diff options
author | Erich Eckner <git@eckner.net> | 2020-04-28 22:24:40 +0200 |
---|---|---|
committer | Erich Eckner <git@eckner.net> | 2021-01-30 20:39:18 +0100 |
commit | ba7b8145c7042eb6f56e11ddc2f497f0be3ec19e (patch) | |
tree | 10044ac4a47c43ce4da5d08443713fc8e8fd03d0 /index.php.in | |
parent | 475143e6a7fd771cd588045ad1d1be2cb424f0c2 (diff) | |
download | raspi-lights-out-ba7b8145c7042eb6f56e11ddc2f497f0be3ec19e.tar.xz |
httpdocs/index.php: chain hash to slow brute force downv0.0
Diffstat (limited to 'index.php.in')
-rw-r--r-- | index.php.in | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/index.php.in b/index.php.in index c3dc987..efa6b85 100644 --- a/index.php.in +++ b/index.php.in @@ -42,7 +42,9 @@ function push_it() { } $saved_hash = trim(fgets($f)); fclose($f); - $entered_hash = hash('sha512', $_POST['password']); + $entered_hash = $_POST['password']; + for ($i=0; $i<1000; $i++) + $entered_hash = hash('sha512', $entered_hash . $i . $_POST['password']); if ($saved_hash != $entered_hash) { print '<font color="ff0000">Wrong password: ' . $entered_hash . '</font><br>' . "\n"; return; |