def bf(h, dictionary):
f = open(dictionary, 'r')
lines = f.readlines()
print('\033[1;34m[*]\033[0m Starting Brute Force - hash = ' + h)
for i in lines:
h2 = phpass.hash(i[:-1])
if h == h2:
print('\033[1;32m[+]\033[0m Hash Cracked! - Password = ' + i)
def test_sqlresolver_passwords(self):
"""
test that we can use pbkdf2 and bcrypt passwords with an sql resolver
"""
users = {}
# ------------------------------------------------------------------ --
# create the User schema
self.createUserTable()
# ------------------------------------------------------------------ --
# add users
bach_password = "******"
bach_password_hash = ('{PKCS5S2}ZYIjvFLd99ldgx5b7sqOlDCKNt31'
'UBX9HQKxTZwU50WfuZlWTNG5qBsCsFUMWwxC')
users['bach'] = {
'login': '******',
'uid': '21.3.1685',
'telephonenumber': '',
'mobile': bach_password,
'surname': 'Bach',
'givenname': 'Johann Sebastian',
'password': bach_password_hash,
'mail': '*****@*****.**'
}
assert atlassian_pbkdf2_sha1.verify(bach_password, bach_password_hash)
self.addUser(**users['bach'])
# ------------------------------------------------------------------ --
chopin_password = "******"
chopin_password_hash = atlassian_pbkdf2_sha1.hash(chopin_password)
users['chopin'] = {
'login': '******',
'uid': '22.10.1849',
'telephonenumber': '',
'mobile': chopin_password,
'surname': 'Chopin',
'givenname': 'Fryderyk Franciszek',
'password': chopin_password_hash,
'mail': '*****@*****.**'
}
assert atlassian_pbkdf2_sha1.verify(chopin_password,
chopin_password_hash)
self.addUser(**users['chopin'])
# ------------------------------------------------------------------ --
brahms_password = '******'
brahms_password_hash = ('$2a$12$NT0I31Sa7ihGEWpka9ASYrEFk'
'huTNeBQ2xfZskIiiJeyFXhRgS.Sy')
users['brahms'] = {
'login': '******',
'uid': '7.5.1833',
'telephonenumber': '',
'mobile': brahms_password,
'surname': 'Brahms',
'givenname': 'Johannes',
'password': brahms_password_hash,
'mail': '*****@*****.**'
}
assert passlib_bcrypt.verify(brahms_password, brahms_password_hash)
self.addUser(**users['brahms'])
# ------------------------------------------------------------------ --
mozart_password = '******'
mozart_password_hash = passlib_bcrypt.hash(mozart_password)
users['mozart'] = {
'login': '******',
'uid': '27.1.1756',
'telephonenumber': '',
'mobile': mozart_password,
'surname': 'Mozart',
'givenname': 'Wolfgang Amadeus',
'password': mozart_password_hash,
'mail': '*****@*****.**'
}
assert passlib_bcrypt.verify(mozart_password, mozart_password_hash)
self.addUser(**users['mozart'])
# ------------------------------------------------------------------ --
schubert_password = '******'
schubert_password_hash = '$P$8ohUJ.1sdFw09/bMaAQPTGDNi2BIUt1'
users['schubert'] = {
'login': '******',
'uid': '31.1.1797',
'telephonenumber': '',
'mobile': schubert_password,
'surname': 'Schubert',
'givenname': 'Franz Peter',
'password': schubert_password_hash,
'mail': '*****@*****.**'
}
assert passlib_phpass.verify(schubert_password, schubert_password_hash)
self.addUser(**users['schubert'])
# ------------------------------------------------------------------ --
mendelssohn_password = '******'
mendelssohn_password_hash = passlib_phpass.hash(mendelssohn_password)
users['mendelssohn'] = {
'login': '******',
'uid': '31.2.1809',
'telephonenumber': '',
'mobile': mendelssohn_password,
'surname': 'Mendelssohn',
'givenname': 'Jakob Ludwig',
'password': mendelssohn_password_hash,
'mail': '*****@*****.**'
}
assert passlib_phpass.verify(mendelssohn_password,
mendelssohn_password_hash)
self.addUser(**users['mendelssohn'])
# ------------------------------------------------------------- --
# define resolver and realm
realm = 'sqlRealm'
self.addSqlResolver('my_sql_users')
self.addSqlRealm(realm, 'my_sql_users', defaultRealm=True)
# ------------------------------------------------------------- --
# run the pbkdf2 atlasian test with user bach
user = users['bach']['login']
password = users['bach']['mobile']
self.run_password_check(user, password, realm=realm)
# run the pbkdf2 atlasian test with user chopin
user = users['chopin']['login']
password = users['chopin']['mobile']
self.run_password_check(user, password, realm=realm)
# run the bcrypt test with user brahms
user = users['brahms']['login']
password = users['brahms']['mobile']
self.run_password_check(user, password, realm=realm)
# run the bcrypt test with user mozart
user = users['mozart']['login']
password = users['mozart']['mobile']
self.run_password_check(user, password, realm=realm)
# run the php test with user schubert
user = users['schubert']['login']
password = users['schubert']['mobile']
self.run_password_check(user, password, realm=realm)
# run the php test with user mendelssohn
user = users['mendelssohn']['login']
password = users['mendelssohn']['mobile']
self.run_password_check(user, password, realm=realm)
return
def return_phpass(self, secret, options):
from passlib.hash import phpass
return phpass.hash(secret, salt=self.find_salt(options))
def Crypter(args):
if args.encrypt == 'pbkdf2_sha256':
return pbkdf2_sha256.hash(args.text)
elif args.encrypt == 'oracle11':
return oracle11.hash(args.text)
elif args.encrypt == 'argon2':
return argon2.hash(args.text)
elif args.encrypt == 'bcrypt':
return bcrypt.hash(args.text)
elif args.encrypt == 'bcrypt_sha256':
return bcrypt_sha256.hash(args.text)
elif args.encrypt == 'cisco_asa':
return cisco_asa.hash(args.text)
elif args.encrypt == 'cisco_pix':
return cisco_pix.hash(args.text)
elif args.encrypt == 'cisco_type7':
return cisco_type7.hash(args.text)
elif args.encrypt == 'bigcrypt':
return bigcrypt.hash(args.text)
elif args.encrypt == 'bsdi_crypt':
return bsdi_crypt.hash(args.text)
elif args.encrypt == 'des_crypt':
return des_crypt.hash(args.text)
elif args.encrypt == 'hex_md4':
return hex_md4.hash(args.text)
elif args.encrypt == 'hex_md5':
return hex_md5.hash(args.text)
elif args.encrypt == 'hex_sha1':
return hex_sha1.hash(args.text)
elif args.encrypt == 'hex_sha256':
return hex_sha256.hash(args.text)
elif args.encrypt == 'hex_sha512':
return hex_sha512.hash(args.text)
elif args.encrypt == 'django_bcrypt':
return django_bcrypt.hash(args.text)
elif args.encrypt == 'django_disabled':
return django_disabled.hash(args.text)
elif args.encrypt == 'django_bcrypt_sha256':
return django_bcrypt_sha256.hash(args.text)
elif args.encrypt == 'django_des_crypt':
return django_des_crypt.hash(args.text)
elif args.encrypt == 'django_pbkdf2_sha1':
return django_pbkdf2_sha1.hash(args.text)
elif args.encrypt == 'django_pbkdf2_sha256':
return django_pbkdf2_sha256.hash(args.text)
elif args.encrypt == 'django_salted_md5':
return django_salted_md5.hash(args.text)
elif args.encrypt == 'django_salted_sha1':
return django_salted_sha1.hash(args.text)
elif args.encrypt == 'fshp':
return fshp.hash(args.text)
