def do_login(db):
username = request.forms.get('username')
password = request.forms.get('password')
error = None
user = get_user(db, username)
print(user)
if (request.forms.get("login")):
if user is None:
response.status = 401
error = "{} is not registered.".format(username)
elif user.password != password:
response.status = 401
error = "Wrong password for {}.".format(username)
else:
pass # Successful login
elif (request.forms.get("register")):
# TODO: ex2.1
load_breaches(db) # Load here -> load each time
(plaintext_breaches, hashed_breaches,
salted_breaches) = get_breaches(db, username)
for breach in plaintext_breaches:
if breach.password == password:
response.status = 401
error = "Credential is already breached for {} and current password.".format(
username)
break
if not error:
for breach in hashed_breaches:
if breach.hashed_password == hash_sha256(password):
response.status = 401
error = "Credential is already breached for {} and current password.".format(
username)
break
if not error:
for breach in salted_breaches:
if breach.salted_password == hash_pbkdf2(
password, breach.salt):
response.status = 401
error = "Credential is already breached for {} and current password.".format(
username)
break
if not error and user is not None:
response.status = 401
error = "{} is already taken.".format(username)
if not error:
create_user(db, username, password)
else:
response.status = 400
error = "Submission error."
if error is None: # Perform login
existing_session = get_session_by_username(db, username)
if existing_session is not None:
delete_session(db, existing_session)
session = create_session(db, username)
response.set_cookie("session", str(session.get_id()))
return redirect("/{}".format(username))
return template("login", error=error)
def do_login(db):
username = request.forms.get('username')
password = request.forms.get('password')
error = None
user = get_user(db, username)
if (request.forms.get("login")):
if user is None:
response.status = 401
error = "{} is not registered.".format(username)
elif user.password != hash_pbkdf2(password, user.salt):
response.status = 401
error = "Wrong password for {}.".format(username)
else:
pass # Successful login
elif (request.forms.get("register")):
if user is not None:
response.status = 401
error = "{} is already taken.".format(username)
############## My Code ############################################
else:
p,h,s = get_breaches(db, username)
for i in range(len(p)):
print(i)
if( password == p[i].password):
error = "User/Password Combo Found in Breach"
hp = hash_sha256(password)
for i in range(len(h)):
if(hp == h[i].hashed_password):
error = "User/Password Combo Found in Breach"
for i in range(len(s)):
sp = hash_pbkdf2(password, s[i].salt)
if(sp == s[i].salted_password):
error = "User/Password Combo Found in Breach"
###################### My Code #############################################
create_user(db, username, password)
else:
response.status = 400
error = "Submission error."
if error is None: # Perform login
existing_session = get_session_by_username(db, username)
if existing_session is not None:
delete_session(db, existing_session)
session = create_session(db, username)
response.set_cookie("session", str(session.get_id()))
return redirect("/{}".format(username))
return template("login", error=error)
def do_login(db):
username = request.forms.get('username')
password = request.forms.get('password')
error = None
user = get_user(db, username)
print(user)
plaintext_breaches, hashed_breaches, salted_breaches = get_breaches(
db, username)
breached = False
for cred in plaintext_breaches:
if cred.password == password:
breached = True
for cred_h in hashed_breaches:
if cred_h.hashed_password == hash_sha256(password):
breached = True
for cred_s in salted_breaches:
if cred_s.salted_password == hash_pbkdf2(password, cred_s.salt):
breached = True
if (request.forms.get("login")):
if user is None:
response.status = 401
error = "{} is not registered.".format(username)
elif user.password != hash_pbkdf2(password, user.salt):
response.status = 401
error = "Wrong password for {}.".format(username)
else:
pass # Successful login
elif (request.forms.get("register")):
if user is not None:
response.status = 401
error = "{} is already taken.".format(username)
elif breached:
response.status = 401
error = "This username and password pair is breached!"
else:
create_user(db, username, password)
else:
response.status = 400
error = "Submission error."
