Skip to content

Instantly share code, notes, and snippets.

@trekawek
Last active December 22, 2015 18:50
Show Gist options
  • Save trekawek/9955166 to your computer and use it in GitHub Desktop.
Save trekawek/9955166 to your computer and use it in GitHub Desktop.
CQ password comparator
#!/usr/bin/ruby
require 'openssl'
if ARGV.length != 2
puts "Usage:"
puts "./cq_password.rb HASHED_PASSWORD PLAIN_PASSWORD"
abort
end
hashed_password = ARGV[0]
password = ARGV[1]
algo = nil; iterations = 1; salt = nil; hash = nil
if hashed_password =~ /^\{(.+)\}(\w+)-((\d+)-)?(\w+)$/
# puts "#{$1} #{$2} #{$4} #{$5}"
algo = $1
salt = $2
iterations = $4.to_i if $4
hash = $5
else
abort "Unknown hash format"
end
new_hash = (salt + password).bytes
digest = OpenSSL::Digest.new(algo.gsub('-', ''))
1.upto(iterations) do
digest.reset
digest << new_hash.pack('c*')
new_hash = digest.to_s.scan(/../).map(&:hex)
end
if hashed_password.end_with?("-#{digest.to_s}")
puts "OK"
exit 0
else
puts "Different password"
exit 1
end
$ ruby cq_password.rb '{sha1}c0febec4a7f59192-32a743b5dea5e3bdf461886968bab849ee2b9eee' 'admin'
OK
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment