def auth(): import ConfigParser section = 'Login' key = 'showPassword' if request.method == 'POST' and 'password' in request.form: # Save show password preference in editor config showPassword = True if 'showPassword' in request.form else False try: config = ConfigParser.SafeConfigParser() config.optionxform = str # Don't convert to lower case config.read(CONFIG_FILE) if not config.has_section(section): config.add_section(section) config.set(section, key, str(showPassword)) with open(CONFIG_FILE, 'wb') as configfile: config.write(configfile) except Exception, e: print '## auth save_pref ## Unexpected error: %s' % str(e) # Validate password pw = request.form['password'] hash = get_hash('root') salt = hash[0:2] if crypt(pw, salt) == hash: if login_user(USER_NAMES['rascal']): flash('Logged in!') return redirect(request.args.get('next') or '/') else: flash('Sorry, but you could not log in.') else: flash('Sorry, but you could not log in.')
def read_dic(pwd): ## initialize pwd_match_flag to 0 pwd_match_flag = 0 ## salt value is first 2 characters of the pwd salt = pwd[:2] print('salt "' + salt + '"') ## open dictionary and crypt each password using the salt value dic = open('HW3dictionary.txt', 'r') for d in dic: d = d.strip() # using crypt from hcrypt, create an encrypted password valueusing the derived salt value hpwd = fcrypt.crypt(d, salt) # not required to print all passwords #print(d," : ",hpwd) ## compare each derived encrypted password with the pwd to obtain the unencrypted value if pwd == hpwd: # set pwd_match_flag to 1 pwd_match_flag = 1 print('pwd matched to "' + d + '"') break if pwd_match_flag == 0: print("no password was found")
def checkPassword(hashedpw): salt = hashedpw[0:2] #first 2 characters give salt, per spec dictFile = open('HW1-dictionary.txt', 'r') for word in dictFile.readlines(): word = word.rstrip() cryptWord = crypt(word, salt) if (cryptWord == hashedpw): print "*** Found Password: "******" *** \n" return True print "Password Not Found.\n" return False
def test_pass(crypt_pass, encryption): dict_file = open('dictionary.txt', 'r') for word in dict_file.readlines(): word = word.strip('\n') if(encryption == 'crypt'): salt = crypt_pass[0:2] crypt_word = fcrypt.crypt(word, salt) elif(encryption == 'sha512'): crypt_word = hashlib.sha512(word).hexdigest() if(crypt_word == crypt_pass): print "[+] Found Password: "******"\n" return print "[-] Password Not Found. \n"
def encrypt(password): """ Used to create a password that can be stored safely somewhere. :param password: This is the plain text password. :returns: the result of an fcrypt.crypt(...) call. """ if not password: return ValueError("The password is not a valid string!") return fcrypt.crypt(password, "cE")
def setExportPWD(self, password): context = self.context.aq_inner enc_pwd = crypt(password, 'ad') root_path = '/var/everydo-frs%s' % '/'.join(context.getPhysicalPath()) if not os.path.exists(root_path): os.makedirs(root_path, 0777) path = root_path + '/.htaccess' htaccess = """<IfDefine neverdefine> export:%s </IfDefine> AuthUserFile %s""" htaccess = htaccess % (enc_pwd, path) f = open(path, 'w') f.write(htaccess) plone_utils = getToolByName(context, 'plone_utils') plone_utils.addPortalMessage('导出数据访问密码已经成功设置,请进行第三步。', 'info') return self.request.response.redirect(self.context.absolute_url()+'/@@@@prefs_export_data')
def setExportPWD(self, password): context = self.context.aq_inner enc_pwd = crypt(password, 'ad') root_path = '/var/everydo-frs%s' % '/'.join(context.getPhysicalPath()) if not os.path.exists(root_path): os.makedirs(root_path, 0777) path = root_path + '/.htaccess' htaccess = """<IfDefine neverdefine> export:%s </IfDefine> AuthUserFile %s""" htaccess = htaccess % (enc_pwd, path) f = open(path, 'w') f.write(htaccess) plone_utils = getToolByName(context, 'plone_utils') plone_utils.addPortalMessage('导出数据访问密码已经成功设置,请进行第三步。', 'info') return self.request.response.redirect(self.context.absolute_url() + '/@@@@prefs_export_data')
def password_check(password, hashed): """ Used to check if the given password is equal to given encrypted password. :param password: This is the plain text password. :param arg2: This is the encrypted value, created from an earlier call to encrypt(). :returns: True | False to say whether the passwords match | don't match. """ if not password: return False if not hashed: return False mhash = fcrypt.crypt(password, "cE") get_log().debug("crypt_check: given hash<%s> generated hash <%s>" % (hashed, mhash)) return hashed == mhash
def auth(): import configparser section = 'Login' key = 'showPassword' if request.method == 'POST' and 'password' in request.form: # Save show password preference in editor config showPassword = True if 'showPassword' in request.form else False try: config = ConfigParser.SafeConfigParser() config.optionxform = str # Don't convert to lower case config.read(CONFIG_FILE) if not config.has_section(section): config.add_section(section) config.set(section, key, str(showPassword)) with open(CONFIG_FILE, 'wb') as configfile: config.write(configfile) except Exception as e: print('## auth save_pref ## Unexpected error: {0}'.format(e)) # Validate password pw = request.form['password'] hash = get_hash('root') salt = hash[3:11] if crypt(pw, '$6$' + salt) == hash: if login_user(USER_NAMES['rascal']): flash('Logged in!') return redirect(request.args.get('next') or '/') else: flash('Sorry, but you could not log in.') else: flash('Sorry, but you could not log in.') # Get show password preference config = configparser.SafeConfigParser() config.read(CONFIG_FILE) try: showPassword = config.getboolean(section, key) except (configparser.NoSectionError, configparser.NoOptionError): showPassword = False # Set type of password input element (auth page uses this to sets checkbox state) pwtype = 'text' if showPassword else 'password' return render_template('auth.html', home=HOME, type=pwtype)
def _check_passwd(user_passwd, real_passwd): return real_passwd == fcrypt.crypt(user_passwd, real_passwd[:2])
def realEncode(self, data): if self._salt == None: return fcrypt.crypt(data, data[:2]) return fcrypt.crypt(data, self._salt)
def ckpw(pwd, crpwd): pwd = pwd[:8] if crpwd == crypt(pwd, crpwd[:2]): return 1 return 0
def realTransform(self, data): if self._salt == None: return fcrypt.crypt(data, data[:2]) return fcrypt.crypt(data, self._salt)
import sys import fcrypt import string import random password = sys.argv[0] salt = ''.join(random.sample(string.ascii_letters, 2)) protected_password = fcrypt.crypt(password, salt) print protected_password
def genpw(pwd): pwd = pwd[:8] salt = random.choice(_saltchrs) + random.choice(_saltchrs) return crypt(pwd, salt)