new pw generator, ideal for scripting - Page 2
Page 2 of 2 FirstFirst 12
Results 11 to 17 of 17

Thread: new pw generator, ideal for scripting

  1. #11
    Senior Member
    Join Date
    Apr 2004
    Posts
    1,130
    great. now time for copying and make some adjustment (i hope not). thanks!

    If you dont mind i will (with some time) transfer this logic to other language too. php perhaps..
    Meu sítio

    FORMAT C: Yes ...Yes??? ...Nooooo!!! ^C ^C ^C ^C ^C
    If I die before I sleep, I pray the Lord my soul to encrypt.
    If I die before I wake, I pray the Lord my soul to brake.

  2. #12
    no i won't mind, maybe i will do it myself someday (i would have to learn another language first ), but i would appreciate it if you'd show me the result

  3. #13
    Senior Member
    Join Date
    Nov 2001
    Posts
    1,255
    Looks okay, just my $0.02:
    Using a user-supplied salt is less valuable to me from a password generation standpoint than a seed. The point of a seed is that the output will remain the same. A patch for the above code to change the "salt" parameter into a seed parameter, thus ensuring unerring continuing seeded number generation following a clock tick or other change.

    Code:
    --- pwgncl.c    2004-08-12 02:31:08.000000000 -0400
    +++ pwgncl.c   2004-08-12 03:02:15.000000000 -0400
    @@ -31,7 +31,7 @@
       int characterset=0;
       int password_length=0;
       int user_supplied=0;
    -  if(argc!=4)
    +  if(argc < 3 || argc > 4)
       {
         printf("\npwgenCL_2,commandline password generator, Copyright (C) 2004 Scorpius");
         printf("\n\npwgenCL_2 is free software; you can redistribute it and/or modify");
    @@ -53,26 +53,26 @@
         printf("\n5: (A-Z,a-z,0-9)\t\t\t\thard password");
         printf("\n6: (a-z,0-9, \\ ] [ ^ _ )\t\t\thard password");
         printf("\n7: ( ! \" # $ % ' ( * ) + , - . /  ,a-z,0-9)\tvery hard password");
    -    printf("\n8: full keyboard characters (except space), almost impossible to crack\n\n");
    -    printf("The maximum password length is 256 characters\n");
    -    printf("Usage: %s <characterset> <password length> <user supplied number>\n",argv[0]);
    -    printf("\n*The <user supplied number> is inserted to create extra randomness*\n");
    -    printf("\nExample: %s 8 15 5454303\n",argv[0]);
    -    return 0;
    -  }
    -
    -  if(argc==4)/*if all parameters, (characterset,passwordlength,randomization number) run the program*/
    -  {
    -    characterset=atoi(argv[1]);/*create integer from the argument*/
    -    password_length=atoi(argv[2]);/*create integer from the argument*/
    -    user_supplied=atoi(argv[3]);/*create integer from the argument*/
    +    printf("\n8: full keyboard characters (except space), almost impossible to crack\n");
    +    printf("\nThe maximum password length is 256 characters\n");
    +    printf("Usage: %s <characterset> <password length> <user supplied number>",argv[0]);
    +    printf("\n*The <user supplied number> is an optional seed*");
    +    printf("\nExample: %s 8 15 5454303\n\n",argv[0]);
    +    return 1;
    +  } else {
    +    /*if all parameters, (characterset,passwordlength,randomization number*) run the program*/
    +    characterset=atoi(argv[1]);     /*create integer from the argument*/
    +    password_length=atoi(argv[2]);  /*create integer from the argument*/
    +    if (argc == 4)
    +    {
    +      user_supplied=atoi(argv[3]);    /*create integer from the argument*/
    +    }
         if (password_length<1)
         {
           printf("Password length: %d is too small.\n",password_length);
           return -1;
    -    }
    -    if (password_length>256)
    -    {
    +    } else if (password_length>256) {
           printf("Password length: %d is too large.\n",password_length);
           return -1;
         }
    @@ -110,14 +110,19 @@
         }
         return 0;
       }
    -  else return -1;
     }
    
     /*the password generator function*/
    
     char *generated_password(char* char_set, int length,int user_number)
     {
    -  srand(user_number*time(NULL));
    +  if (user_number != 0)
    +    srand(user_number);
    +  else
    +    srand(time(NULL));
    +
       int loop;
       int set_length=strlen(char_set);
    Hope you don't mind about the code changes. I also would recommend setting the return value when the application hits the Usage message to something other than 0. 0 means exit success, but if you are displaying the usage, the application (from a script perspective) was not executed correctly. Return something other than 0 if the usage is displayed. This is included in the patch I pasted above.
    Chris Shepherd
    The Nelson-Shepherd cutoff: The point at which you realise someone is an idiot while trying to help them.
    \"Well as far as the spelling, I speak fluently both your native languages. Do you even can try spell mine ?\" -- Failed Insult
    Is your whole family retarded, or did they just catch it from you?

  4. #14
    i thought i had the return -1 in the usage section, must have accidentally changed it when rewritting the code..

    as for the seed, i understand what you mean, but i especially did it like this, since i'm almost positive that it wont happen that, two users would run the program at the same time AND with the same usersupplied number.

    if i would do it like your code, it would be the same output everytime you enter the same usersupplied number., it wouldn't have anything to do with randomness anymore (correct me if i'm wrong) but that is the reason i didn't do that.

  5. #15
    Senior Member
    Join Date
    Nov 2001
    Posts
    1,255
    Nope, you're correct. I wasn't saying that was a bad approach or anything, just that for my purposes, it could be used slightly differently, so I was providing the changes to others (as the GPL requires, I submit the patch back to you if you are interested).
    Chris Shepherd
    The Nelson-Shepherd cutoff: The point at which you realise someone is an idiot while trying to help them.
    \"Well as far as the spelling, I speak fluently both your native languages. Do you even can try spell mine ?\" -- Failed Insult
    Is your whole family retarded, or did they just catch it from you?

  6. #16
    oh, ok, well just as the GPL is for, you are free to change the source to suite your own needs
    and of course i'm interested, i'm always eager to learn and to see how other people solve a problem

    that's the beauty of opensource

    grtz

  7. #17
    Senior Member RoadClosed's Avatar
    Join Date
    Jun 2003
    Posts
    3,834
    Keezel, password generators are used to board a large number of user accounts at once and assign passwords to them AUTOMATICALLY, perhaps from another database or something. For instance I have a program that "steals" user data from the HR database, GENERATES a password, prints the user name automatically based on the first name and last name, then prints out a copy (for me) and mails it to the user. So the user gets

    Hi, John Doe welcome bla bla bla;

    Here is your Username: jdoe
    Here is your password: jn2342de

    There are many uses for password generator and I like this one because it's better the one I ad hoc'd one night.
    West of House
    You are standing in an open field west of a white house, with a boarded front door.
    There is a small mailbox here.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •