def insert_default_users(self, users): self.logger.debug('setting up default users') admin_user = { "uid": "xprdb_admin", "firstName": "Xpresso", "lastName": "Admin", "pwd": sha512_crypt.hash('xprdb@Abz00ba'), "email": "*****@*****.**", "primaryRole": "Admin", "activationStatus": True, "loginStatus": False } users.insert_one(admin_user) superuser = { "uid": "superuser1", "firstName": "superuser1", "lastName": "superuser1", "pwd": sha512_crypt.hash('superuser1'), "email": "*****@*****.**", "primaryRole": "Su", "activationStatus": True, "loginStatus": False } users.insert_one(superuser) admin1_user = { "uid": "admin1", "firstName": "admin1", "lastName": "admin1", "pwd": sha512_crypt.hash('admin1'), "email": "*****@*****.**", "primaryRole": "Admin", "activationStatus": True, "loginStatus": False } users.insert_one(admin1_user)
def compute_uhash(count): """Generate linux system user couple of clear/hashes passwords (SHA512)""" result = dict() for i in _compute_clear_passwordlist(count): hashed = sha512_crypt.hash(i) if sha512_crypt.verify(i, hashed): result[sha512_crypt.hash(i)] = i return compute_markdown_rendering(1, result)
def generate(switch, model_id): model = config.models[model_id] mgmt, vlanid = parse_metadata(switch) if mgmt is None: raise Exception("The switch " + switch + " was not found in ipplan") if radius is None: raise Exception("Radius key not set") if username is None: raise Exception("Username not set") if password is None: raise Exception("User-password not set") if enable is None: raise Exception("Enable password not set") if snmp_ro is None: raise Exception("SNMP ro not set") if snmp_salt is None: raise Exception("SNMP salt not set") # # Template function definition # cfg = tempita.Template(open(model.template).read()) cfg_subbed = cfg.substitute( hostname=switch, model=model, mgmt_ip=mgmt['ip'], mgmt_mask=mgmt['mask'], mgmt_mask_cidr=mgmt['mask_cidr'], mgmt_gw=mgmt['gw'], mgmt_vlanid=mgmt['vlanid'], vlanid=vlanid, wifi_switches=config.wifi_switches, wifi_vlanid=config.wifi_vlanid, password=config.password, password_sha512=sha512_crypt.hash(config.password), enable=config.enable, enable_sha512=sha512_crypt.hash(config.enable), radius=config.radius, snmp_ro=config.snmp_ro, snmp_rw=hashlib.sha1((config.snmp_salt + mgmt['ip']).encode()).hexdigest(), ipplan_host=lambda h: ipplan_host(h), ipplan_pkg=lambda p: ipplan_package(p), # snmp_user=config.snmp_user, # snmp_auth=config.snmp_auth, # snmp_priv=config.snmp_priv ) # We make the Juniper config a script, to be able to add the crontab. if "Juniper" in model_id: jcfg = tempita.Template(open(os.path.join(os.path.dirname(sys.argv[0]), 'juniper.sh.template')).read()) cfg_subbed = jcfg.substitute(config=cfg_subbed) return cfg_subbed
def test_enterprise( self, cluster_backend: ClusterBackend, enterprise_1_9_installer: Path, ) -> None: """ A DC/OS Enterprise 1.9 cluster can be started. """ superuser_username = str(uuid.uuid4()) superuser_password = str(uuid.uuid4()) config = { 'superuser_username': superuser_username, 'superuser_password_hash': sha512_crypt.hash(superuser_password), } with Cluster(cluster_backend=cluster_backend) as cluster: cluster.install_dcos_from_path( dcos_installer=enterprise_1_9_installer, dcos_config={ **cluster.base_config, **config, }, output=Output.CAPTURE, ip_detect_path=cluster_backend.ip_detect_path, ) cluster.wait_for_dcos_ee( superuser_username=superuser_username, superuser_password=superuser_password, )
def update_password(username: str, password: str, new_password: str, salt: str) -> User: """ Update a user's password. :param username: The user's username. :type username: str :param password: The user's current password. :type password: str :param new_password: The user's new password. :type new_password: str :param salt: The user's salt. :type salt: str :return: User """ user = User.query.filter(User.username == username).one() if sha512_crypt.verify(salt_password(password, salt), user.password): user.password = sha512_crypt.hash(salt_password(new_password, salt)) db.session.add(user) db.session.commit() return user else: raise PasswordException(message='Current password is not correct.')
def test_run_pytest( self, cluster_backend: ClusterBackend, enterprise_artifact: Path, ) -> None: """ Integration tests can be run with `pytest`. Errors are raised from `pytest`. """ superuser_username = str(uuid.uuid4()) superuser_password = str(uuid.uuid4()) extra_config = { 'superuser_username': superuser_username, 'superuser_password_hash': sha512_crypt.hash(superuser_password), } with Cluster( generate_config_path=enterprise_artifact, cluster_backend=cluster_backend, extra_config=extra_config, log_output_live=True, ) as cluster: # No error is raised with a successful command. cluster.run_integration_tests( pytest_command=['pytest', '-vvv', '-s', '-x', 'test_tls.py'], env={ 'DCOS_LOGIN_UNAME': superuser_username, 'DCOS_LOGIN_PW': superuser_password, }, )
def register(): if request.method == 'POST': name = request.form.get("name") username = request.form.get("username") password = request.form.get("password") confirm = request.form.get("confirm") users = mongo.db.Credentials.find({}) for item in users: if item["User"] == username: val = render_template( "Error.html", message="This username already exists please choose another" ) return render_template("Error.html", message="Bad username") else: pass secure_password = sha512_crypt.hash(str(password)) creds = { "Name": name, "User": username, "Pass": secure_password, "Admin": False } if password == confirm: mongo.db.Credentials.insert_one(creds) return redirect(url_for('index')) else: return render_template("Error.html", message="Oh No!!!!") else: return render_template("Registration.html")
def jupyter_hub_whitelisted_user(self): return factories.JupyterHubUserFactory( username='******', password=sha512_crypt.hash('pass'), whitelisted=True, admin=False, jupyter_hub_management=self.jupyter_hub_management)
def _encode_secret(attribute, new_value=None): if attribute == 'NT-Password': attribute_value = nthash.hash(new_value) elif attribute == 'LM-Password': attribute_value = lmhash.hash(new_value) elif attribute == 'MD5-Password': attribute_value = md5(new_value.encode('utf-8')).hexdigest() elif attribute == 'SMD5-Password': salt = urandom(4) hash = md5(new_value.encode('utf-8')) hash.update(salt) hash_encoded = encodestring(hash.digest() + salt) attribute_value = hash_encoded.decode('utf-8')[:-1] elif attribute == 'SHA-Password': attribute_value = sha1(new_value.encode('utf-8')).hexdigest() elif attribute == 'SSHA-Password': salt = urandom(4) hash = sha1(new_value.encode('utf-8')) hash.update(salt) hash_encoded = encodestring(hash.digest() + salt) attribute_value = hash_encoded.decode('utf-8')[:-1] elif attribute == 'Crypt-Password': attribute_value = sha512_crypt.hash(new_value) else: attribute_value = new_value return attribute_value
def encode_secret(attribute=settings.FREERADIUS_DEFAULT_SECRET_FORMAT, new_value=None): if attribute == 'Cleartext-Password': password_renewed = new_value elif attribute == 'NT-Password': password_renewed = nthash.hash(new_value) elif attribute == 'LM-Password': password_renewed = lmhash.hash(new_value) elif attribute == 'MD5-Password': password_renewed = md5(new_value.encode('utf-8')).hexdigest() elif attribute == 'SMD5-Password': salt = urandom(4) hash = md5(new_value.encode('utf-8')) hash.update(salt) hash_encoded = encodestring(hash.digest() + salt) password_renewed = hash_encoded.decode('utf-8')[:-1] elif attribute == 'SHA-Password': password_renewed = sha1(new_value.encode('utf-8')).hexdigest() elif attribute == 'SSHA-Password': salt = urandom(4) hash = sha1(new_value.encode('utf-8')) hash.update(salt) hash_encoded = encodestring(hash.digest() + salt) password_renewed = hash_encoded.decode('utf-8')[:-1] elif attribute == 'Crypt-Password': password_renewed = sha512_crypt.hash(new_value) return password_renewed