elif args.encrypt == 'ldap_bcrypt':
return ldap_bcrypt.hash(args.text)
elif args.encrypt == 'ldap_md5':
return ldap_md5.hash(args.text)
elif args.encrypt == 'ldap_plaintext':
return ldap_plaintext.hash(args.text)
elif args.encrypt == 'ldap_sha1':
return ldap_sha1.hash(args.text)
elif args.encrypt == 'ldap_bsdi_crypt':
return ldap_bsdi_crypt.hash(args.text)
elif args.encrypt == 'ldap_hex_md5':
return ldap_hex_md5.hash(args.text)
elif args.encrypt == 'ldap_hex_sha1':
return ldap_hex_sha1.hash(args.text)
elif args.encrypt == 'ldap_md5_crypt':
return ldap_md5_crypt.hash(args.text)
elif args.encrypt == 'ldap_pbkdf2_sha1':
return ldap_pbkdf2_sha1.hash(args.text)
elif args.encrypt == 'ldap_pbkdf2_sha256':
return ldap_pbkdf2_sha256.hash(args.text)
elif args.encrypt == 'ldap_pbkdf2_sha512':
return ldap_pbkdf2_sha512.hash(args.text)
elif args.encrypt == 'ldap_salted_md5':
return ldap_salted_md5.hash(args.text)
elif args.encrypt == 'ldap_salted_sha1':
return ldap_salted_sha1.hash(args.text)
elif args.encrypt == 'ldap_sha1_crypt':
return ldap_sha1_crypt.hash(args.text)
elif args.encrypt == 'ldap_sha256_crypt':
return ldap_sha256_crypt.hash(args.text)
elif args.encrypt == 'ldap_sha512_crypt':
return ldap_sha512_crypt.hash(args.text)
elif args.encrypt == 'apr_md5_crypt':
return apr_md5_crypt.hash(args.text)
elif args.encrypt == 'md5_crypt':
return md5_crypt.hash(args.text)
elif args.encrypt == 'plaintext':
return plaintext.hash(args.text)
elif args.encrypt == 'unix_disabled':
return unix_disabled.hash(args.text)
elif args.encrypt == 'unix_fallback':
return unix_fallback.hash(args.text)
elif args.encrypt == 'mssql2000':
return mssql2000.hash(args.text)
elif args.encrypt == 'mssql2005':
return mssql2005.hash(args.text)
elif args.encrypt == 'mysql323':
return mysql323.hash(args.text)
elif args.encrypt == 'mysql41':
return mysql41.hash(args.text)
elif args.encrypt == 'atlassian_pbkdf2_sha1':
return atlassian_pbkdf2_sha1.hash(args.text)
elif args.encrypt == 'cta_pbkdf2_sha1':
return cta_pbkdf2_sha1.hash(args.text)
elif args.encrypt == 'dlitz_pbkdf2_sha1':
return dlitz_pbkdf2_sha1.hash(args.text)
elif args.encrypt == 'grub_pbkdf2_sha512':
return grub_pbkdf2_sha512.hash(args.text)
elif args.encrypt == 'pbkdf2_sha1':
return pbkdf2_sha1.hash(args.text)
elif args.encrypt == 'pbkdf2_sha512':
return pbkdf2_sha512.hash(args.text)
elif args.encrypt == 'phpass':
return phpass.hash(args.text)
elif args.encrypt == 'roundup_plaintext':
return roundup_plaintext.hash(args.text)
elif args.encrypt == 'sun_md5_crypt':
return sun_md5_crypt.hash(args.text)
elif args.encrypt == 'scram':
return scram.hash(args.text)
elif args.encrypt == 'scrypt':
return scrypt.hash(args.text)
elif args.encrypt == 'sha1_crypt':
return sha1_crypt.hash(args.text)
elif args.encrypt == 'sha256_crypt':
return sha256_crypt.hash(args.text)
elif args.encrypt == 'sha512_crypt':
return sha512_crypt.hash(args.text)
elif args.encrypt == 'bsd_nthash':
return bsd_nthash.hash(args.text)
elif args.encrypt == 'lmhash':
return lmhash.hash(args.text)
elif args.encrypt == 'nthash':
return nthash.hash(args.text)
# COMP3550-1 Lab1
# MacchiaroliM 5-17-2020
# Question D1
#############
#Create a Python script to create the PHPass
#hash for the following: "changeme","123456","password"
#Prove them against on-line PHPass generator
#(or from the page given above).
#Just note the first five characters of the
#hashed value.
