Server IP : 103.119.228.120 / Your IP : 18.118.37.85 Web Server : Apache System : Linux v8.techscape8.com 3.10.0-1160.119.1.el7.tuxcare.els2.x86_64 #1 SMP Mon Jul 15 12:09:18 UTC 2024 x86_64 User : nobody ( 99) PHP Version : 5.6.40 Disable Function : shell_exec,symlink,system,exec,proc_get_status,proc_nice,proc_terminate,define_syslog_variables,syslog,openlog,closelog,escapeshellcmd,passthru,ocinum cols,ini_alter,leak,listen,chgrp,apache_note,apache_setenv,debugger_on,debugger_off,ftp_exec,dl,dll,myshellexec,proc_open,socket_bind,proc_close,escapeshellarg,parse_ini_filepopen,fpassthru,exec,passthru,escapeshellarg,escapeshellcmd,proc_close,proc_open,ini_alter,popen,show_source,proc_nice,proc_terminate,proc_get_status,proc_close,pfsockopen,leak,apache_child_terminate,posix_kill,posix_mkfifo,posix_setpgid,posix_setsid,posix_setuid,dl,symlink,shell_exec,system,dl,passthru,escapeshellarg,escapeshellcmd,myshellexec,c99_buff_prepare,c99_sess_put,fpassthru,getdisfunc,fx29exec,fx29exec2,is_windows,disp_freespace,fx29sh_getupdate,fx29_buff_prepare,fx29_sess_put,fx29shexit,fx29fsearch,fx29ftpbrutecheck,fx29sh_tools,fx29sh_about,milw0rm,imagez,sh_name,myshellexec,checkproxyhost,dosyayicek,c99_buff_prepare,c99_sess_put,c99getsource,c99sh_getupdate,c99fsearch,c99shexit,view_perms,posix_getpwuid,posix_getgrgid,posix_kill,parse_perms,parsesort,view_perms_color,set_encoder_input,ls_setcheckboxall,ls_reverse_all,rsg_read,rsg_glob,selfURL,dispsecinfo,unix2DosTime,addFile,system,get_users,view_size,DirFiles,DirFilesWide,DirPrintHTMLHeaders,GetFilesTotal,GetTitles,GetTimeTotal,GetMatchesCount,GetFileMatchesCount,GetResultFiles,fs_copy_dir,fs_copy_obj,fs_move_dir,fs_move_obj,fs_rmdir,SearchText,getmicrotime MySQL : ON | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /usr/local/ssl/local/ssl/local/ssl/local/share/perl5/Crypt/ |
Upload File : |
package Crypt::PasswdMD5; use strict; use warnings; use Digest::MD5; use Exporter 'import'; our @EXPORT = qw/unix_md5_crypt apache_md5_crypt/; our @EXPORT_OK = (@EXPORT, 'random_md5_salt'); our $VERSION ='1.40'; # ------------------------------------------------ my($itoa64) = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'; our($Magic) = q/$1$/; # Magic strings. Need 'our' because of local just below. my($max_salt_length) = 8; # ------------------------------------------------ sub apache_md5_crypt { # Change the Magic string to match the one used by Apache. local $Magic = q/$apr1$/; return unix_md5_crypt(@_); } # End of apache_md5_crypt. # ------------------------------------------------ sub random_md5_salt { my($len) = shift || $max_salt_length; my($salt) = ''; # Sanity check. $len = $max_salt_length unless ( ($len >= 1) and ($len <= $max_salt_length) ); $salt .= substr($itoa64,int(rand(64)),1) for (1..$len); return $salt; } # End of random_md5_salt. # ------------------------------------------------ sub to64 { my($v, $n) = @_; my($ret) = ''; while (--$n >= 0) { $ret .= substr($itoa64, $v & 0x3f, 1); $v >>= 6; } return $ret; } # End of to64. # ------------------------------------------------ sub unix_md5_crypt { my($pw, $salt) = @_; my($passwd); if (defined $salt) { $salt =~ s/^\Q$Magic//; # Take care of the magic string if present. $salt =~ s/^(.*)\$.*$/$1/; # Salt can have up to 8 chars... $salt = substr($salt, 0, 8); } else { $salt = random_md5_salt(); # In case no salt was proffered. } my($ctx) = Digest::MD5 -> new; # Here we start the calculation. $ctx -> add($pw); # Original password... $ctx -> add($Magic); # ...our magic string... $ctx -> add($salt); # ...the salt... my($final) = Digest::MD5 -> new; $final -> add($pw); $final -> add($salt); $final -> add($pw); $final = $final -> digest; for (my $pl = length($pw); $pl > 0; $pl -= 16) { $ctx -> add(substr($final, 0, $pl > 16 ? 