def calcAndSaveGridOffset(self, selections): pswdFile = open(curdir + "/picturepointspassword.txt", "w+") pswdFile.seek(0) offsetFile = open(curdir + "/picturepointsoffset.txt", "w+") offsetFile.seek(0) self.selected_grids = [] for selection in selections: print("SAVED", selection.x, selection.y) gridBoxX = math.ceil(selection.x / GRID_SIZE) gridBoxY = math.ceil(selection.y / GRID_SIZE) print("SAVED", gridBoxX, gridBoxY) self.selected_grids.append(str(gridBoxX) + " " + str(gridBoxY)) # x and y value of the center of the grid box containing this selected point gridBoxCenterX = gridBoxX * GRID_SIZE - (math.floor(GRID_SIZE / 2)) gridBoxCenterY = gridBoxY * GRID_SIZE - (math.floor(GRID_SIZE / 2)) offsetX = gridBoxCenterX - selection.x offsetY = gridBoxCenterY - selection.y offsetFile.write(str(offsetX) + " " + str(offsetY) + '\n') pswd_hash = sha512_crypt.hash(''.join(self.selected_grids)) pswdFile.write(pswd_hash) sys.exit(0)
def create_account(name, password, auth_code): file_name = directory + "accounts/" + name + ".json" # The account file already exists if os.path.isfile(file_name): return None # Generate an auth code if one isn't provided if auth_code == "": auth_code = create_signup_auth() # Make sure the auth is valid if it was provided # This is also use up the auth if it was generated above if not is_valid_signup_auth(auth_code, True): print("invalid auth") return None # Create the directory for account information if it doesn't exist os.makedirs(directory + "accounts/", exist_ok=True) # Create account file and write information file = open(file_name, "w") file.write( json.dumps({ "password": sha512_crypt.hash(password), "auth_code": auth_code, "settings": {}, })) file.close() return _create_session(Account(name, auth_code, {}))
def hash_password(password): """ Hashes a password using pbkdf2_sha512 :param password: The sha512 password from the login/register form :return: A sha512->pbkdf2_sha512 encrypted password """ return sha512_crypt.hash(password)
def calico_ipip_cluster(docker_backend: Docker, artifact_path: Path, request: SubRequest, log_dir: Path) -> Iterator[Cluster]: with Cluster( cluster_backend=docker_backend, masters=1, agents=2, public_agents=1, ) as cluster: config = { "superuser_username": superuser_username, # We can hash the password with any `passlib`-based method here. # We choose `sha512_crypt` arbitrarily. "superuser_password_hash": sha512_crypt.hash(superuser_password), "calico_vxlan_enabled": "false", "calico_network_cidr": "192.168.128.0/17", } cluster.install_dcos_from_path( dcos_installer=artifact_path, dcos_config={ **cluster.base_config, **config, }, output=Output.LOG_AND_CAPTURE, ip_detect_path=docker_backend.ip_detect_path, ) wait_for_dcos_oss( cluster=cluster, request=request, log_dir=log_dir, ) yield cluster
def jupyter_hub_admin_user(self): return factories.JupyterHubUserFactory( username='******', password=sha512_crypt.hash('pass'), whitelisted=False, admin=True, jupyter_hub_management=self.jupyter_hub_management_linux_pam)
def register(): form = Reg(request.form) if request.method == 'GET': # make sure the method used is define above return render_template('register.html', form=form), logging.warning( "you are under the register page now using GET, well done bacco ") elif request.method == 'POST' and form.validate(): name = form.name.data # the following are the data from the registration form username = form.username.data email = form.email.data password = sha512_crypt.hash(str( form.password.data)) # passsword is encrypted # defining a new variable taking as input the values from the registration form myuser = [{ "name": name, "username": username, "email": email, "password": password }] # insert the list into the mongo db x = mycol.insert_many(myuser), print("inserting this user: "******"in the database called ", mycol) return render_template('register.html', form=form), print( "you are under the register page now using POST, data are sent to database" ) else: print("this is the error")
