode("utf-8")).hexdigest()
def simple_sha(data): return sha3.sha3_224(data.encode('utf-8')).hexdigest()
def hash(password: str) -> str: return sha3.sha3_224(password.encode("utf-8")).hexdigest()
def run_an_instance(scripts_to_process): global total for thesum in scripts_to_process: thesum = thesum[0] total += 1 db, cursor = database.get_mysql_db_cursor() stmt = "SELECT javascript_hash, script FROM aau.javascripts WHERE javascript_hash = %s" params = (thesum, ) cursor.execute(stmt, params) rows = cursor.fetchall() cursor.close() db.close() for row in rows: try: os.mkdir('/tmp/' + thesum) except OSError: pass with open("/tmp/" + thesum + "/tmp.js", 'w+') as f: f.write(row[1]) database.javascript_analyzes_retire(row[0]) subprocess_response = subprocess.run([ "retire", "--verbose", "--outputformat", "json", "--jspath", "/tmp/" + thesum ], stdout=subprocess.PIPE, stderr=subprocess.PIPE) try: if subprocess_response.returncode != 0: if subprocess_response.returncode == 13: real_string = str( subprocess_response.stderr.decode("utf-8")) javascript_data = json.loads(real_string) for data in javascript_data["data"]: for results in data['results']: for vulnerability in results[ "vulnerabilities"]: if "identifiers" in vulnerability and "CVE" in vulnerability[ "identifiers"]: vulnerability_id = vulnerability[ "identifiers"]["CVE"][0] else: vulnerability_id = sha3.sha3_224( str(vulnerability).encode( 'utf-8')).hexdigest() library = results["component"] version = results["version"] library_id = sha3.sha3_224( str(library + version).encode( 'utf-8')).hexdigest() database.insert_vulnerability( vulnerability_id, str(vulnerability), severity(vulnerability["severity"])) database.insert_library( library_id, library, version) database.insert_vulnerability_js_relation( library_id, vulnerability_id) database.insert_js_library_relation( row[0], library_id) else: real_string = str( subprocess_response.stdout.decode("utf-8")) javascript_data = json.loads(real_string) for data in javascript_data["data"]: for results in data['results']: library = results["component"] version = results["version"] library_id = sha3.sha3_224( str(library + version).encode('utf-8')).hexdigest() database.insert_library(library_id, library, version) database.insert_js_library_relation( row[0], library_id) except: pass # TODO: Dump to log file # print("Could not handle " + row[0]) try: os.remove('/tmp/' + thesum + '/tmp.js') except OSError: pass try: os.rmdir('/tmp/' + thesum) except OSError: pass
def continue_button_pressed(self): if (self.sending == 1): if (self.cont_state == 0): self.message = self.m_entry.get( ) #gets the message in the field self.temp_msg = self.m_entry.get() + "\n" # ADD HASHING FOR INTEGRITY PROTECTION data = self.message + str(self.key) hash_val = sha3.sha3_224(data.encode('utf-8')).hexdigest() self.message = self.message + "###" + hash_val + "\n" self.Log("Message to be sent: \n" + self.message + "\n") self.Log("Press continue.\n") self.cont_state = 1 elif (self.cont_state == 1): self.raw = self._pad(self.message) self.Log( "Raw, Padded message with Hash(message, DHKey) added: \n" + self.raw + "\n") self.Log("Press continue.\n") self.cont_state = 2 elif (self.cont_state == 2): self.iv = Random.new().read(AES.block_size) self.Log("Initialization Vector in base64: \n " + str(base64.b64encode(self.iv)) + "\n") self.Log("Press continue.\n") self.cont_state = 3 elif (self.cont_state == 3): self.sharedKey = self.key * pow(10, (16 - len(str(self.key)))) self.Log("Shared DH Key: \n" + str(self.key) + "\n") self.Log("Press continue.