#############
from passlib.hash import phpass
words = ["changeme", "123456", "password"]
salt = "ZDzPE45C"
for x in words:
print("Hashes for \"" + x + "\":")
print("Salt Used: \"" + salt + "\"")
print("PHPass Hash: " + phpass.hash(
x, salt=salt, rounds=7)) # .encrypt deprecatyed, using hash instead
def hash(a):
h = phpass.hash(a)
return h
def enc():
awal()
putih = "\033[97m"
dfv = raw_input(W + "[" + B + "+" + W + "] Your Text " + B + ": " + G)
asw = raw_input(W + "[" + B + "+" + W + "] Your Password " + B + ": " + G)
print W + "\n* Generate Hash . . . . Please Wait !!!"
time.sleep(1)
print(W + ' ------------------------------------------------')
#md5
daf1 = hashlib.md5(dfv.encode("utf -8")).hexdigest()
print W + "[" + B + "+" + W + "] Md5 " + B + ":" + W, daf1
time.sleep(0.1)
#sha256
daf2 = hashlib.sha256(dfv.encode()).hexdigest()
print W + "[" + B + "+" + W + "] Sha256 " + B + ":" + W, daf2
time.sleep(0.1)
#sha224
daf4 = hashlib.sha224(dfv.encode()).hexdigest()
print W + "[" + B + "+" + W + "] Sha224 " + B + ":" + W, daf4
time.sleep(0.1)
#sha512
daf5 = hashlib.sha512(dfv.encode()).hexdigest()
print W + "[" + B + "+" + W + "] Sha512 " + B + ":" + W, daf5
time.sleep(0.1)
#sha384
daf6 = hashlib.sha384(dfv.encode()).hexdigest()
print W + "[" + B + "+" + W + "] Sha384 " + B + ":" + W, daf6
time.sleep(0.1)
#sha1
daf11 = hashlib.sha1(dfv.encode()).hexdigest()
print W + "[" + B + "+" + W + "] Sha1 " + B + ":" + W, daf11
time.sleep(0.1)
#pbkdf2_sha1
daf12 = pbkdf2_sha1.hash(dfv)
print W + "[" + B + "+" + W + "] Pbkdf2_sha1 " + B + ":" + W, daf12
time.sleep(0.1)
#pbkdf2_sha256
daf13 = pbkdf2_sha256.hash(dfv)
print W + "[" + B + "+" + W + "] Pbkdf2_sha256 " + B + ":" + W, daf13
time.sleep(0.1)
#pbkdf2_sha512
daf14 = pbkdf2_sha512.hash(dfv)
print W + "[" + B + "+" + W + "] Pbkdf2_sha512 " + B + ":" + W, daf14
time.sleep(0.1)
#sha256_crypt
daf15 = sha256_crypt.hash(dfv)
print W + "[" + B + "+" + W + "] Sha256_crypt " + B + ":" + W, daf15
time.sleep(0.1)
#sha512_crypt
daf16 = sha512_crypt.hash(dfv)
print W + "[" + B + "+" + W + "] Sha512_crypt " + B + ":" + W, daf16
time.sleep(0.1)
#md5_crypt
daf17 = md5_crypt.hash(dfv)
print W + "[" + B + "+" + W + "] Md5_crypt " + B + ":" + W, daf17
time.sleep(0.1)
#sha1_crypt
daf18 = sha1_crypt.hash(dfv)
print W + "[" + B + "+" + W + "] Sha_crypt " + B + ":" + W, daf18
time.sleep(0.1)
#sha1_crypt
daf18 = sha1_crypt.hash(dfv)
print W + "[" + B + "+" + W + "] Sha_crypt " + B + ":" + W, daf18
time.sleep(0.1)
#sun_md5_crypt
daf19 = sun_md5_crypt.hash(dfv)
print W + "[" + B + "+" + W + "] Sun_md5_crypt " + B + ":" + W, daf19
time.sleep(0)
#des_crypt
daf20 = des_crypt.hash(dfv)
print W + "[" + B + "+" + W + "] Des_crypt " + B + ":" + W, daf20
time.sleep(0.1)
#bsdi_crypt
daf21 = bsdi_crypt.hash(dfv)
print W + "[" + B + "+" + W + "] Bsdi_crypt " + B + ":" + W, daf21
time.sleep(0.1)
#bigcrypt
daf22 = bigcrypt.hash(dfv)
print W + "[" + B + "+" + W + "] Bigcrypt " + B + ":" + W, daf22
time.sleep(0.1)
#crypt16
daf23 = crypt16.hash(dfv)
