Skip to content

Instantly share code, notes, and snippets.

View cagerton's full-sized avatar

Chris Agerton cagerton

9 followers · 5 following
View GitHub Profile
@cagerton
cagerton / 0upgrade.md
Last active May 12, 2021 23:36
On storing password hashes

Upgrade sha1 => scrypt without user logging in/pw reset:

μBackground:

We hash passwords with one-way hash functions to reduce the impact of password database compromise. Passwords hashed with salted SHA or MD5 can ofen be brute forced. Newer password hashhing techniques like Scrypt/Bcrypt/PBKDF2 add computational work to make brute forcing prohibitively expensive.

Problem:

Your service already has users with salted sha1 password hashes. Since you don't have their original passwords you can't upgrade to a modern password hash without getting each user to log in and enter their password.

You have (salt,sha(salt+password)), you want (salt, scrypt(salt,password))

@cagerton
cagerton / fade_test.py
Created November 12, 2012 07:47
Color fade test for PixelPusher
import socket
import time
from math import pi, sin
UDP_IP = '192.168.2.2'
UDP_PORT = 9897
def Push(messages):
"""Stolen from: https://github.com/robot-head/PixelPusher-python"""
assert type(messages) == list
@cagerton
cagerton / gist:1995257
Created March 7, 2012 19:17
Check your ssh public key fingerprint
# Run this command to check your ssh fingerprint.
ssh-keygen -l -f ~/.ssh/*.pub
@cagerton
cagerton / edge_detect.java
Created May 15, 2011 20:25
Edge detection in Processing
import java.awt.image.BufferedImage;
import java.awt.image.WritableRaster;
PImage input, output;
void setup() {
int width=400;
int height=300;
size(width,height);
output = createImage(width,height,RGB);
@cagerton
cagerton / gist:396515
Created May 10, 2010 20:46
def ones(x):
if x:
print "1",
return ones(x-1)
@cagerton
cagerton / gist:384128
Created April 29, 2010 19:47
def publish_to_wall(user,unfriend):
"""Prints out a pretty unfriends notice"""
logging.info('Posting message to %s' % user.id)
args = {'access_token':user.access_token,
'message':'is no longer friends with %s.' % (unfriend['name']),
'picture':'http://graph.facebook.com/%s/picture' % unfriend['id'],
'link':'http://drama-lama.appspot.com',
'description': 'DramaLama - the unfriending monitor.',
}
post_args = urllib.urlencode(args)
@cagerton
cagerton / drama_lama.py
Created April 23, 2010 23:25
# Steps to monitor who removes you from their friends list on facebook:
# Grab the new Facebook Python-SDK from github.
# Modify & run the appengine+oauth example/demo as follows:
# -in facebookoauth.py define _parse_json & _dump_json
# -in user add two db.TextProperty fields: friends, unfriends
# -swap the HomeHandler class for below...
# -update template to display as desired.
# run & reload every few days and see who doesn't like you anymore.
class HomeHandler(BaseHandler):
@cagerton
cagerton / write_to_dacs.c
Created April 20, 2010 01:36
//MOSI:
#define DATAOUT 11
//MISO: (not used, but part of builtin SPI)
#define DATAIN 12
#define SPICLOCK 13
#define SLAVESELECT 10
#define LDAC 8
void setup() {
byte clr;