Fatal编程技术网
  • python/
  • 无法可靠地匹配Web:Python程序中存储的字符串中的Base 64加密字符串

无法可靠地匹配Web:Python程序中存储的字符串中的Base 64加密字符串

python regex encryption

无法可靠地匹配Web:Python程序中存储的字符串中的Base 64加密字符串,python,regex,encryption,beautifulsoup,base64,Python,Regex,Encryption,Beautifulsoup,Base64,我是Rishabh,是Python编程语言的初学者。。我试图用Python编写一种身份验证程序 以下是我在程序中所做的工作: <span style="background-color: white; display: none;">HELLO !! POST</span><br /> <span style="background-color: white; display: none;">HELLO !! POST</span>&l

我是Rishabh,是Python编程语言的初学者。。我试图用Python编写一种身份验证程序

以下是我在程序中所做的工作:

<span style="background-color: white; display: none;">HELLO !! POST</span><br />
<span style="background-color: white; display: none;">HELLO !! POST</span><br />
<span style="background-color: white; display: none;">HELLO !! POST</span><br />
<span style="background-color: white; display: none;">HELLO !! POST</span><br />
<span style="background-color: white; display: none;">HELLO !! POST</span><br />
<span style="background-color: white; display: none;">IIKTxK6FBJC+or4JPyQqSI0BrAevMJix//LSgGyoiETg=</span><br />
<span style="background-color: white; display: none;">4M3CXPZGRKUsQRqbaOPd/gajp6XD9irrM2pQ8N9MHyM=</span><br />
<span style="background-color: white; display: none;">F5uxniPOSEiU2h/v1QreAx1+hXzW7GRRcJS15kYE/EM=</span><br /> 
<span style="background-color: white; display: none;">mAHuxBo7URh0QcRswXTccxq/sMTUNfbqmSaiopZxzuA=</span><br />

import requests
from getpass import getpass
from bs4 import BeautifulSoup
import re
import csv
import time
from Crypto.Cipher import AES
import base64

counter =1
counter2=1
import requests
import urllib2
from bs4 import BeautifulSoup
import re

print("\nPlease Authenticate Yourself:")
#print("Welcome to Mantis\n")
user = raw_input("\nEnter Username:")
password= getpass("\nEnter Password:")
print "\n...................................................................."

matchstring="###"+user+":::"+password
matches=""
chkstr=matchstring
print chkstr
        ###Encryption
msg_text = chkstr.rjust(32)
secret_key = '1234567890123456'
cipher = AES.new(secret_key,AES.MODE_ECB)
encoded = base64.b64encode(cipher.encrypt(msg_text))
#encoded = encoded.encode('string-escape')
print "Encrypted Text: \n"+encoded




##print matchstring #data sent for Authentication
if encoded == "OiKUr4N8ZT7V7hZlwvnXP2d0F1I4xtktNbZSpNotJh0=":
        print "\nHello Rishabh !! Is the Login Portal Locked ?"
        print "\n\nAdministrator Access Granted"
        counter2=2
if counter2==1:

        ###https://pastarchive.blogspot.in
        ###https://pastarchive.wordpress.com/2016/10/08/hello/
        html_content = urllib2.urlopen('https://pastarchive.blogspot.in').read()
        rematchstring=re.compile(encoded)
        matches = re.findall(encoded, html_content);


if len(matches) != 0 or counter2==2:
                print 'Sucessfully Logged in\n'
                print 'Hello '+user.upper()+" !\n"
                if user.upper()!="ADMINISTRATOR":
                 print "Thanks in Advance for using Eagle, the Advanced Data Parsing Algorithm."
                 print "\nCreator - Rishabh Raghunath, Electrical Engineering Student, MVIT\n"
                time.sleep(1)
                print "Let's Start !\n"
                print ".....................................................................\n"
if len(matches) == 0:
       print '\nUserName or Password is Incorrect\n'
       print "Please Check Your mail in case your Password has been Changed"
       print "Log in failed.\n"
       time.sleep(5)
  • 我得到用户名和密码
  • 我将两个字符串连接起来,如:###用户名:::密码
  • 然后,我使用我在网上看到的base64编码程序对上面连接的字符串进行加密(我不熟悉base64编码,我是下面Python程序中使用的所有工具的初学者)
  • 现在你得到一个加密字符串
  • 我在我为此创建的博客的html中隐藏了相同的加密字符串:
    • 加密字符串作为隐藏文本存储在页面的html代码中:

    <span style="background-color: white; display: none;">HELLO !! POST</span><br />
<span style="background-color: white; display: none;">HELLO !! POST</span><br />
<span style="background-color: white; display: none;">HELLO !! POST</span><br />
<span style="background-color: white; display: none;">HELLO !! POST</span><br />
<span style="background-color: white; display: none;">HELLO !! POST</span><br />
<span style="background-color: white; display: none;">IIKTxK6FBJC+or4JPyQqSI0BrAevMJix//LSgGyoiETg=</span><br />
<span style="background-color: white; display: none;">4M3CXPZGRKUsQRqbaOPd/gajp6XD9irrM2pQ8N9MHyM=</span><br />
<span style="background-color: white; display: none;">F5uxniPOSEiU2h/v1QreAx1+hXzW7GRRcJS15kYE/EM=</span><br /> 
<span style="background-color: white; display: none;">mAHuxBo7URh0QcRswXTccxq/sMTUNfbqmSaiopZxzuA=</span><br />

    import requests
from getpass import getpass
from bs4 import BeautifulSoup
import re
import csv
import time
from Crypto.Cipher import AES
import base64

counter =1
counter2=1
import requests
import urllib2
from bs4 import BeautifulSoup
import re

print("\nPlease Authenticate Yourself:")
#print("Welcome to Mantis\n")
user = raw_input("\nEnter Username:")
password= getpass("\nEnter Password:")
print "\n...................................................................."

