sh0oki/drupal_7_pw.py

## drupal_7_pw.py
#!/usr/bin/python

import hashlib, sys

# Simplified version of https://github.com/drupal/drupal/blob/7.x/includes/password.inc

ALGO = hashlib.sha512

ITOA64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz' # ICHS

def dummy_base64(s, l):
    output = ''
    i = 0
    while True:
        v = ord(s[i])
        i+=1
        output += ITOA64[v & 0x3f]
        if i < (l-1):
            v |= ord(s[i]) << 8
        output += ITOA64[(v>>6) & 0x3f]
        if (i + 1) >= l:
            break
        i += 1
        if not (i < l):
            break
        if i < (l-1):
            v  |= ord(s[i]) << 16
        output += ITOA64[(v >> 12) & 0x3f];
        i += 1
        if not (i < l):
            break
        output += ITOA64[(v >> 18) & 0x3f]
    return output

def hash_password(password, salt, iterations):
    res = ALGO(salt + password).digest()
    for i in xrange(1<<iterations):
        res = ALGO(res + password).digest()
    return dummy_base64(res, len(res))[:43]

def parse_entry(h):
    assert(h[:3] == '$S$')
    iterations = ITOA64.index(h[3])
    salt = h[4:12]
    return {
            'iterations': iterations,
            'salt': salt,
            'hash': h[12:]
            }

def equal_to_password(hashed_entry, password):
    entry = parse_entry(hashed_entry)
    result = hash_password(password, entry['salt'], entry['iterations'])
    return result == entry['hash']

def test(h):
    password = raw_input("Password to check? ")
    if not equal_to_password(h, password):
        print("Oh no, we failed")
    else:
        print("Yey! win")

def main(hashs):
    print hashs
    [test(h) for h in hashs]

if __name__ == '__main__':
    if len(sys.argv) == 1:
        print("Usage: %s hash-1 hash-2 ..." % (sys.argv[0],))
    else:
        main(sys.argv[1:])
	#!/usr/bin/python

	import hashlib, sys

	# Simplified version of https://github.com/drupal/drupal/blob/7.x/includes/password.inc

	ALGO = hashlib.sha512

	ITOA64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz' # ICHS

	def dummy_base64(s, l):
	output = ''
	i = 0
	while True:
	v = ord(s[i])
	i+=1
	output += ITOA64[v & 0x3f]
	if i < (l-1):
	v \|= ord(s[i]) << 8
	output += ITOA64[(v>>6) & 0x3f]
	if (i + 1) >= l:
	break
	i += 1
	if not (i < l):
	break
	if i < (l-1):
	v \|= ord(s[i]) << 16
	output += ITOA64[(v >> 12) & 0x3f];
	i += 1
	if not (i < l):
	break
	output += ITOA64[(v >> 18) & 0x3f]
	return output

	def hash_password(password, salt, iterations):
	res = ALGO(salt + password).digest()
	for i in xrange(1<<iterations):
	res = ALGO(res + password).digest()
	return dummy_base64(res, len(res))[:43]

	def parse_entry(h):
	assert(h[:3] == '$S$')
	iterations = ITOA64.index(h[3])
	salt = h[4:12]
	return {
	'iterations': iterations,
	'salt': salt,
	'hash': h[12:]
	}

	def equal_to_password(hashed_entry, password):
	entry = parse_entry(hashed_entry)
	result = hash_password(password, entry['salt'], entry['iterations'])
	return result == entry['hash']

	def test(h):
	password = raw_input("Password to check? ")
	if not equal_to_password(h, password):
	print("Oh no, we failed")
	else:
	print("Yey! win")

	def main(hashs):
	print hashs
	[test(h) for h in hashs]

	if __name__ == '__main__':
	if len(sys.argv) == 1:
	print("Usage: %s hash-1 hash-2 ..." % (sys.argv[0],))
	else:
	main(sys.argv[1:])