I'm trying enhance the current implementation of password hiding stated
Am I using it wrongly? As below is my code:
import hashlib
import binascii
def Encrypt_Pass(password, authenticator, secret):
m = hashlib.md5()
m.update(secret+authenticator)
return "".join(chr(ord(x) ^ ord(y)) for x, y in zip(password.ljust
(16,'\0')[:16], m.digest()[:16]))
result = Encrypt_Pass("abcd1","344c71c77a2b845b8856ffa968740b73","sharedsecret")
ciphertext = "6ed3a35440abe69b2e8698109b809932"#plaintext is cisco123
print result.encode("hex")
Result is shown below :
2509f347a7c5bde3977bb944ae0eb89a
As you can see the returned ciphertext DOES NOT match the encrypted password I capture ! Am I using the code wrongly? I verified that the plaintext password and shared key used are accurate.
Appreciate if someone could point me the right direction.
Your authenticator is a hex string. It needs to be converted to a binary string.
import hashlib
from binascii import a2b_hex
def Encrypt_Pass(password, authenticator, secret):
m = hashlib.md5()
m.update(secret + a2b_hex(authenticator))
return "".join(chr(ord(x) ^ ord(y)) for x, y in zip(password.ljust
(16,'\0')[:16], m.digest()[:16]))
result = Encrypt_Pass("cisco123","344c71c77a2b845b8856ffa968740b73","sharedsecret")
ciphertext = "6ed3a35440abe69b2e8698109b809932"#plaintext is cisco123
print result.encode("hex")