static void
test_pass_hostname ()
{
check_pass("http://test.local", "http", "test.local", HTTP_DEFAULT_PORT, "");
check_pass("http://test.local/", "http", "test.local", HTTP_DEFAULT_PORT, "/");
check_pass("http://test.local/path", "http", "test.local", HTTP_DEFAULT_PORT, "/path");
check_pass("http://test.local/path/", "http", "test.local", HTTP_DEFAULT_PORT, "/path/");
check_pass("http://test.local/path/more", "http", "test.local", HTTP_DEFAULT_PORT, "/path/more");
check_pass("http://test.local:81", "http", "test.local", 81, "");
check_pass("http://test.local:81/", "http", "test.local", 81, "/");
check_pass("http://test.local:81/path", "http", "test.local", 81, "/path");
check_pass("http://test.local:81/path/", "http", "test.local", 81, "/path/");
check_pass("http://test.local:81/path/more", "http", "test.local", 81, "/path/more");
}
/*
* If requested via GET, serves the login page.
* If requested via POST (form submission), checks password and logs user in.
*/
static void login_handler(struct mg_connection *nc, int ev, void *p) {
struct http_message *hm = (struct http_message *) p;
if (mg_vcmp(&hm->method, "POST") != 0) {
/* Serve login.html */
mg_serve_http(nc, (struct http_message *) p, s_http_server_opts);
} else {
/* Perform password check. */
char user[50], pass[50];
int ul = mg_get_http_var(&hm->body, "user", user, sizeof(user));
int pl = mg_get_http_var(&hm->body, "pass", pass, sizeof(pass));
if (ul > 0 && pl > 0) {
if (check_pass(user, pass)) {
struct session *s = create_session(user, hm);
mg_printf(nc, "HTTP/1.0 302 Found\r\n");
set_session_cookie(nc, s);
mg_printf(nc, "Location: /\r\n");
mg_printf(nc, "\r\nHello, %s!\r\n", s->user);
fprintf(stderr, "%s logged in, sid %" INT64_X_FMT "\n", s->user, s->id);
} else {
mg_printf(nc, "HTTP/1.0 403 Unauthorized\r\n\r\nWrong password.\r\n");
}
} else {
mg_printf(nc, "HTTP/1.0 400 Bad Request\r\n\r\nuser, pass required.\r\n");
}
nc->flags |= MG_F_SEND_AND_CLOSE;
}
(void) ev;
}
int cmd_pass(t_info *info, char *str)
{
char *arg;
int ret;
char buffer[256];
if ((arg = get_cmd_arg(str)) == NULL)
{
send_answer(info, "Missing password.", 501);
return (0);
}
ret = check_pass(info, arg);
if (ret == 0)
{
snprintf(buffer, 255, "Bad password.");
send_answer(info, buffer, 530);
info->keep_connected = 0;
return (0);
}
if (ret == 1)
{
snprintf(buffer, 255, "User %s logged in.", info->user_selected);
return (log_user(info, buffer, 230));
}
return (1);
}
static void
test_fail_ipv6 ()
{
check_pass("http://[::1]", "http", "[::1]", HTTP_DEFAULT_PORT, "");
check_pass("http://[::1]/", "http", "[::1]", HTTP_DEFAULT_PORT, "/");
check_pass("http://[::1]/path", "http", "[::1]", HTTP_DEFAULT_PORT, "/path");
check_pass("http://[::1]/path/", "http", "[::1]", HTTP_DEFAULT_PORT, "/path/");
check_pass("http://[::1]:81", "http", "[::1]", 81, "");
check_pass("http://[::1]:81/", "http", "[::1]", 81, "/");
check_pass("http://[::1]:81/path", "http", "[::1]", 81, "/path");
check_pass("http://[::1]:81/path/", "http", "[::1]", 81, "/path/");
check_pass("http://[::1]:81/path/more", "http", "[::1]", 81, "/path/more");
}
static void
test_pass_ipv4 ()
{
check_pass("http://127.0.0.1", "http", "127.0.0.1", HTTP_DEFAULT_PORT, "");
check_pass("http://127.0.0.1/", "http", "127.0.0.1", HTTP_DEFAULT_PORT, "/");
check_pass("http://127.0.0.1/path", "http", "127.0.0.1", HTTP_DEFAULT_PORT, "/path");
check_pass("http://127.0.0.1/path/", "http", "127.0.0.1", HTTP_DEFAULT_PORT, "/path/");
check_pass("http://127.0.0.1:81", "http", "127.0.0.1", 81, "");
check_pass("http://127.0.0.1:81/", "http", "127.0.0.1", 81, "/");
check_pass("http://127.0.0.1:81/path", "http", "127.0.0.1", 81, "/path");
check_pass("http://127.0.0.1:81/path/", "http", "127.0.0.1", 81, "/path/");