print W + "[" + B + "+" + W + "] Crypt16 " + B + ":" + W, daf23
time.sleep(0.1)
#phpass
daf24 = phpass.hash(dfv)
print W + "[" + B + "+" + W + "] Phpass " + B + ":" + W, daf24
time.sleep(0.1)
#scram
daf25 = scram.hash(dfv)
print W + "[" + B + "+" + W + "] Scram " + B + ":" + W, daf25
time.sleep(0.1)
#apr_md5_crypt
daf27 = apr_md5_crypt.hash(dfv)
print W + "[" + B + "+" + W + "] Apr_Md5_Crypt " + B + ":" + W, daf27
time.sleep(0.1)
#cta_pbkdf2
daf28 = cta_pbkdf2_sha1.hash(dfv)
print W + "[" + B + "+" + W + "] Cta_pbkdf2_sha1 " + B + ":" + W, daf28
time.sleep(0.1)
#dlitz_pbdf2_sha1
daf29 = dlitz_pbkdf2_sha1.hash(dfv)
print W + "[" + B + "+" + W + "] Dlitz_pbkdf_sha1 " + B + ":" + W, daf29
time.sleep(0.1)
#ldap_md5_crypt
daf30 = ldap_md5_crypt.hash(dfv)
print W + "[" + B + "+" + W + "] Ldap_Md5_Crypt " + B + ":" + W, daf30
time.sleep(0.1)
#ldap_hex_md5
daf31 = ldap_hex_md5.hash(dfv)
print W + "[" + B + "+" + W + "] Ldap_Hex_Md5 " + B + ":" + W, daf31
time.sleep(0.1)
#ldao_hex_sha1
daf32 = ldap_hex_sha1.hash(dfv)
print W + "[" + B + "+" + W + "] Ldap_Hex_Sha1 " + B + ":" + W, daf32
time.sleep(0.1)
#ldap_pbkdf2_sha1
daf33 = ldap_pbkdf2_sha1.hash(dfv)
print W + "[" + B + "+" + W + "] Ldap_pbkdf2_sha1 " + B + ":" + W, daf33
time.sleep(0.1)
#ldap_pbkdf2_sha256
daf34 = ldap_pbkdf2_sha256.hash(dfv)
print W + "[" + B + "+" + W + "] Ldap_pbkdf2_sha256 " + B + ":" + W, daf34
time.sleep(0.1)
#ldap_pbkdf2_sha512
daf35 = ldap_pbkdf2_sha512.hash(dfv)
print W + "[" + B + "+" + W + "] Ldap_pbdf2_sha512 " + B + ":" + W, daf35
time.sleep(0.1)
#atlassian_pbkdf2_sha1
daf36 = atlassian_pbkdf2_sha1.hash(dfv)
print W + "[" + B + "+" + W + "] Atlassian_pbkdf2_sha1 " + B + ":" + W, daf36
time.sleep(0.1)
#fshp
daf37 = fshp.hash(dfv)
print W + "[" + B + "+" + W + "] Fshp " + B + ":" + W, daf37
time.sleep(0.1)
#mysql323
daf38 = mysql323.hash(dfv)
print W + "[" + B + "+" + W + "] Mysql323 " + B + ":" + W, daf38
time.sleep(0.1)
#mysql41
daf39 = mysql41.hash(dfv)
print W + "[" + B + "+" + W + "] Mysql41 " + B + ":" + W, daf39
time.sleep(0.1)
#postgres_md5
daf40 = postgres_md5.hash(dfv, user=asw)
print W + "[" + B + "+" + W + "] Postgres_md5 " + B + ":" + W, daf40
time.sleep(0.1)
#oracle10
daf41 = oracle10.hash(dfv, user=asw)
print W + "[" + B + "+" + W + "] Oracle10 " + B + ":" + W, daf41
time.sleep(0.1)
#oracle11
daf42 = oracle11.hash(dfv)
print W + "[" + B + "+" + W + "] Oracle11 " + B + ":" + W, daf42
time.sleep(0.1)
#lmhash
daf43 = lmhash.hash(dfv)
print W + "[" + B + "+" + W + "] Lmhash " + B + ":" + W, daf43
time.sleep(0.1)
#nthash
daf44 = nthash.hash(dfv)
print W + "[" + B + "+" + W + "] Nthash " + B + ":" + W, daf44
time.sleep(0.1)
#msdcc
daf45 = msdcc.hash(dfv, user=asw)
print W + "[" + B + "+" + W + "] Msdcc " + B + ":" + W, daf45
time.sleep(0.1)
#msdcc2
daf46 = msdcc2.hash(dfv, user=asw)
print W + "[" + B + "+" + W + "] Msdcc2 " + B + ":" + W, daf46
time.sleep(0.1)
#cisco_type7
daf47 = cisco_type7.hash(dfv)
print W + "[" + B + "+" + W + "] Cisco_type7 " + B + ":" + W, daf47
time.sleep(0.1)
#grub_pbkdf2_sha512
