diff options
| author | Erich Eckner <git@eckner.net> | 2020-04-28 22:24:40 +0200 |
|---|---|---|
| committer | Erich Eckner <git@eckner.net> | 2020-04-28 22:24:40 +0200 |
| commit | 5313fd8d398b451e81f6e77ce87d23c3253a22f5 (patch) | |
| tree | 787222e3520e1639fd8e672b367a13fe398054c4 | |
| parent | 495a94d7717dac4d969393e8a504ed16d88317e8 (diff) | |
| download | raspi-lights-out-5313fd8d398b451e81f6e77ce87d23c3253a22f5.tar.xz | |
httpdocs/index.php: chain hash to slow brute force down
| -rw-r--r-- | httpdocs/index.php | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/httpdocs/index.php b/httpdocs/index.php index 108bf9c..e8a97ad 100644 --- a/httpdocs/index.php +++ b/httpdocs/index.php @@ -29,7 +29,9 @@ function push_it() { } $saved_hash = trim(fgets($f)); fclose($f); - $entered_hash = hash('sha512', $_POST['password']); + $entered_hash = $_POST['password']; + for ($i=0; $i<1000; $i++) + $entered_hash = hash('sha512', $entered_hash . $i . $_POST['password']); if ($saved_hash != $entered_hash) { print '<font color="ff0000">Wrong password: ' . $entered_hash . '</font><br>' . "\n"; return; |