Passwords Txt

Passwords Txt

Home

Passwords Txt

Replies are listed 'Best First'. By (Scribe) on Sep 28, 2018 at 08:08 UTC 'storing your passwords.txt in /tmp isn't wise' I move it to /etc/httpd/password.txt 'You don't set a session' how to set a session? Pls guide me. I will add it. 'see CGI::Alternatives.'

It is already included in Kali Linux in usr/share/wordlists/rockyou.txt.gz (gunzipped) to unzip just go to that directory and type: [code]gzip -d rockyou.txt.gz [/code]It. Weakpass Weakpass. Calculator; Download; Lists. Online; Online; Policy; Offline; All; Tiny; Small; Medium; Big; Huge.

What Can I get from it to enhance the code? I am runnig Apache with http.

If run it with httpS and self signed certificate, Will it be better? I am also trying to add 'onclick'funtion to my below login.html file to a give error message, if wrong inputs were entered. I am currently having them in login.cgi code.

Which way is better? I am some miles away from completing a nice and secure code. I hope perl monks will come up with their views. By (Archbishop) on Sep 28, 2018 at 12:13 UTC 'I move it to /etc/httpd/password.txt' Also consider permissions, who else can get access to this file? I tend to keep this sort of thing in a database.

Play a round of golf on one of Fiji’s challenging championship courses or a take gentle jaunt on horseback at sunset. 1s 77 kryak.

'What Can I get from it to enhance the code?' Well it contains a lot of advice which you shouldn't ignore, examples of sane ways to approach such problems in modern frameworks. Developing secure web applications isn't easy. What you have right now is a splash page redirecting those with a valid username and password to another page, which has no authentication on it whatsoever, nothing to stop anyone emailing the URL to someone else, who would be able to see it without any login details. Suggests other ways to achieve what you're actually trying to do, which will make your life easy if you take the time to learn the basics of what you're doing, rather than trying to implement something where security is without understanding such things.

One of those is, which has fantastic, you should pay special attention to the. Gets you started.

Goes on to show (wait for it) an example of how to implement an application which requires users to login. Finally HTTPS, for sure, may be of interest. This requires you to invest time in yourself, learning how to achieve what you want and what the tools available to you do.

Modern frameworks make life easier. It's not the mid 1990s anymore (thankfully). Update: Fixed some typos. By (Canon) on Sep 28, 2018 at 08:56 UTC I am runnig Apache with http. If run it with httpS and self signed certificate, Will it be better? Yes it will because then your users' passwords will not be sent over the wire in the clear for any malefactor to read. It would be better still if your certificate were not self-signed.

I am also trying to add 'onclick'funtion to my below login.html file to a give error message, if wrong inputs were entered. I am currently having them in login.cgi code. Which way is better? Both is better.

Having it on the front-end prevents unnecessary round trips. Having it on the back-end too allows handling for those with javascript disabled.

Note that neither of these questions have much to do with Perl. You might benefit from reading up on the general basics of web server (and web application) security first. By on Sep 29, 2018 at 04:31 UTC Dear Marto, Please post an SSCCE using Mojolicious to do what the OP asked. Thank you by (Archbishop) on Sep 30, 2018 at 11:22 UTC This already exists in the tutorials I linked to in a, other existing response cover the plaintext password issue. Why duplicate the effort when such a comprehensive resource already exists?

Passwords.txt example

OP has a history of copying and pasting code, without trying to understand what the code does. Since OP seems to care about doing things securely, understanding the tools and environments involved is fundamental to a secure way of working.

Just dumping working code won't improve OPs knowledge or skills.

9 Comments