Menu
I am Rishabh and am a beginner in Python Programming Language.. I have attempted to write a sort of an Authentication Program using Python.
Here's What I am doing in my Program:
The Encrypted Strings are stored as hidden text in the html code of the page:
<span style="background-color: white; display: none;">HELLO !! POST</span><br />
<span style="background-color: white; display: none;">HELLO !! POST</span><br />
<span style="background-color: white; display: none;">HELLO !! POST</span><br />
<span style="background-color: white; display: none;">HELLO !! POST</span><br />
<span style="background-color: white; display: none;">HELLO !! POST</span><br />
<span style="background-color: white; display: none;">IIKTxK6FBJC+or4JPyQqSI0BrAevMJix//LSgGyoiETg=</span><br />
<span style="background-color: white; display: none;">4M3CXPZGRKUsQRqbaOPd/gajp6XD9irrM2pQ8N9MHyM=</span><br />
<span style="background-color: white; display: none;">F5uxniPOSEiU2h/v1QreAx1+hXzW7GRRcJS15kYE/EM=</span><br />
<span style="background-color: white; display: none;">mAHuxBo7URh0QcRswXTccxq/sMTUNfbqmSaiopZxzuA=</span><br />
The random characters you see in the above html code is from the website:
The Problem:
The problem I have is that, This method strangely works only for a few users and the rest don't succeed in finding the exact string from the website source code even though the exact encrypted string is present in the website.
Please Download the Code and run it so that you can Understand
1. The Account which Sucessfully Logs in:
Username is : USER
Password is : TEMPPASS
This account works perfectly as I thought
2. The Accounts which strangely doesn't work:
Username is : user2
Password is : CLR
Can someone tell me why the first account works perfectly fine and the later fails ? And how do I Fix this issue ? Please guide me to fix this issue as I am a beginner.
Don't get confused by the Administrator Account.. Its just a Locally verified Account..
The Code:
import requests
from getpass import getpass
from bs4 import BeautifulSoup
import re
import csv
import time
from Crypto.Cipher import AES
import base64
counter =1
counter2=1
import requests
import urllib2
from bs4 import BeautifulSoup
import re
print("\nPlease Authenticate Yourself:")
#print("Welcome to Mantis\n")
user = raw_input("\nEnter Username:")
password= getpass("\nEnter Password:")
print "\n...................................................................."
matchstring="###"+user+":::"+password
matches=""
chkstr=matchstring
print chkstr
###Encryption
msg_text = chkstr.rjust(32)
secret_key = '1234567890123456'
cipher = AES.new(secret_key,AES.MODE_ECB)
encoded = base64.b64encode(cipher.encrypt(msg_text))
#encoded = encoded.encode('string-escape')
print "Encrypted Text: \n"+encoded
##print matchstring #data sent for Authentication
if encoded == "OiKUr4N8ZT7V7hZlwvnXP2d0F1I4xtktNbZSpNotJh0=":
print "\nHello Rishabh !! Is the Login Portal Locked ?"
print "\n\nAdministrator Access Granted"
counter2=2
if counter2==1:
###https://pastarchive.blogspot.in
###https://pastarchive.wordpress.com/2016/10/08/hello/
html_content = urllib2.urlopen('https://pastarchive.blogspot.in').read()
rematchstring=re.compile(encoded)
matches = re.findall(encoded, html_content);
if len(matches) != 0 or counter2==2:
print 'Sucessfully Logged in\n'
print 'Hello '+user.upper()+" !\n"
if user.upper()!="ADMINISTRATOR":
print "Thanks in Advance for using Eagle, the Advanced Data Parsing Algorithm."
print "\nCreator - Rishabh Raghunath, Electrical Engineering Student, MVIT\n"
time.sleep(1)
print "Let's Start !\n"
print ".....................................................................\n"
if len(matches) == 0:
print '\nUserName or Password is Incorrect\n'
print "Please Check Your mail in case your Password has been Changed"
print "Log in failed.\n"
time.sleep(5)
Please Try to help me out with this Strange Problem.. I don't have a clue how to solve this.. Thanks.
907
asked Feb 27 '26 08:02
The problem is because you use re and you have + in encodec. re treats + in special way so ie. 1+2 is searching 12 or 112 or 1112 etc.
Use html_content.find(encoded) which returns position of encodec in html_content or -1
Now you will have to use if matched != -1 or counter2 = 2 and if matched == -1:
BTW: you have mess in code. It could look like this.
from getpass import getpass
from Crypto.Cipher import AES
import base64
import urllib2
import time
# --- constants ---
SECRET_KEY = '1234567890123456'
# --- classes ---
# empty
# --- functions ---
# empty
# --- main ---
loggedin = False
# ------ input
print("\nPlease Authenticate Yourself:")
#print("Welcome to Mantis\n")
user = raw_input("\nEnter Username:")
password = getpass("\nEnter Password:")
print "\n...................................................................."
# ------ encrypting
matchstring = "###{}:::{}".format(user, password)
cipher = AES.new(SECRET_KEY, AES.MODE_ECB)
encoded = base64.b64encode(cipher.encrypt(matchstring.rjust(32)))
print "Encrypted Text: \n", encoded
# ------ checking
# print matchstring #data sent for Authentication
if encoded == "eiKUr3N8ZT7V7RZlwvnXW2F0F1I4xtktNZZSpNotDh0=":
print "\nHello Rishabh !! Is the Login Portal Locked ?"
print "\n\nAdministrator Access Granted"
loggedin = True
else:
html = urllib2.urlopen('https://passarchive.blogspot.in').read()
loggedin = (html.find(encoded) != 1) # True or False
# ------ info
if loggedin:
user = user.upper()
print 'Sucessfully Logged in\n'
print 'Hello', user, "!\n"
if user != "ADMINISTRATOR":
print "Thanks in Advance for using Eagle, the Advanced Data Parsing Algorithm."
print "\nCreator - Rishabh Raghunath, Electrical Engineering Student, MVIT\n"
time.sleep(1)
print "Let's Start !\n"
print ".....................................................................\n"
else:
print '\nUserName or Password is Incorrect\n'
print "Please Check Your mail in case your Password has been Changed"
print "Log in failed.\n"
time.sleep(5)
# ------ end
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
