def auth_user(u, p):
db = getattr(g, '_user_db', None)
if not db:
db = g._user_db = sqlite3.connect(user_db_path)
cur = db.cursor()
## User Input Sanitized
if str(u).__contains__("'" or '"' or ","):
print "ERROR: Bad Input."
return None
q = "SELECT name, surname, username, passwd, is_admin FROM users WHERE username= ?;"
cur.execute(q, str(u))
rv = cur.fetchall()
cur.close()
if not rv:
return None
u = User(rv[0][0], rv[0][1], rv[0][2], rv[0][3], rv[0][4])
try:
# We need DES for backwards compatibility with the mainframe.
# But, at least we enforce a reasonable policy! Just for
# future reference, here's the regex: \?[A-Z]{2}[a-z]{2}[0-9]{2}!
if des_crypt.verify(p, u.passwd_hash):
u.is_valid = True
except Exception, e:
print e
def auth_user(u, p):
db = getattr(g, '_user_db', None)
if not db:
db = g._user_db = sqlite3.connect(user_db_path)
cur = db.cursor()
## User Input Sanitized
if str(u).__contains__("'" or '"' or ","):
print "ERROR: Bad Input."
return None
q = "SELECT name, surname, username, passwd, is_admin FROM users WHERE username= ?;"
cur.execute(q, str(u))
rv = cur.fetchall()
cur.close()
if not rv:
return None
u = User(rv[0][0], rv[0][1], rv[0][2], rv[0][3], rv[0][4])
try:
# We need DES for backwards compatibility with the mainframe.
# But, at least we enforce a reasonable policy! Just for
# future reference, here's the regex: \?[A-Z]{2}[a-z]{2}[0-9]{2}!
if des_crypt.verify(p, u.passwd_hash):
u.is_valid = True
except Exception, e:
print e
def bruteforce(username, hash):
# string.printable:
# 0-9 Numbers
# 10-35 Small
# 36-61 Caps
i_num = 0
i_sm = 10
i_cap = 36
list = string.printable
# Regex: ?[two caps][two smalls][two numbers]!
# found during first test: ?MZmn57!
password = ""
start = False
for c1 in range(i_cap, i_cap + 26):
for c2 in range(i_cap, i_cap + 26):
for c3 in range(i_sm, i_sm + 26):
for c4 in range(i_sm, i_sm + 26):
#print password
for c5 in range(i_num, i_num + 10):
for c6 in range(i_num, i_num + 10):
#if start == False:
#start = True
#c1=list.index('M')
#c2=list.index('Z')
#c3=list.index('m')
#c4=list.index('n')
#c5=list.index('5')
#c6=list.index('6')
c_cap1 = list[c1]
c_cap2 = list[c2]
c_sm1 = list[c3]
c_sm2 = list[c4]
c_num1 = list[c5]
c_num2 = list[c6]
password = ('?' + c_cap1 + c_cap2 + c_sm1 + c_sm2 +
c_num1 + c_num2 + '!')
#print password
#test_hash = des_crypt.encrypt(password)
#print test_hash
if des_crypt.verify(password, hash):
logging.info("{\"username\":\"" + username +
"\", \"password\":" + "\"" +
password + "\"}")
return
def bruteforce(username, hash):
# string.printable:
# 0-9 Numbers
# 10-35 Small
# 36-61 Caps
i_num = 0
i_sm = 10
i_cap = 36
list = string.printable
# Regex: ?[two caps][two smalls][two numbers]!
# found during first test: ?MZmn57!
password =""
start = False
for c1 in range(i_cap, i_cap+26):
for c2 in range(i_cap, i_cap+26):
for c3 in range(i_sm, i_sm+26):
for c4 in range(i_sm, i_sm+26):
#print password
for c5 in range(i_num, i_num+10):
for c6 in range(i_num, i_num+10):
#if start == False:
#start = True
#c1=list.index('M')
#c2=list.index('Z')
#c3=list.index('m')
#c4=list.index('n')
#c5=list.index('5')
#c6=list.index('6')
c_cap1 = list[c1]
c_cap2 = list[c2]
c_sm1 = list[c3]
c_sm2 = list[c4]
c_num1 = list[c5]
c_num2 = list[c6]
password = ('?' + c_cap1 + c_cap2 + c_sm1 + c_sm2 + c_num1 + c_num2 + '!')
