adding docs/HOWTO.hashgen- OOPS.
This commit is contained in:
parent
b95bef3b17
commit
6f53d09b04
|
|
@ -22,4 +22,4 @@ if __name__ == '__main__':
|
|||
for a in arch:
|
||||
bchroot.chroot(conf['build']['chrootdir'] + '/root.' + a, 'bdisk.square-r00t.net')
|
||||
bchroot.chrootUnmount(conf['build']['chrootdir'] + '/root.' + a)
|
||||
build.chrootClean(conf['build'])
|
||||
#build.chrootClean(conf['build'])
|
||||
|
|
|
|||
|
|
@ -22,32 +22,30 @@ def chrootClean(build):
|
|||
tar.add(dbdir, arcname = os.path.basename(dbdir))
|
||||
# Cut out the fat
|
||||
# The following are intended as "overrides" of the paths we'll be deleting.
|
||||
backup = {}
|
||||
backup['dirs'] = ['/var/lib/pacman/local']
|
||||
backup['files'] = ['/usr/share/locale/locale.alias',
|
||||
'/usr/share/zoneinfo/EST5EDT',
|
||||
'/usr/share/zoneinfo/UTC',
|
||||
'/usr/share/locale/en',
|
||||
'/usr/share/locale/en_US',
|
||||
'/usr/share/locale/en_GB']
|
||||
backup = ['/var/lib/pacman/local',
|
||||
'/usr/share/locale/locale.alias',
|
||||
'/usr/share/zoneinfo/EST5EDT',
|
||||
'/usr/share/zoneinfo/UTC',
|
||||
'/usr/share/locale/en',
|
||||
'/usr/share/locale/en_US',
|
||||
'/usr/share/locale/en_GB']
|
||||
# And these are what we remove.
|
||||
delete = {}
|
||||
delete['dirs'] = ['/usr/share/locale/*',
|
||||
'/var/cache/pacman/*',
|
||||
'/var/cache/pkgfile/*',
|
||||
'/var/cache/apacman/pkg/*',
|
||||
'/var/lib/pacman/*',
|
||||
'/var/abs/local/yaourtbuild/*',
|
||||
'/usr/share/zoneinfo',
|
||||
'/root/.gnupg',
|
||||
'/tmp/*',
|
||||
'/var/tmp/*',
|
||||
'/var/abs/*',
|
||||
'/run/*',
|
||||
'/boot/*',
|
||||
'/usr/src/*',
|
||||
'/var/log/*',
|
||||
'/.git']
|
||||
delete = ['/usr/share/locale/',
|
||||
'/var/cache/pacman/',
|
||||
'/var/cache/pkgfile/',
|
||||
'/var/cache/apacman/pkg/',
|
||||
'/var/lib/pacman/',
|
||||
'/var/abs/local/yaourtbuild/',
|
||||
'/usr/share/zoneinfo',
|
||||
'/root/.gnupg',
|
||||
'/tmp/',
|
||||
'/var/tmp/',
|
||||
'/var/abs/',
|
||||
'/run/',
|
||||
'/boot/',
|
||||
'/usr/src/',
|
||||
'/var/log/',
|
||||
'/.git']
|
||||
delete['files'] = ['/root/.bash_history',
|
||||
'/root/apacman*',
|
||||
'/root/iso.pkgs*',
|
||||
|
|
|
|||
|
|
@ -0,0 +1,36 @@
|
|||
Generating a salted hash compatible with shadow(5) is a rather simple task.
|
||||
|
||||
If you haven't read the shadow(5) man page yet, I highly recommend it:
|
||||
|
||||
man 5 shadow
|
||||
|
||||
There are many ways in which you can generate a salted hash.
|
||||
|
||||
0.) Debian can do this with the mkpasswd utility (it's in Arch's AUR as debian-whois-mkpasswd):
|
||||
|
||||
mkpasswd --method=sha-512 --salt=aBcDeFgHiJ PASSWORD
|
||||
|
||||
(If a salt is not provided, one will be automatically generated. That is is the suggested method.)
|
||||
|
||||
1.) perl (PoC script welcome):
|
||||
|
||||
perl -e 'print crypt("PASSWORD","\$6\$aBcDeFgHiJ\$") . "\n"'
|
||||
|
||||
2.) python (extras/bin/hashgen.py):
|
||||
|
||||
python -c "import crypt, getpass, pwd; print crypt.crypt('PASSWORD','\$6\$aBcDeFgHiJ\$')"
|
||||
|
||||
3.) php:
|
||||
|
||||
php -r "\$password = readline('Password: '); \$saltRaw = random_bytes(8); \$salt = base64_encode(\$saltRaw); \$result = crypt(\$password,'\$6' . '\$' . \$salt .'\$'); print \$result . \"\n\";"
|
||||
|
||||
4.) even grub-crypt (if using legacy grub):
|
||||
|
||||
/sbin/grub-crypt --sha-512
|
||||
|
||||
The end-product should look something like this:
|
||||
|
||||
$6$aBcDeFgHiJ$Yh342vFH7MOjPNu9InFymD1Dd42i5cFsr1cTWdpKGNIkbRGR/ZKQDRPJ1ZeeGb7y894Tfh3iWZIJKu3phlsqQ1
|
||||
|
||||
If it doesn't, you did something incorrectly.
|
||||
Note that different hashes/the PoC scripts will result in a different string, but it should be the same length.
|
||||
Loading…
Reference in New Issue