I am getting error while hashing the pain text password using Bcrypt in Python. I am providing the error below.
Traceback (most recent call last):
File "hash.py", line 3, in <module>
hashed = hashpw(plaintext_password, gensalt(log_rounds=13))
TypeError: gensalt() got an unexpected keyword argument 'log_rounds'
My code is given below.
from bcrypt import hashpw, gensalt
plaintext_password = 'subhra123#'
hashed = hashpw(plaintext_password, gensalt(log_rounds=13))
print hashed
Here I need to hash my password.
Your error comes from log_rounds, you simply should just use the number. Here is an example:
hashed = hashpw(plaintext_password, gensalt(13))
From the official docs:
Adjustable Work Factor
One of bcrypt’s features is an adjustable logarithmic work factor. To adjust the work factor merely pass the desired number of rounds to bcrypt.gensalt(rounds=12) which defaults to 12):
Working demo:
import bcrypt
password = b"super secret password"
# Hash a password for the first time, with a certain number of rounds
hashed = bcrypt.hashpw(password, bcrypt.gensalt(14))
# Check that a unhashed password matches one that has previously been
# hashed
if bcrypt.hashpw(password, hashed) == hashed:
print("It Matches!")
else:
print("It Does not Match :(")
Here is a link to the docs, where it specifies how to work with this.
Hope this helps!
I thing you want to use gensalt(13) or gensalt(rounds=13) instead of gensalt(log_rounds=13).
Related
I am working on an encryption program with Pycryptodome in Python 3. I am trying to encrypt a (byte) string and then decrypt it and verify the MAC tag. When I get to verify it, an error is thrown.
This is the code:
from Crypto.Cipher import AES
from Crypto.Random import get_random_bytes
aes_key = get_random_bytes(24)
aes_cipher = AES.new(aes_key, AES.MODE_GCM)
encrypted, MACtag = aes_cipher.encrypt_and_digest(b"A random thirty two byte string.")
# Imagine this is happening somewhere else
new_aes_cipher = AES.new(aes_key, AES.MODE_GCM, nonce=aes_cipher.nonce)
new_aes_cipher.verify(MACtag)
decrypted = new_aes_cipher.decrypt(encrypted)
And this is the error:
Traceback (most recent call last):
File "aespractice.py", line 10, in <module>
new_aes_cipher.verify(tag)
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-
packages/Crypto/Cipher/_mode_gcm.py", line 441, in verify
raise ValueError("MAC check failed")
ValueError: MAC check failed
I've looked at the documentation, and I it looks to me like everything is all right. Why do you think the program is acting this way? Any help would be appreciated.
If you look at the state diagram for authenticated modes:
You see that verify() should be called at the very end, after any decrypt() has taken place.
So, either you invert the calls or you replace them with a combined decrypt_and_verify().
I have made a script for checking if a variable is the same as an input variable:
def password():
userPassword = str(input("Type Your Password: "))
if userPassword == storedPassword:
print 'Access Granted'
else:
print 'Access Denied'
password()
However whenever I type a letter for the input, it throws a NameError, but it works fine with numbers.
Error:
Traceback (most recent call last):
File "C:\Users\***\Desktop\Test\Script.py", line 16, in <module>
password()
File "C:\Users\***\Desktop\Test\Script.py", line 9, in password
userPassword = str(input("Type Your Password: "))
File "<string>", line 1, in <module>
NameError: name 'f' is not defined
You need to use raw_input instead of input on python 2.
Using input attempts to evaulate whatever you pass it. In the case of an integer it just resolves to that integer. In the case of a string, it'll attempt to find that variable name and that causes your error.
You can confirm this by typing a 'password' such as password which would have your input call return a reference to your password function.
Conversely, raw_input always returns a string containing the characters your user typed. Judging by your attempt to cast whatever the user types back into a string, this is exactly what you want.
userPassword = raw_input("Type Your Password: ")
For Python 2.7 you need to use raw_input() instead of input(), input() actually evaluates the input as Python code. raw_input() returns the verbatim string entered by the user.
See Python 2.7 getting user input and manipulating as string without quotations
import smtplib
smtpserver = s.connect("mail.btinternet.com", 465)
SMTP.helo("mail.btinternet.com")
SMTP.ehlo("mail.btinternet.com")
file = open("Combo.txt", "r")
for line in file:
x = line.split(":")
user = x[0]
password = x[1]
s.login(user, password)
print("[+] Password Found: %s" % password)
if smtplib.SMTPAuthenticationError:
print("Incorrect")
Here's my code. It checks a list of email/password combinations from a file to see if it is on a specific server (in my case BT).