16 : $pl) ); } # Now the 'weird' xform. for (my $i = length($pw); $i; $i >>= 1) { if ($i & 1) { $ctx -> add(pack('C', 0) ); } # This comes from the original version, where a # memset() is done to $final before this loop. else { $ctx -> add(substr($pw, 0, 1) ); } } $final = $ctx -> digest; # The following is supposed to make things run slower. # In perl, perhaps it'll be *really* slow! for (my $i = 0; $i < 1000; $i++) { my($ctx1) = Digest::MD5 -> new; if ($i & 1) { $ctx1 -> add($pw); } else { $ctx1 -> add(substr($final, 0, 16) ); } if ($i % 3) { $ctx1 -> add($salt); } if ($i % 7) { $ctx1 -> add($pw); } if ($i & 1) { $ctx1 -> add(substr($final, 0, 16) ); } else { $ctx1 -> add($pw); } $final = $ctx1 -> digest; } # Final xform $passwd = ''; $passwd .= to64(int(unpack('C', (substr($final, 0, 1) ) ) << 16) | int(unpack('C', (substr($final, 6, 1) ) ) << 8) | int(unpack('C', (substr($final, 12, 1) ) ) ), 4); $passwd .= to64(int(unpack('C', (substr($final, 1, 1) ) ) << 16) | int(unpack('C', (substr($final, 7, 1) ) ) << 8) | int(unpack('C', (substr($final, 13, 1) ) ) ), 4); $passwd .= to64(int(unpack('C', (substr($final, 2, 1) ) ) << 16) | int(unpack('C', (substr($final, 8, 1) ) ) << 8) | int(unpack('C', (substr($final, 14, 1) ) ) ), 4); $passwd .= to64(int(unpack('C', (substr($final, 3, 1) ) ) << 16) | int(unpack('C', (substr($final, 9, 1) ) ) << 8) | int(unpack('C', (substr($final, 15, 1) ) ) ), 4); $passwd .= to64(int(unpack('C', (substr($final, 4, 1) ) ) << 16) | int(unpack('C', (substr($final, 10, 1) ) ) << 8) | int(unpack('C', (substr($final, 5, 1) ) ) ), 4); $passwd .= to64(int(unpack('C', substr($final, 11, 1) ) ), 2); return $Magic . $salt . q/$/ . $passwd; } # End of unix_md5_crypt. # ------------------------------------------------ 1; =pod =encoding utf-8 =head1 NAME Crypt::PasswdMD5 - Provide interoperable MD5-based crypt() functions =head1 SYNOPSIS use strict; use warnings; use Crypt::PasswdMD5; my($password) = 'seekrit'; my($salt) = 'pepperoni'; my($unix_crypted) = unix_md5_crypt($password, $salt); my($apache_crypted) = apache_md5_crypt($password, $salt); Or: use strict; use warnings; use Crypt::PasswdMD5 'random_md5_salt'; my($length) = 7; my($salt_1) = random_md5_salt($length); my($salt_2) = random_md5_salt(); # Default to $length == 8. =head1 DESCRIPTION C<apache_md5_crypt()> provides a function compatible with Apache's C<.htpasswd> files. This was contributed by Bryan Hart <bryan@eai.com>. This function is exported by default. The C<unix_md5_crypt()> provides a crypt()-compatible interface to the rather new MD5-based crypt() function found in modern operating systems. It's based on the implementation found on FreeBSD 2.2.[56]-RELEASE. This function is also exported by default. For both functions, if a salt value is not supplied, a random salt will be generated, using the function random_md5_salt(). This function is not exported by default. =head1 LICENSE AND WARRANTY This code and all accompanying software comes with NO WARRANTY. You use it at your own risk. This code and all accompanying software can be used freely under the same terms as Perl itself. =head1 METHODS =head2 apache_md5_crypt($password, $salt) This sets a magic variable, and then passes all the calling parameters to L</unix_md5_crypt($password, $salt)>. Returns an encrypted version of the given password. Basically, it's a very poor choice for anything other than password authentication. =head2 random_md5_salt([$length]) Here, [] indicate an optional parameter. Returns a random salt of the given length. The maximum length is 8. If C<$length> is omitted, it defaults to 8. =head2 unix_md5_crypt($password, $salt) Returns an encrypted version of the given password. Basically, it's a very poor choice for anything other than password authentication. =head1 SUPPORT Bugs should be reported via the CPAN bug tracker at L<http://rt.cpan.org/NoAuth/ReportBug.html?Queue=Crypt-PasswdMD5> =head1 AUTHOR Luis E. Muñoz <luismunoz@cpan.org>. Maintenance by Ron Savage <rsavage@cpan.org> as of V 1.40. =cut