def get_config( cluster_representation: ClusterRepresentation, extra_config: Dict[str, Any], dcos_variant: DCOSVariant, security_mode: Optional[str], license_key: Optional[Path], ) -> Dict[str, Any]: """ Get a DC/OS configuration to use for the given cluster. """ is_enterprise = bool(dcos_variant == DCOSVariant.ENTERPRISE) if is_enterprise: superuser_username = DEFAULT_SUPERUSER_USERNAME superuser_password = DEFAULT_SUPERUSER_PASSWORD enterprise_extra_config = { 'superuser_username': superuser_username, 'superuser_password_hash': sha512_crypt.hash(superuser_password), 'fault_domain_enabled': False, } if license_key is not None: key_contents = license_key.read_text() enterprise_extra_config['license_key_contents'] = key_contents extra_config = {**enterprise_extra_config, **extra_config} if security_mode is not None: extra_config['security'] = security_mode dcos_config = { **cluster_representation.base_config, **extra_config, } return dcos_config
def test_enterprise( self, cluster_backend: ClusterBackend, enterprise_1_10_artifact: Path, license_key_contents: str, ) -> None: """ A DC/OS Enterprise 1.10 cluster can be started. """ superuser_username = str(uuid.uuid4()) superuser_password = str(uuid.uuid4()) config = { 'superuser_username': superuser_username, 'superuser_password_hash': sha512_crypt.hash(superuser_password), 'fault_domain_enabled': False, 'license_key_contents': license_key_contents, } with Cluster(cluster_backend=cluster_backend) as cluster: cluster.install_dcos_from_path( build_artifact=enterprise_1_10_artifact, dcos_config={ **cluster.base_config, **config, }, log_output_live=True, ) cluster.wait_for_dcos_ee( superuser_username=superuser_username, superuser_password=superuser_password, )
def create_account(name, password, auth_code): directory = Account.directory file_name = directory + "accounts/" + name + ".json" if os.path.isfile(file_name): return None if not Account.is_valid_auth(auth_code): print("invalid auth") return None if auth_code == "": auth_code = create_auth() settings = { "refresh_rate": 0, } account = Account(name, auth_code, settings) os.makedirs(directory + "accounts/", exist_ok=True) file = open(file_name, "w") file.write( json.dumps({ "password": sha512_crypt.hash(password), "auth_code": auth_code, "settings": settings, })) file.close() return Account._create_session(Account(name, auth_code, settings))
def pw_crypt(): ''' Function to hash an inputed string. Hashed string is then saved to variable and returned. ''' pw = getpass.getpass(prompt='Enter the proposed esxi password: ') resp = sha512.hash(pw, rounds=5000) return resp
def responsavel_create(usuario): responsavel = facade.create_observador_facade(tipo=TIPO_USUARIOS['responsavel'], nome=usuario['nome'], senha=sha512_crypt.hash(password_generate()), email=usuario['email']) if isinstance(responsavel, object): itens = facade.set_itens_responsaveis_facade(id=responsavel.id, itens=facade.get_itens_free_facade()) aluno = facade.vincular_responsavel_facade(id_aluno=request.params['vinculo_aluno'], id_responsavel=responsavel.id) if itens and aluno.vinculo_responsavel == str(responsavel.id): return '/gestao_aprendizagem/usuario'
def sha512_hash(txt): """ Returns the SHA512 Hashed secret for use as a password hash in the PanOS configuration :param txt: text to be hashed :return: password hash of the string with salt and configuration information. Suitable to place in the phash field in the configurations """ return sha512_crypt.hash(txt)
def _hash_passwd(password): """ Hash the provided string using SHA512-Crypt Keyword arguments: password -- Key to hash """ pwhash = sha512.hash(password) return "{SHA512-CRYPT}" + pwhash
def gestor_create(usuario): gestor = facade.create_observador_facade(tipo=TIPO_USUARIOS['gestor'], nome=usuario['nome'], senha=sha512_crypt.hash(password_generate()), data_nascimento=usuario['nascimento'], email=usuario['email'], vinculo_rede=usuario['vinculo_rede']) if isinstance(gestor, object): itens = facade.set_itens_responsaveis_facade(id=gestor.id, itens=facade.get_itens_free_facade()) if itens: return '/gestao_aprendizagem/usuario'
