Created
November 25, 2017 17:47
-
-
Save gacallea/b6c0e9dfb715f4a783a28b7851c796d2 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| ## read the thread that inspired this. | |
| ## https://security.stackexchange.com/questions/46883/is-every-hash-format-that-nginx-accepts-for-http-basic-auth-weak-against-brute-f | |
| if [ $# != 3 ]; then | |
| echo -e "\nusage: ${0##*/} username password file\n" | |
| exit 1 | |
| fi | |
| USERNAME="$1" | |
| PASSWORD="$2" | |
| AUTHFILE="$3" | |
| SALT="$(openssl rand 30)" | |
| SHA1="$(printf "%s%s" "$PASSWORD" "$SALT" | openssl dgst -binary -sha1)" | |
| if [ -s "$AUTHFILE" ]; then | |
| read -r -p "\nThe file \"$AUTHFILE\" exists, do you want to overwrite it (yes, no, append)? [y/n/a] " response | |
| case "$response" in | |
| [Yy]) | |
| printf "$USERNAME:{SSHA}%s\n" "$(printf "%s%s" "$SHA1" "$SALT" | base64)" > "$AUTHFILE"; | |
| echo -e "\nOverwriting the existing file\n"; | |
| exit 0;; | |
| [Aa]) | |
| printf "$USERNAME:{SSHA}%s\n" "$(printf "%s%s" "$SHA1" "$SALT" | base64)" >> "$AUTHFILE"; | |
| echo -e "\nAppending to existing file\n"; | |
| exit 0;; | |
| [Nn]) | |
| echo "\nExiting without saving\n"; | |
| exit 0;; | |
| *) | |
| echo "\nThe provided answer is not valid. use either: 'Y' 'y' 'N' 'n' 'A' 'a'\n"; | |
| exit 2;; | |
| esac | |
| else | |
| printf "$USERNAME:{SSHA}%s\n" "$(printf "%s%s" "$SHA1" "$SALT" | base64)" > "$AUTHFILE"; | |
| echo -e "\nWriting to file '$AUTHFILE'\n"; | |
| exit 0 | |
| fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment