This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function getAFuckingLifeYouAsshatMonkeyShitHurler() { | |
var null = ''; | |
var methodProxy = javacast('null',chr(0)); | |
var args = {1='scum sucking asshat-wearing Neanderfuck'}; | |
var ctx = getPageContext().getFusionContext(); | |
ctx.parent._set('methodProxy', ctx.parent.createObject('java','coldfusion.runtime.java.JavaProxy').init( ctx.parent._autoscalarize( ctx.parent._get('plainOldComponent').echo )) ); | |
actual = methodProxy.invoke(null, null, ctx.parent, args); | |
debug(actual); | |
assertEquals( 'scum sucking asshat-wearing Neanderfuck' , actual ); | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<cffunction name="computeHash" access="public" returntype="String"> | |
<cfargument name="password" type="string" /> | |
<cfargument name="salt" type="string" /> | |
<cfargument name="iterations" type="numeric" required="false" default="1024" /> | |
<cfargument name="algorithm" type="string" required="false" default="SHA512" /> | |
<cfscript> | |
var digest = ''; | |
var i = 1; | |
var input = ''; | |
digest = createObject("java", "java.security.MessageDigest"); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<cffunction name="hashMyPassword"> | |
<cfset var password = "p@ssW0rd" /> | |
<cfset var crypto = createObject('component', 'Crypto') /> | |
<cfset var salt = crypto.genSalt() /> | |
<cfset var passwordHash = crypto.computeHash(password,salt) /> | |
<!--- | |
Store both the salt and the passwordHash in the database. | |
---> | |
</cffunction> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<cffunction name="genBinarySalt" access="private" returnType="binary" output="no"> | |
<cfargument name="size" type="numeric" required="true"/> | |
<cfscript> | |
var byteType = createObject('java', 'java.lang.Byte').TYPE; | |
var bytes = createObject('java','java.lang.reflect.Array').newInstance( byteType , size); | |
var rand = createObject('java', 'java.security.SecureRandom').nextBytes(bytes); | |
return bytes; | |
</cfscript> | |
</cffunction> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<cffunction name="computeHash" access="public" returntype="String"> | |
<cfargument name="password" type="string" /> | |
<cfargument name="salt" type="string" /> | |
<cfargument name="iterations" type="numeric" required="false" default="1024" /> | |
<cfargument name="algorithm" type="string" required="false" default="SHA-512" /> | |
<cfscript> | |
var hashed = ''; | |
var i = 1; | |
hashed = hash( password & salt, arguments.algorithm, 'UTF-8' ); | |
for (i = 1; i <= iterations; i++) { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<!------------------------------------------------------------------------- | |
Assume a login form with username and pasword: | |
form.user_id and form.password | |
--------------------------------------------------------------------------> | |
<cfquery name="loginQuery" datasource="users" maxrows="1"> | |
SELECT password_hash, salt | |
FROM USERS where user_id = <cfqueryparam cfsqltype="CF_SQL_VARCHAR" value="#form.user_id#" maxlength="12" /> | |
</cfquery> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<cfquery name="q" datasource="users"> | |
insert into users | |
(user_id,password_hash,salt) | |
values | |
('#user_id#','#passwordHash#','#salt#') | |
</cfquery> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<cffunction name="genSalt" access="public" returnType="string"> | |
<cfargument name="size" type="numeric" required="false" default="16" /> | |
<cfscript> | |
var byteType = createObject('java', 'java.lang.Byte').TYPE; | |
var bytes = createObject('java','java.lang.reflect.Array').newInstance( byteType , size); | |
var rand = createObject('java', 'java.security.SecureRandom').nextBytes(bytes); | |
return toBase64(bytes); | |
</cfscript> | |
</cffunction> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<cffunction name="genSalt" access="public" returnType="string"> | |
<cfargument name="size" type="numeric" required="false" default="16" /> | |
<cfscript> | |
var byteType = createObject('java', 'java.lang.Byte').TYPE; | |
var bytes = createObject('java','java.lang.reflect.Array').newInstance( byteType , size); | |
var rand = createObject('java', 'java.security.SecureRandom').nextBytes(bytes); | |
return toBase64(bytes); | |
</cfscript> | |
</cffunction> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<cfset user_id = "bill" /> | |
<cfset password = "p@ssW0rd" /> | |
<cfset crypto = createObject('component', 'Crypto') /> | |
<cfset salt = crypto.genSalt() /> | |
<cfset passwordHash = crypto.computeHash(password,salt) /> |