Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Check password against known hashed password and salt
#!/usr/bin/perl
# Usage: read -s PASSWORD && ./bcrypt-password.pl
use Crypt::Eksblowfish::Bcrypt;
# Read password and salt from environment variables
$password = $ENV{PASSWORD};
$salt = "lfVQ/T2N3dhFVvvPro2Hfu"
$encrypted = encrypt_password($password, $salt);
# Extract bcrypt version, cost, salt, and hashed password
$pattern = '(^\$2a\$\d{2}\$)(.{22})(.*)';
($e_ver_cost, $e_salt, $e_hash) = ($encrypted =~ m!$pattern!);
print "ver+cost: $e_ver_cost\tsalt: $e_salt\n";
print "new hashed password\t$e_hash\n";
print "old hashed password\t4753yuwaNSwLePPlA9IS4YNdjHt93Gm\n";
# Encrypt a password
sub encrypt_password {
my $password = shift;
my $salt = shift;
# Set the cost to 10 and append a NUL
my $settings = '$2a$10$'.$salt;
# Encrypt it
return Crypt::Eksblowfish::Bcrypt::bcrypt($password, $settings);
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.