check_pass("http://127.0.0.1:81/path/more", "http", "127.0.0.1", 81, "/path/more");
}
void hack_system(char * correct_pass) {
if (check_pass(correct_pass)) {
printf("OK: You have found correct password: '******'\n", correct_pass);
printf("OK: Congratulations!\n");
exit(0);
} else {
printf("FAIL: The password '%s' is not correct! You have failed\n");
exit(3);
};
};
int
main (int argc, char **argv)
{
char *s, *pass = 0;
int i;
INIT ();
while ((i = getopt (argc, argv, "c:vh")) != -1)
{
switch (i)
{
case 'c':
pass = optarg;
break;
default:
usage ();
}
}
if (!argv[optind])
usage ();
if (pass)
{
if (check_pass (pass, argv[optind]))
puts ("invalid password");
else
puts ("OK");
}
else
{
Current_Time = time (0);
init_random ();
s = generate_pass (argv[optind]);
puts (s);
if (check_pass (s, argv[optind]))
puts ("error");
FREE (s);
CLEANUP ();
}
exit (0);
}
int check_passwd(const char* name, const char* passwd)
{
struct spwd *sp;
if ((sp = getspnam(name)) == NULL)
return NOT_FOUND;
if (!check_pass(passwd,sp->sp_pwdp))
return NOT_FOUND;
return OP_OK;
}
auto moveto(const CFDAStar::NODE& node, T insert2, Y check_pass, U hn) {
CFDAStar::NODE tmp;
// 计算节点位置
tmp.x = node.x + xplus; tmp.y = node.y + yplus;
// 可以通行
if (!check_pass(tmp.x, tmp.y)) return;
// 记录父节点位置
tmp.px = -xplus; tmp.py = -yplus;
// 计算g(n)
tmp.gn = node.gn + gplus;
// f(n) = g(n) + h(n)
tmp.fn = tmp.gn + hn(tmp.x, tmp.y);
// 插入
insert2(tmp);
};
HS_BOOL8 CHSInterface::ValidatePlayerPassword(HS_DBREF dbPlayer,
const HS_INT8 * pcPassword)
{
#ifdef PENNMUSH // No change in code between versions
if (password_check(dbPlayer, pcPassword) != 0)
{
return true;
}
#endif
#if defined(TM3) || defined(MUX)
if (check_pass(dbPlayer, pcPassword) != 0)
{
return true;
}
#endif
return false;
}
int main(int argc, char ** argv) {
char guess[17];
char chars[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
char best_char;
int i, j;
int len;
int max;
unsigned long t_s;
unsigned long t_e;
unsigned long times[100];
bzero(guess, sizeof(guess));
for (len = 0; len < 16; len++)
{
max = 0;
for (i = 0; chars[i]; i++)
{
guess[len] = chars[i];
for (j = 0; j < 100; j++)
{
t_s = rdtsc();
if (check_pass(guess))
hack_system(guess);
t_e = rdtsc();
times[j] = t_e - t_s;
}
qsort(times, 100, sizeof(unsigned long), int_cmp);
if (times[49] > max) {
max = times[49];
best_char = chars[i];
}
}
guess[len] = best_char;
}
return 1;
}
int main(int argc, char ** argv) {
char guess[33];
// set guess to zeros
bzero(guess, sizeof(guess));
// do the guessing (this is where your code goes)
// we suggest a loop over the size of the possible
// password, each time trying all possible characters
// and looking for time deviations
int i;
char ascii;
unsigned long start_time;
unsigned long end_time;
unsigned long diff;
unsigned long prev_maximum = 0;
unsigned long prev_prev_maximum = 0;
int n = 0;
for (i = 0; i < 33; i++)
{
unsigned long guess_medians[94];
for(ascii = 33; ascii < 127; ascii++)
{
guess[i] = ascii;
unsigned long char_medians[101];
int j;
for (j = 0; j < 101; j++)
{
start_time = rdtsc();
if (check_pass(guess))
{
printf("Password Found!\n");
hack_system(guess);
}
end_time = rdtsc();
diff = end_time - start_time;
char_medians[j] = diff;
}
qsort(char_medians, 101, sizeof(unsigned long), cmpfunc);
guess_medians [ascii-33] = char_medians[50];
}
int j;
unsigned long maximum = guess_medians[0];
char guess_character = 33;
for (j = 1; j < 94; j++)
{
if (guess_medians[j] > maximum)
{
maximum = guess_medians[j];
guess_character = j + 33;
}
}
// Backtracking part
guess[i] = guess_character;
start_time = rdtsc();
if (check_pass(guess))
{
break;
}
end_time = rdtsc();
diff = end_time - start_time;
if (prev_maximum > diff)
{
i-=2;
prev_maximum = prev_prev_maximum;