\n") self.cont_state = 5 elif (self.cont_state == 5): self.cipher = AES.new( str(self.sharedKey).encode(), AES.MODE_CBC, self.iv) self.Log("Encrypted message in base64 using AES mode CBC: \n" + str( base64.b64encode( self.cipher.encrypt(self.raw.encode()))) + "\n") self.Log("Press continue.\n") self.cont_state = 6 elif (self.cont_state == 6): cipher = AES.new( str(self.sharedKey).encode(), AES.MODE_CBC, self.iv) encr = base64.b64encode(self.iv + cipher.encrypt(self.raw.encode())) self.Log( "Sending encrypted message with Hash(message, DHKey): \n" + str(encr) + "\n") self.Log("DONE\n") if (self.isClient == 1): self.s.send(encr) else: self.c.send(encr) self.cont_state = 0 self.sending = 0 self.messages.insert(tk.END, "Sent: " + self.temp_msg) elif (self.receiving == 1): if (self.cont_state == 0): if (self.isClient == 1): self.s.setblocking(0) try: self.message = self.s.recv(2000) self.Log("Message to be received: \n" + str(self.message) + "\n") self.Log("Press continue.\n") self.cont_state = 1 except: self.Log("nothing to receive") self.s.setblocking(1) else: self.c.setblocking(0) try: self.message = self.c.recv(2000) self.Log("Message to be received: \n" + str(self.message) + "\n") self.Log("Press continue.\n") self.cont_state = 1 except: self.Log("nothing to receive") self.c.setblocking(1) elif (self.cont_state == 1): self.message = base64.b64decode(self.message) self.iv = self.message[:AES.block_size] self.Log("Initialized Vector in base64: \n " + str(base64.b64encode(self.iv)) + "\n") self.Log("Press continue.\n") self.cont_state = 2 elif (self.cont_state == 2): self.sharedKey = self.key * pow(10, (16 - len(str(self.key)))) self.Log("Shared DH Key: \n" + str(self.key) + "\n") self.Log("Press continue.\n") self.cont_state = 4 elif (self.cont_state == 4): cipher = AES.new( str(self.sharedKey).encode(), AES.MODE_CBC, self.iv) msg = self._unpad(cipher.decrypt( self.message[AES.block_size:])).decode('utf-8') # CHECK FOR HASH CHANGE result = [x.strip() for x in str(msg).split("###")] data = result[0] + str(self.key) hash_val = sha3.sha3_224(data.encode('utf-8')).hexdigest() self.Log("Expected hash = " + hash_val) self.Log("Received hash = " + result[1]) if (result[1] != hash_val): self.Log( "Warning! Message has been modified by a third party!") self.Log("Decrypted message using AES mode CBC: \n" + result[0] + "\n") self.Log("DONE\n") self.cont_state = 0 self.receiving = 0 self.messages.insert(tk.END, "Received: " + result[0] + "\n") elif (self.setup == 1): if (self.isClient == 1): if (self.cont_state == 0): self.cStep1() self.cont_state = 1 elif (self.cont_state == 1): self.cStep2() self.cont_state = 2 elif (self.cont_state == 2): self.cStep3() self.cont_state = 0 self.setup = 0 else: if (self.cont_state == 0): self.sStep1() self.cont_state = 1 elif (self.cont_state == 1): self.sStep2() self.cont_state = 2 elif (self.cont_state == 2): self.sStep3() self.cont_state = 0 self.setup = 0 else: self.Log("Send or receive a message to start") return
import sha3 a = "abc" b = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" c = "" d = raw_input("input : ") print "test vector hasil input : " print sha3.sha3_224(d).hexdigest() print "test vector 'abc' : " print sha3.sha3_224(a).hexdigest() print "test vector 'abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq' : " print sha3.sha3_224(b).hexdigest() print "test vector '' : " print sha3.sha3_224(c).hexdigest()
def getHasherSha333(self): return sha3.sha3_224()
def digest(self): return sha3.sha3_224(self._data).digest()
def hashPassword(password): return '' if password == '' else sha3.sha3_224( password.encode('utf-8')).hexdigest()
def hash(password: str) -> str: """Хеширование данных""" return sha3.sha3_224(password.encode("utf-8")).hexdigest()
def __init__(self): self.hasher = sha3.sha3_224()