if error is None: # Perform login
existing_session = get_session_by_username(db, username)
if existing_session is not None:
delete_session(db, existing_session)
session = create_session(db, username)
response.set_cookie("session", str(session.get_id()))
return redirect("/{}".format(username))
return template("login", error=error)
def creds_in_breaches(db, username, password):
plaintext_breaches, hashed_breaches, salted_breaches = get_breaches(
db, username)
for user in plaintext_breaches:
if user.username == username and user.password == password:
#print('found in plaintext breaches')
return True
for user in hashed_breaches:
hash_pswd = hash_sha256(password)
if user.username == username and user.hashed_password == hash_pswd:
#print('found in hashed breaches')
return True
for user in salted_breaches:
salt = user.salt
salted_hash = hash_pbkdf2(password, salt)
if user.username == username and user.salted_password == salted_hash:
#print('found in salted breaches')
return True
return False
def do_login(db):
username = request.forms.get('username')
password = request.forms.get('password')
error = None
user = get_user(db, username)
print(user)
if (request.forms.get("login")):
if user is None:
response.status = 401
error = "{} is not registered.".format(username)
elif user.password != hash_pbkdf2(password, user.salt):
response.status = 401
error = "Wrong password for {}.".format(username)
else:
pass # Successful login
elif (request.forms.get("register")):
flag = 0
if (user is not None):
response.status = 401
error = "{} is already taken.".format(username)
else:
if get_breaches(db, username) != ([], [], []):
pb = load_breach(PLAINTEXT_BREACH_PATH)
hb = load_breach(HASHED_BREACH_PATH)
sb = load_breach(SALTED_BREACH_PATH)
hashed = hash_sha256(password)
(p, h, s) = get_breaches(db, username)
print(s)
if p != []:
x = [x for x in pb if username in x][0]
if pb[pb.index(x)][1] == password:
response.status = 401
error = "{}'s password is breached.".format(username)
flag = 1
elif h != []:
x = [x for x in hb if username in x][0]
if hb[hb.index(x)][1] == hashed:
response.status = 401
error = "{}'s password is breached.".format(username)
flag = 1
elif s != []:
x = [x for x in sb if username in x][0]
salted = hash_pbkdf2(password, sb[sb.index(x)][2])
if sb[sb.index(x)][1] == salted:
response.status = 401
error = "{}'s password is breached.".format(username)
flag = 1
if flag != 1:
create_user(db, username, password)
else:
create_user(db, username, password)
else:
response.status = 400
error = "Submission error."
if error is None: # Perform login
existing_session = get_session_by_username(db, username)
if existing_session is not None:
delete_session(db, existing_session)
session = create_session(db, username)
response.set_cookie("session", str(session.get_id()))
return redirect("/{}".format(username))
return template("login", error=error)
def is_hashed_breached(password, hashed_breaches):
for hashed_breach in hashed_breaches:
hashed_pwd = hash_sha256(password)
if hashed_breach.hashed_password == hashed_pwd:
return True
return False
def hashed_breached(breaches, password):
for breach in breaches:
if (hash_sha256(password) == breach.hashed_password):
return True
return False
def do_login(db):
username = request.forms.get('username')
password = request.forms.get('password')
error = None
user = get_user(db, username)
print(user)
if (request.forms.get("login")):
if user is None:
response.status = 401
error = "{} is not registered.".format(username)
#for this elif statement, we change password to be the hashed/salted
#version of the plain text password. We do this by using the hash_pbkdf2
#function from hash.py using the plain text password and the
#random_salt assigned to the user. This allows us to throw an error
#if the hash of the password used to login does not match the hash of
#the password used to register.
elif user.password != hash_pbkdf2(password, user.random_salt):
response.status = 401
error = "Wrong password for {}.".format(username)
else:
pass # Successful login
elif (request.forms.get("register")):
if user is not None:
response.status = 401
error = "{} is already taken.".format(username)
#Within this block of code, we first load in the breaches. Then we have
#several if statements -- the first checks if the username trying to log
#in is in the plain text breach. If it is, it checks if the entered
#password matches the password in the breach -- if it does, it blocks
#the registration and throws an error. If it does not, no error is
#thrown and the next if statement is checked. The same process is
#repeated for the next two if statements (one for the hashed breach and
#one for the salted breach). All 3 of these if statements will be
#executed -- this accounts for cases where a username might be present
#in more than 1 of the breaches. If no errors are thrown, the username
#and password are approved/created.
#To test, we took a username from the plain text breach and tested it
#with the password from the breach -- it was rejected. When we tested
#with a random password, it was approved. We did the same for the
#hashed breach by converting one of the hashes into a plain text
#password -- same results. We also did the same thing for the salted
#breach, using the password we outputed in brute.py -- same results.
#This confirmed that our system catches dangerous pairs from all
#breaches.
else:
load_breaches(db)
breaches = get_breaches(db, username)
if len(breaches[0]) != 0:
if password == breaches[0][0].password:
response.status = 401
error = "This is a dangerous username-password pair. Please choose a different password for {}".format(
username)
if len(breaches[1]) != 0:
pw_hash = hash_sha256(password)
if pw_hash == breaches[1][0].hashed_password:
response.status = 401
error = "This is a dangerous username-password pair. Please choose a different password for {}".format(
username)
if len(breaches[2]) != 0:
pw_salt = hash_pbkdf2(password, breaches[2][0].salt)
if pw_salt == breaches[2][0].salted_password:
response.status = 401
error = "This is a dangerous username-password pair. Please choose a different password for {}".format(
username)
if error == None:
create_user(db, username, password)
else:
response.status = 400
error = "Submission error."
if error is None: # Perform login
existing_session = get_session_by_username(db, username)
if existing_session is not None:
delete_session(db, existing_session)
session = create_session(db, username)
response.set_cookie("session", str(session.get_id()))
return redirect("/{}".format(username))
return template("login", error=error)
def credential_stuffing_attack(creds):
for cred in creds:
username, password = cred[0], cred[1]
if (attempt_login(username, password)
or attempt_login(username, hash_sha256(password))):
print(cred)