matchstring="###"+user+":::"+password
matches=""
chkstr=matchstring
print chkstr
        ###Encryption
msg_text = chkstr.rjust(32)
secret_key = '1234567890123456'
cipher = AES.new(secret_key,AES.MODE_ECB)
encoded = base64.b64encode(cipher.encrypt(msg_text))
#encoded = encoded.encode('string-escape')
print "Encrypted Text: \n"+encoded




##print matchstring #data sent for Authentication
if encoded == "OiKUr4N8ZT7V7hZlwvnXP2d0F1I4xtktNbZSpNotJh0=":
        print "\nHello Rishabh !! Is the Login Portal Locked ?"
        print "\n\nAdministrator Access Granted"
        counter2=2
if counter2==1:

        ###https://pastarchive.blogspot.in
        ###https://pastarchive.wordpress.com/2016/10/08/hello/
        html_content = urllib2.urlopen('https://pastarchive.blogspot.in').read()
        rematchstring=re.compile(encoded)
        matches = re.findall(encoded, html_content);


if len(matches) != 0 or counter2==2:
                print 'Sucessfully Logged in\n'
                print 'Hello '+user.upper()+" !\n"
                if user.upper()!="ADMINISTRATOR":
                 print "Thanks in Advance for using Eagle, the Advanced Data Parsing Algorithm."
                 print "\nCreator - Rishabh Raghunath, Electrical Engineering Student, MVIT\n"
                time.sleep(1)
                print "Let's Start !\n"
                print ".....................................................................\n"
if len(matches) == 0:
       print '\nUserName or Password is Incorrect\n'
       print "Please Check Your mail in case your Password has been Changed"
       print "Log in failed.\n"
       time.sleep(5)
    请帮我解决这个奇怪的问题。。我不知道如何解决这个问题。。
    谢谢。

    问题在于您使用了
    re
    ,而
    encodec
    中有
    +
    re
    以特殊方式处理
    +
    ,例如
    1+2
    正在搜索
    12或112或1112等。

    使用
    html\u内容。查找(编码)
    ,它返回
    html\u内容中
    encodec
    的位置或
    -1
    
现在,如果匹配,则必须使用
    -1或计数器2=2
    如果匹配==-1:
    

    
顺便说一句:你的代码乱七八糟。它可能看起来像这样
    

    from getpass import getpass
from Crypto.Cipher import AES
import base64
import urllib2
import time

# --- constants ---

SECRET_KEY = '1234567890123456'

# --- classes ---

    # empty

# --- functions ---

    # empty

# --- main ---

loggedin = False

# ------ input

print("\nPlease Authenticate Yourself:")
#print("Welcome to Mantis\n")
user = raw_input("\nEnter Username:")
password = getpass("\nEnter Password:")

print "\n...................................................................."

# ------ encrypting

matchstring = "###{}:::{}".format(user, password)

cipher = AES.new(SECRET_KEY, AES.MODE_ECB)
encoded = base64.b64encode(cipher.encrypt(matchstring.rjust(32)))

print "Encrypted Text: \n", encoded

# ------ checking

# print matchstring #data sent for Authentication
if encoded == "eiKUr3N8ZT7V7RZlwvnXW2F0F1I4xtktNZZSpNotDh0=":
    print "\nHello Rishabh !! Is the Login Portal Locked ?"
    print "\n\nAdministrator Access Granted"
    loggedin = True
else:        
    html = urllib2.urlopen('https://passarchive.blogspot.in').read()
    loggedin = (html.find(encoded) != 1) # True or False

# ------ info

if loggedin:
    user = user.upper()
    print 'Sucessfully Logged in\n'
    print 'Hello', user, "!\n"

    if user != "ADMINISTRATOR":
        print "Thanks in Advance for using Eagle, the Advanced Data Parsing Algorithm."
        print "\nCreator - Rishabh Raghunath, Electrical Engineering Student, MVIT\n"
        time.sleep(1)
        print "Let's Start !\n"
        print ".....................................................................\n"
else:
   print '\nUserName or Password is Incorrect\n'
   print "Please Check Your mail in case your Password has been Changed"
   print "Log in failed.\n"
   time.sleep(5)

# ------ end

    

    Base64是一种编码而不是加密。将此类数据存储在网页html(隐藏或不隐藏)中不是一个好主意,因为这种编码是双向的,任何人都可以将其作为明文读取。@marekful Yes。。我知道。。我不是在尝试构建一个超级安全的应用程序。这只是一个小项目,我正在做,将只由3或4人使用。。。而且,没有人会知道这个url,因为Python程序将被打包成一个exe文件,所以没有人能够查看程序的源代码。。你能告诉我如何解决这个问题吗?使用
    print()
    查看变量中的值-这有助于发现问题。
    matched=html\u content.find(encoded)
    find
    返回-1如果
    html\u content
    中没有
    encoded
    html\u content
    编码的位置。因此,如果匹配,您现在需要
    -1或计数器2=2
    如果匹配==-1:
    可能是因为一些
    编码的
    具有
    +
    ,这在
    re
    中具有特殊意义,因此
    re
    不会将
    +
    视为文本的一部分。例如
    1+2
    搜索
    12或112或1112等。111…2
    太棒了!!知道了!!我知道我的代码很乱。。实际上这是我的第一个Python程序。。我开始学习Python才两天。。所以我不确定该怎么办。。所以我留下了一些不完整的东西。。这只是我正在编写的程序的身份验证部分。。整个程序大约是4倍大。。由于很多东西都是以低效的方式编写的,我将对这段代码进行大量的改进。。无论如何@furas,谢谢你帮我,伙计!!