def hash_header(header): header_bytes = header_to_string(header).decode('hex') if (header["version"] >= 7): hash_bytes = Hash(header_bytes) # new rules, sha256 else: hash_bytes = HashScrypt(header_bytes) # old scrypt header hashing return rev_hex(hash_bytes.encode('hex'))
def update(form) : if User.session.exists() : user = User.session.get() un, un_repeat = form.get("username"), form.get("username-repeat") pw, pw_repeat = form.get("password"), form.get("password-repeat") if un != un_repeat : flash(u"Bitte wiederhole den neuen Benutzernamen korrekt!", Config.Flash.error) elif pw != pw_repeat : flash(u"Bitte wiederhole das neue Passwort korrekt!", Config.Flash.error) elif not (un or pw) : flash(u"Keine Änderungen eingegeben.", Config.Flash.warn) else : user.update(username = un, password = Hash.hash(pw)) User.session.set(user) flash(u"Die neuen Eingaben wurden erfolgreich übernommen.", Config.Flash.success) return redirect(Config.Urls.App.user)
def hash(self, x): if DEBUG: return "hash("+x+")" return Hash(x)
def hash_header(header): return rev_hex(Hash(header_to_string(header).decode('hex')).encode('hex'))
class Alice: def __init__(self, messages, file_path): """ PSI sender side implementation. \ The relevant files for bob will be located at "file_path/to_bob" """ if type(messages) != np.ndarray: raise ('Error: the messages should be passed as a numpy array') self.messages = messages self.file_path = file_path self.hash_table_size = round( len(messages) / np.log(np.log(messages.size))) print('Number of bins: ' + str(self.hash_table_size)) self.max_bin_size = round(5 * np.log(np.log(messages.size))) print('Single Bin size: ' + str(self.max_bin_size)) self.hash = Hash() self.hash.generate(self.hash_table_size) self.polynomials = self._compute_polynomials() self.encryption_scheme = EncryptionScheme() self.encryption_scheme.generate() t1 = datetime.datetime.now() encrypted_poly = self.encryption_scheme.encrypt_encoded_message( self.polynomials) t2 = datetime.datetime.now() print("Alice's coefficients encryption took " + str(t2 - t1)) base_path = os.path.join(self.file_path, 'to_bob') if not os.path.isdir(base_path): os.mkdir(base_path) key_path = os.path.join(base_path, 'public_key.npy') self.encryption_scheme.to_file(key_path) ciphers_path = os.path.join(base_path, 'ciphertexts.npy') hash_path = os.path.join(base_path, 'hash_params.npy') self.hash.to_file(hash_path) ciphers_array = np.array([ encrypted_poly[i, j].ciphertext for i in range(encrypted_poly.shape[0]) for j in range(encrypted_poly.shape[1]) ], dtype=object) ciphers_array = ciphers_array.reshape(encrypted_poly.shape) np.save(ciphers_path, ciphers_array, allow_pickle=True) def _compute_polynomials(self): polynomials = np.zeros((self.hash_table_size, self.max_bin_size), dtype=int) roots_by_hash = [[] for _ in range(self.hash_table_size)] for message in self.messages: hash_1, hash_2 = self.hash.hash(message) if len(roots_by_hash[hash_1]) < len(roots_by_hash[hash_2]): roots_by_hash[hash_1].append(message) else: roots_by_hash[hash_2].append(message) print('Maximum actual items in a single bin: ' + str(max([len(row) for row in roots_by_hash]))) for i in range(len(roots_by_hash)): roots = np.array(roots_by_hash[i]) poly = MathUtils().polynomial_coefficients_from_roots(roots) for j in range(-int(poly.size), 0, 1): polynomials[i, j] = poly[j + poly.size] return polynomials def evaluate_intersection(self): """ Evaluate the intersection after recieving bob's file \ Bob's file should be located at "file_path/from_bob" """ ciphers_path = os.path.join(self.file_path, 'from_bob/ciphertexts.npy') if not os.path.isfile(ciphers_path): raise ("Error: bob's file was not found") raw_ciphertexts = np.load(ciphers_path, allow_pickle=True) ciphertexts = np.array([ Ciphertext(int(raw_cipher), self.encryption_scheme.public_key) for raw_cipher in raw_ciphertexts ]) decryptions = self.encryption_scheme.decrypt_to_encoded_message( ciphertexts) print('Alice sees from Bob: ' + str(decryptions)) return np.intersect1d(self.messages, decryptions)
el_sign2 = '119841162-2' el2_payload = el_sign2 # Command Execute Payloads payloads = [ { 'name': 'PHP Code eval', 'payload': 'phpinfo();', 'sign': phpinfo_sign }, { 'name': 'PHP Code eval', 'payload': '${print_r(md5(11123))};', 'sign': Hash.md5('11123') }, { 'name': 'Sprint Boot EL', 'payload': '${{new java.lang.String(new byte[]{{{0}}})}}'.format( el_payload), 'sign': el_sign, }, { 'name': 'Sprint Boot EL', 'payload': '${{{0}}}'.format(el2_payload), 'sign': str(eval(el_sign2)) }, { 'name': 'XSS', 'payload': xss_payload, 'sign': xss_sign }, {
def getByRegister(credentials) : username, password = credentials.get("username"), credentials.get("password") if not Database.existsUser(username) : user = User(username, Hash.hash(password)) Database.storeUser(user) return user
def getByLogin(credentials) : data = Database.loadUserByLogin(credentials.get("username"), Hash.hash(credentials.get("password"))) if data : user = User(*data) return user
async def change_password(username: str, new_password: str) -> bool: new_password = new_password.encode("utf-8") hash = Hash.bcrypt_hash(new_password) await players.update_one({"_id": username}, {"$set": {"password": hash}})