But I am having trouble with the library names, I am not sure what to use. I checked on python docs but it wasn't clear enough, if someone can tell me as to what is incorrect I would deeply appreciate it.
Error received.
This will also give me errors for the other incorrect library names
Traceback (most recent call last):
File "main.py", line 3, in <module>
smtpserver = s.connect("mail.btinternet.com", 465)
NameError: name 's' is not defined
exited with non-zero status
For your problem I think the reason why as to your libraries are not working properly is because you're calling your imported library inconsistently:
e.g. sometimes you type 's.xxxxx', sometimes you type 'SMTPlib.xxxxx' for your module attributes, you should import smtplib as 's'.
So what does this is it stores the library in a short form named 's', so whenever you call a module or use a function from the library, you don't have to type the full '.smtplib' but instead just type a '.s' extension behind the specific function:
import smtplib as s
smtpserver = s.connect("mail.btinternet.com", 465)
s.helo("mail.btinternet.com")
s.ehlo("mail.btinternet.com")
file = open("Combo.txt", "r")
for line in file:
x = line.split(":")
user = x[0]
password = x[1]
s.login(user, password)
print("[+] Password Found: %s" % password)
if s.SMTPAuthenticationError:
print("Incorrect")
Should fix your problems now. remember to call functions from the specific library name in a consistent manner ('s').
I am getting error while encrypting the password using Python. I am explaining the error below.
Error:
Traceback (most recent call last):
File "password.py", line 60, in <module>
hashed_password = hashlib.sha512(sword + salt).hexdigest()
TypeError: cannot concatenate 'str' and 'list' objects
My code is given below.
import hashlib
value = "2Y7xk5vrs5DeCcSdinRVKQ=="
salt = value.split()
sword = "subhra1234"
hashed_password = hashlib.sha512(sword + salt).hexdigest()
print(hashed_password)
Here I need to use own salt value and trying to encrypting the password. Please help to resolve this error.
Like #MosesKoledoye said, you don't need to call split on the salt:
import hashlib
salt = "2Y7xk5vrs5DeCcSdinRVKQ=="
sword = "subhra1234"
hashed_password = hashlib.sha512(sword + salt).hexdigest()
print(hashed_password)
I'm beginning to use CGI with Python.
After running the following piece of code:
#!c:\python34\python.exe
import cgi
print("Content-type: text/html\n\n") #important
def getData():
formData = cgi.FieldStorage()
InputUN = formData.getvalue('username')
InputPC = formData.getvalue('passcode')
TF = open("TempFile.txt", "w")
TF.write(InputUN)
TF.write(InputPC)
TF.close()
if __name__ =="__main__":
LoginInput = getData()
print("cgi worked")
The following error occurs:
Traceback (most recent call last):
File "C:\xampp\htdocs\actual\loginvalues.cgi", line 21, in <module>
LoginInput = getData()
File "C:\xampp\htdocs\actual\loginvalues.cgi", line 16, in getData
TF.write(InputUN)
TypeError: must be str, not None
>>>
I'm trying to write the values, inputted in html, to a text file.
Any help would be appreciated :)
Your calls to getValue() are returning None, meaning the form either didn't contain them, had them set to an empty string, or had them set by name only. Python's CGI module ignores inputs that aren't set to a non-null string.
Works for Python CGI:
mysite.com/loginvalues.cgi?username=myname&pass=mypass
Doesn't work for Python CGI:
mysite.com/loginvalues.cgi?username=&pass= (null value(s))
mysite.com/loginvalues.cgi?username&pass (Python requires the = part.)
To account for this, introduce a default value for when a form element is missing, or handle the None case manually:
TF.write('anonymous' if InputUN is None else InputUN)
TF.write('password' if InputPC is None else InputUN)
As a note, passwords and other private login credentials should never be used in a URL. URLs are not encrypted. Even in HTTPS, the URL is sent in plain text that anyone on the network(s) between you and your users can read.
The only time a URL is ever encrypted is over a tunneled SSH port or an encrypted VPN, but you can't control that, so never bank on it.