Skip to content

Commit

Permalink
improvements
Browse files Browse the repository at this point in the history
  • Loading branch information
@fportantier
fportantier committed Jun 14, 2019
1 parent 567663f commit 0055ef2
Show file tree
Hide file tree
Showing 12 changed files with 44,619 additions and 77 deletions.
1 change: 1 addition & 0 deletions .~lock.owasp-asvs-4.0.csv#
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
,f,p,13.06.2019 20:06,file:///home/f/.config/libreoffice/4;
10 changes: 5 additions & 5 deletions bad/libmfa.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@

def mfa_is_enabled(username):

conn = sqlite3.connect('users1.sqlite')
conn = sqlite3.connect('db_users.sqlite')
conn.set_trace_callback(print)
conn.row_factory = sqlite3.Row
c = conn.cursor()
Expand All @@ -19,7 +19,7 @@ def mfa_is_enabled(username):

def mfa_disable(username):

conn = sqlite3.connect('users1.sqlite')
conn = sqlite3.connect('db_users.sqlite')
conn.set_trace_callback(print)
conn.row_factory = sqlite3.Row
c = conn.cursor()
Expand All @@ -34,7 +34,7 @@ def mfa_enable(username):

#secret=pyotp.random_base32()

conn = sqlite3.connect('users1.sqlite')
conn = sqlite3.connect('db_users.sqlite')
conn.set_trace_callback(print)
conn.row_factory = sqlite3.Row
c = conn.cursor()
Expand All @@ -50,7 +50,7 @@ def mfa_get_secret(username):

#secret=pyotp.random_base32()

conn = sqlite3.connect('users1.sqlite')
conn = sqlite3.connect('db_users.sqlite')
conn.set_trace_callback(print)
conn.row_factory = sqlite3.Row
c = conn.cursor()
Expand All @@ -68,7 +68,7 @@ def mfa_reset_secret(username):

secret=pyotp.random_base32()

conn = sqlite3.connect('users1.sqlite')
conn = sqlite3.connect('db_users.sqlite')
conn.set_trace_callback(print)
conn.row_factory = sqlite3.Row
c = conn.cursor()
Expand Down
2 changes: 1 addition & 1 deletion good/cutpasswd.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@

password = password.strip()

if len(password) < 8:
if len(password) < 12:
continue

if len(re.findall(r'[a-z]', password)) < 1:
Expand Down
12 changes: 6 additions & 6 deletions good/db_init.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,25 +2,25 @@

import os
import sqlite3
from libuser import user_create

def db_init_users():

users = [
('admin', 'SuperSecret'),
('elliot', '123123123'),
('tim', '123123123')
('tim', '12345678')
]

conn = sqlite3.connect('db_users.sqlite')
c = conn.cursor()
c.execute("CREATE TABLE users (username text, password text, failures int, mfa_enabled int, mfa_secret text)")

for u,p in users:
c.execute("INSERT INTO users (username, password, failures, mfa_enabled, mfa_secret) VALUES ('%s', '%s', '%d', '%d', '%s')" %(u, p, 0, 0, ''))

c.execute("CREATE TABLE users (username text, password text, salt text, failures int, mfa_enabled int, mfa_secret text)")
conn.commit()
conn.close()

for u,p in users:
user_create(u, p)


def db_init_posts():

Expand Down
Loading

0 comments on commit 0055ef2

Please sign in to comment.