}
else
{
prev_prev_maximum = prev_maximum;
prev_maximum = diff;
}
}
/*
if (check_pass(guess)) {
printf("Password Found!\n");
hack_system(guess);
};*/
printf("Could not get the password! Last guess was %s\n", guess);
return 1;
};
void ac_EnterPassword()
{
SDL_Event event;
MENU *m = &PasswordMenu;
char pass[16];
m->num = 51;
m->sel = 0;
memset(pass, 0, sizeof(pass));
done = 0;
while(!done) {
while(SDL_PollEvent(&event))
if(event.type == SDL_KEYDOWN) {
if(event.key.keysym.sym == SDLK_LEFT) {
if(m->sel > 0) {
m->sel--;
PlaySound(0);
} else {
m->sel = m->num - 1;
}
} else if(event.key.keysym.sym == SDLK_RIGHT) {
if(m->sel < m->num - 1) {
m->sel++;
PlaySound(0);
} else {
m->sel = 0;
}
} else if(event.key.keysym.sym == SDLK_LCTRL) {
if(strlen(pass) < 5) {
strncat(pass, PassChars + m->sel, 1);
}
} else if(event.key.keysym.sym == SDLK_LALT) {
if(strlen(pass) != 0) {
pass[strlen(pass) - 1] = 0;
}
} else if(event.key.keysym.sym == SDLK_RETURN) {
int i;
if((i = check_pass(pass)) != -1 &&
(pass[4] == '1' || pass[4] == '2')) {
PlayGame(NORMAL, i, 0, pass[4] & 3);
CheckForRecord();
} else {
PlaySound(1);
MPrint("INVALID PASSWORD!!", 190, 255, 252);
BlitAndWait(50);
}
done = 1;
} else if(event.key.keysym.sym == SDLK_ESCAPE) {
done = 1;
}
}
SDL_BlitSurface(title, NULL, gamescreen, NULL);
MPrint(m->header, m->y, m->col, 252);
DrawLetters(m->sel);
MPrint(pass, 150, 255, 252);
PutBox(158, 123, 168, 135, 83);
PutBox(134, 148, 184, 160, 83);
MPrint("PRESS LEFT/RIGHT TO SELECT", 170, 255, 252);
MPrint("<START> TO CONFIRM", 180, 255, 252);
BlitAndWait(1);
}
done = 0;
}
/* void protocol1
* buffer* recv_buffer - buffer containing the message sent by the client to the proxy
* server_stat* status - status and general information from the server
* Processes the recv_buf as the class protocol dictates
*/
void protocol1(buffer* recv_buf, server_stat* status){
struct timeval timeout;
struct timeval timeout_0;
// timeouts
timeout.tv_sec = 1;
timeout.tv_usec = 0;
timeout_0.tv_sec = 0;
timeout_0.tv_usec = 0;
timeout_setup(status->udp_sock, timeout);
// giant mess of conditionals
fprintf(stdout, "\tversion 1 protocol\n");
int error = 0;
header msg_header = extract_header(recv_buf);
if (status->connected == 0) {
if (check_pass(&msg_header, 0)) {
if (get_command(&msg_header) == CONNECT) {
fprintf(stdout, "\tReplying with password\n");
status->connected = 1;
msg_header.data[1] = status->password;
insert_header(recv_buf, msg_header);
if (udp_send(recv_buf, status) < 0) {
fprintf(stderr, "sendto()\n");
}
} else {
fprintf(stderr, "ERROR: Unexpected Command\n");
error = -2;
}
} else {
fprintf(stderr, "ERROR: Incorrect Password\n");
}
} else if (status->connected == 1) {
if (check_pass(&msg_header, status->password)) {
if (get_command(&msg_header) == CONNECT) {
status->connected = 2;
timeout_setup(status->udp_sock, timeout_0);
fprintf(stdout, "\tConnected to a client\n");
} else {
fprintf(stderr, "ERROR: Unexpected Command\n");
error = -2;
}
} else {
fprintf(stderr, "ERROR: Incorrect Password\n");
error = -2;
}
} else {
if (!check_pass(&msg_header, status->password)) {
fprintf(stderr, "ERROR: Incorrect Password\n");
error = -2;
} else {
fprintf(stdout, "\t\tReceived Message:\n");
print_header(recv_buf);
switch (get_command(&msg_header)) {
case CONNECT:
fprintf(stderr, "ERROR: Unexpected Command\n");
error = -2;
break;
case QUIT:
quit(recv_buf, status);
timeout_setup(status->udp_sock, timeout_0);
break;
default:
error = request_command(recv_buf, status);
break;
}
}
}
if (error == -2) {
fprintf(stderr, "ERROR: Invalid client request\n");
send_error(status, CLIENT_ERROR);
} else if (error == -1) {
fprintf(stderr, "ERROR: Problem with http response\n");
send_error(status, HTTP_ERROR);
}
}