def test_auth_with_cli( self, cluster_backend: ClusterBackend, enterprise_artifact: Path, license_key_contents: str, ) -> None: """ After `Cluster.wait_for_dcos_ee`, the DC/OS Enterprise cluster can communicate with the CLI. """ superuser_username = str(uuid.uuid4()) superuser_password = str(uuid.uuid4()) config = { 'superuser_username': superuser_username, 'superuser_password_hash': sha512_crypt.hash(superuser_password), 'fault_domain_enabled': False, 'license_key_contents': license_key_contents, } with Cluster(cluster_backend=cluster_backend) as cluster: cluster.install_dcos_from_path( build_artifact=enterprise_artifact, dcos_config={ **cluster.base_config, **config, }, log_output_live=True, ip_detect_path=cluster_backend.ip_detect_path, ) (master, ) = cluster.masters cluster.wait_for_dcos_ee( superuser_username=superuser_username, superuser_password=superuser_password, ) setup_args = [ 'dcos', 'cluster', 'setup', 'https://' + str(master.public_ip_address), '--no-check', '--username', superuser_username, '--password', superuser_password, ] setup = subprocess.run( args=setup_args, stdout=subprocess.PIPE, stderr=subprocess.PIPE, ) assert setup.returncode == 0 assert setup.stderr == b''
def j2_template(string): env = Environment( trim_blocks=False, lstrip_blocks=False, variable_start_string="{$", variable_end_string="$}", undefined=StrictUndefined, ) env.filters["crypt"] = lambda x: sha512_crypt.hash(x, rounds=5000) return env.from_string(string if type(string) == str else str(string))
def make_password(password: str) -> str: """Returns the hashed password. :param password: The password to encrypt :type password: str :return: The encrypted password :rtype: str """ return sha512_crypt.hash(password)
def addUser(self, name, password): h = sha512_crypt.hash(password) c = self._conn.cursor() c.execute("SELECT id FROM user WHERE name = ? LIMIT 1", (name, )) r = c.fetchone() if r is None: c.execute("INSERT INTO user (name, password) VALUES (?, ?)", (name, h)) else: c.execute("UPDATE user SET password = ? WHERE name = ?", (h, name)) self._conn.commit()
def verify(self, vote): env_counter1 = str(encrypt(pub, vote)) + '_' + str( encrypt(pub, self.share_common)) + '_' + str(uid) env_counter1_hash = CryptContext.hash(env_counter1) if env_counter1_hash == self.env1_hash or self.env2_hash: print("verified") else: print("vote not counted")
def button_handler(self, event): label = event.GetEventObject().GetLabel() lst = ['first', 'second', 'third', 'fourth'] self.selected_pictures.append(label)\ if len(self.selected_pictures) == 4: self.label_1.SetLabel('Passwowrd set') pswd_hash = sha512_crypt.hash(''.join(self.selected_pictures)) print("Hash: " + str(pswd_hash)) else: self.label_1.SetLabel('Select the {s} picture'.format(s=lst[len(self.selected_pictures)]))
def _encrypt(self, clearvalue, salt=None): rounds = param_tools.get_global_parameter("rounds_number") sha512_crypt.using(rounds=rounds) return sha512_crypt.hash(clearvalue)
def set(self, username, password): """Writes a SHA512 hashed password into the specified username""" with self._use_db() as bdb: bdb.put(username, sha512_crypt.hash(password))
if not dcos_variant: print("Please set DCOS_TEST_VARIANT to 'open' or 'enterprise'.", file=sys.stderr) sys.exit(1) private_key_path = os.environ.get('DCOS_TEST_SSH_KEY_PATH') aws_key_pair = ('default', private_key_path) if private_key_path else None cluster_backend = AWS(aws_region='us-east-1', aws_key_pair=aws_key_pair) cluster = Cluster(cluster_backend=cluster_backend, agents=0, public_agents=0) username = '******' password = ''.join(random.choice(string.ascii_letters + string.digits) for i in range(12)) extra_config = { 'superuser_username': username, 'superuser_password_hash': sha512_crypt.hash(password), # 'fault_domain_enabled': False, } test_license = os.environ.get('DCOS_TEST_LICENSE') if test_license: extra_config['license_key_contents'] = test_license dcos_config = {**cluster.base_config, **extra_config} cluster.install_dcos_from_url( dcos_installer=sys.argv[1], dcos_config=dcos_config, ip_detect_path=cluster_backend.ip_detect_path, output=Output.LOG_AND_CAPTURE, )