daf48 = grub_pbkdf2_sha512.hash(dfv)
print W + "[" + B + "+" + W + "] Grub_pbkdf2_sha512 " + B + ":" + W, daf48
time.sleep(0.1)
#hex_sha1
daf49 = hex_sha1.hash(dfv)
print W + "[" + B + "+" + W + "] Hex_Sha1 " + B + ":" + W, daf49
time.sleep(0.1)
#pwd
daf50 = pwd.genword()
print W + "[" + B + "+" + W + "] Pwd " + B + ":" + W, daf50
time.sleep(0.1)
#mssql2005
daf51 = cuk.hash(dfv)
print W + "[" + B + "+" + W + "] Mssql2005 " + B + ":" + W, daf51
time.sleep(0.1)
#Mssql2000
daf52 = cak.hash(dfv)
print W + "[" + B + "+" + W + "] Mssql2000 " + B + ":" + W, daf52
time.sleep(0.1)
#ldap_salted_md5
daf52 = cik.hash(dfv)
print W + "[" + B + "+" + W + "] Ldap_salted_md5 " + B + ":" + W, daf52
time.sleep(0.1)
def test_sqlresolver_passwords(self):
"""
test that we can use pbkdf2 and bcrypt passwords with an sql resolver
"""
users = {}
# ------------------------------------------------------------------ --
# create the User schema
self.createUserTable()
# ------------------------------------------------------------------ --
# add users
bach_password = "******"
bach_password_hash = ("{PKCS5S2}ZYIjvFLd99ldgx5b7sqOlDCKNt31"
"UBX9HQKxTZwU50WfuZlWTNG5qBsCsFUMWwxC")
users["bach"] = {
"login": "******",
"uid": "21.3.1685",
"telephonenumber": "",
"mobile": bach_password,
"surname": "Bach",
"givenname": "Johann Sebastian",
"password": bach_password_hash,
"mail": "*****@*****.**",
}
assert atlassian_pbkdf2_sha1.verify(bach_password, bach_password_hash)
self.addUser(**users["bach"])
# ------------------------------------------------------------------ --
chopin_password = "******"
chopin_password_hash = atlassian_pbkdf2_sha1.hash(chopin_password)
users["chopin"] = {
"login": "******",
"uid": "22.10.1849",
"telephonenumber": "",
"mobile": chopin_password,
"surname": "Chopin",
"givenname": "Fryderyk Franciszek",
"password": chopin_password_hash,
"mail": "*****@*****.**",
}
assert atlassian_pbkdf2_sha1.verify(chopin_password,
chopin_password_hash)
self.addUser(**users["chopin"])
# ------------------------------------------------------------------ --
brahms_password = "******"
brahms_password_hash = (
"$2a$12$NT0I31Sa7ihGEWpka9ASYrEFkhuTNeBQ2xfZskIiiJeyFXhRgS.Sy")
users["brahms"] = {
"login": "******",
"uid": "7.5.1833",
"telephonenumber": "",
"mobile": brahms_password,
"surname": "Brahms",
"givenname": "Johannes",
"password": brahms_password_hash,
"mail": "*****@*****.**",
}
assert passlib_bcrypt.verify(brahms_password, brahms_password_hash)
self.addUser(**users["brahms"])
# ------------------------------------------------------------------ --
mozart_password = "******"
mozart_password_hash = passlib_bcrypt.hash(mozart_password)
users["mozart"] = {
"login": "******",
"uid": "27.1.1756",
"telephonenumber": "",
"mobile": mozart_password,
"surname": "Mozart",
"givenname": "Wolfgang Amadeus",
"password": mozart_password_hash,
"mail": "*****@*****.**",
}
assert passlib_bcrypt.verify(mozart_password, mozart_password_hash)
self.addUser(**users["mozart"])
# ------------------------------------------------------------------ --
schubert_password = "******"