#print password
#test_hash = des_crypt.encrypt(password)
#print test_hash
if des_crypt.verify(password, hash):
logging.info("{\"username\":\"" + username + "\", \"password\":" + "\""+password+"\"}")
return
def auth_user(u, p):
db = getattr(g, '_user_db', None)
if not db:
db = g._user_db = sqlite3.connect(user_db_path)
cur = db.cursor()
q = "SELECT name, surname, username, passwd, is_admin FROM users WHERE username = ? ;"
cur.execute(q, (u,)) # passing values as parameters is DB safe
rv = cur.fetchall()
cur.close()
if not rv:
return None
u = User(rv[0][0], rv[0][1], rv[0][2], rv[0][3], rv[0][4])
try:
# We need DES for backwards compatibility with the mainframe.
# But, at least we enforce a reasonable policy! Just for
# future reference, here's the regex: \?[A-Z]{2}[a-z]{2}[0-9]{2}!
if des_crypt.verify(p, u.passwd_hash):
u.is_valid = True
except Exception, e:
print e
def auth_user(u, p):
db = getattr(g, '_user_db', None)
if not db:
db = g._user_db = sqlite3.connect(user_db_path)
cur = db.cursor()
q = "SELECT name, surname, username, passwd, is_admin FROM users WHERE username = ? ;"
cur.execute(q, (u, )) # passing values as parameters is DB safe
rv = cur.fetchall()
cur.close()
if not rv:
return None
u = User(rv[0][0], rv[0][1], rv[0][2], rv[0][3], rv[0][4])
try:
# We need DES for backwards compatibility with the mainframe.
# But, at least we enforce a reasonable policy! Just for
# future reference, here's the regex: \?[A-Z]{2}[a-z]{2}[0-9]{2}!
if des_crypt.verify(p, u.passwd_hash):
u.is_valid = True
except Exception, e:
print e
for i in 'GLMNOPQRSTUVWXYZ':
ptext = ptext + i
for j in string.ascii_uppercase:
ptext = ptext + j
for k in string.ascii_lowercase:
ptext = ptext + k
for l in string.ascii_lowercase:
ptext = ptext + l
for m in string.digits:
ptext = ptext + str(m)
for n in string.digits:
ptext = ptext + str(n)
ptext += "!"
for value in hashes:
if des_crypt.verify(ptext, value):#des_crypt.encrypt(ptext) == ".KzJljmMUKjEU" or :
print ptext + " = " + value
hashes.remove(value)
#sys.exit()
#print des_crypt.encrypt(ptext), ptext
ptext = ptext[:-2]
ptext = ptext[:-1]
ptext = ptext[:-1]
ptext = ptext[:-1]
ptext = ptext[:-1]
ptext = ptext[:-1]
sys.exit()
print "Searching for possible password...."
ptext = "?"
for i in string.ascii_uppercase:
ptext = ptext + i
for j in string.ascii_uppercase:
ptext = ptext + j
for k in string.ascii_lowercase:
ptext = ptext + k
for l in string.ascii_lowercase:
ptext = ptext + l
for m in string.digits:
ptext = ptext + str(m)
for n in string.digits:
ptext = ptext + str(n)
ptext += "!"
if des_crypt.verify(ptext, des_hash):
print 'Password Found: ' + ptext
sys.exit()
#print des_crypt.encrypt(ptext)
ptext = ptext[:-2]
ptext = ptext[:-1]
ptext = ptext[:-1]
ptext = ptext[:-1]
ptext = ptext[:-1]
ptext = ptext[:-1]
if len(des_hash) != 13:
print "ERROR: Invalid hash length."
sys.exit()
print "Searching for possible password...."
ptext = "?"
for i in string.ascii_uppercase:
ptext = ptext + i
for j in string.ascii_uppercase:
ptext = ptext + j
for k in string.ascii_lowercase:
ptext = ptext + k
for l in string.ascii_lowercase:
ptext = ptext + l
for m in string.digits:
ptext = ptext + str(m)
for n in string.digits:
ptext = ptext + str(n)
ptext += "!"
if des_crypt.verify(ptext, des_hash):
print 'Password Found: ' + ptext
sys.exit()
#print des_crypt.encrypt(ptext)
ptext = ptext[:-2]
ptext = ptext[:-1]
ptext = ptext[:-1]
ptext = ptext[:-1]
ptext = ptext[:-1]
ptext = ptext[:-1]
ptext = "?"
for i in 'GLMNOPQRSTUVWXYZ':
ptext = ptext + i
for j in string.ascii_uppercase:
ptext = ptext + j
for k in string.ascii_lowercase:
ptext = ptext + k
for l in string.ascii_lowercase:
ptext = ptext + l
for m in string.digits:
ptext = ptext + str(m)
for n in string.digits:
ptext = ptext + str(n)
ptext += "!"
for value in hashes:
if des_crypt.verify(
ptext, value
): #des_crypt.encrypt(ptext) == ".KzJljmMUKjEU" or :
print ptext + " = " + value
hashes.remove(value)
#sys.exit()
#print des_crypt.encrypt(ptext), ptext
ptext = ptext[:-2]
ptext = ptext[:-1]
ptext = ptext[:-1]
ptext = ptext[:-1]
ptext = ptext[:-1]
ptext = ptext[:-1]