schubert_password_hash = "$P$8ohUJ.1sdFw09/bMaAQPTGDNi2BIUt1"
users["schubert"] = {
"login": "******",
"uid": "31.1.1797",
"telephonenumber": "",
"mobile": schubert_password,
"surname": "Schubert",
"givenname": "Franz Peter",
"password": schubert_password_hash,
"mail": "*****@*****.**",
}
assert passlib_phpass.verify(schubert_password, schubert_password_hash)
self.addUser(**users["schubert"])
# ------------------------------------------------------------------ --
mendelssohn_password = "******"
mendelssohn_password_hash = passlib_phpass.hash(mendelssohn_password)
users["mendelssohn"] = {
"login": "******",
"uid": "31.2.1809",
"telephonenumber": "",
"mobile": mendelssohn_password,
"surname": "Mendelssohn",
"givenname": "Jakob Ludwig",
"password": mendelssohn_password_hash,
"mail": "*****@*****.**",
}
assert passlib_phpass.verify(mendelssohn_password,
mendelssohn_password_hash)
self.addUser(**users["mendelssohn"])
# ------------------------------------------------------------- --
# define resolver and realm
realm = "sqlRealm"
self.addSqlResolver("my_sql_users")
self.addSqlRealm(realm, "my_sql_users", defaultRealm=True)
# ------------------------------------------------------------- --
# run the pbkdf2 atlasian test with user bach
user = users["bach"]["login"]
password = users["bach"]["mobile"]
self.run_password_check(user, password, realm=realm)
# run the pbkdf2 atlasian test with user chopin
user = users["chopin"]["login"]
password = users["chopin"]["mobile"]
self.run_password_check(user, password, realm=realm)
# run the bcrypt test with user brahms
user = users["brahms"]["login"]
password = users["brahms"]["mobile"]
self.run_password_check(user, password, realm=realm)
# run the bcrypt test with user mozart
user = users["mozart"]["login"]
password = users["mozart"]["mobile"]
self.run_password_check(user, password, realm=realm)
# run the php test with user schubert
user = users["schubert"]["login"]
password = users["schubert"]["mobile"]
self.run_password_check(user, password, realm=realm)
# run the php test with user mendelssohn
user = users["mendelssohn"]["login"]
password = users["mendelssohn"]["mobile"]
self.run_password_check(user, password, realm=realm)
return
from passlib.hash import phpass
var1 = "changeme"
var2 = "123456"
var3 = "password"
salt1 = "ZDzPE45C"
salt2 = "C54EPzDZ"
salt3 = "PEzS45CZ"
myHash1 = phpass.hash(var1, salt=salt1)
myHash2 = phpass.hash(var2, salt=salt2)
myHash3 = phpass.hash(var3, salt=salt3)
print("PHPPass Hash of {}: {}".format(var1, myHash1))
print("PHPPass Hash of {}: {}".format(var2, myHash2))
print("PHPPass Hash of {}: {}\n".format(var3, myHash3))
print("PHPPass Verification of Hash {}: {}".format(var1, phpass.verify(var1, myHash1)))
print("PHPPass Verification of Hash {}: {}".format(var1, phpass.verify(var2, myHash2)))
print("PHPPass Verification of Hash {}: {}\n".format(var1, phpass.verify(var3, myHash3)))
print("Dummy Test of {} Hash: {}".format(var3, phpass.verify("passward", myHash3)))