pwn/M-CTF-2025
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Обновить darkbazaar/src/auth.py

Browse Source
This commit is contained in:
pwn
2025-12-14 14:47:00 +03:00
parent 0f7e716f20
commit d45ca06d07
1 changed files with 11 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
darkbazaar/src/auth.py
View File

@@ -1,6 +1,8 @@
from passlib.context import CryptContext from passlib.context import CryptContext
ctx = CryptContext(schemes=["pbkdf2_sha256"], pbkdf2_sha256__rounds=1) # SECURITY FIX: Use proper PBKDF2 rounds (29000+ recommended, using 260000 for better security)
# Previously was using only 1 round which made password cracking trivial
ctx = CryptContext(schemes=["pbkdf2_sha256"], pbkdf2_sha256__rounds=260000)
def get_password_hash(password: str) -> str: def get_password_hash(password: str) -> str:
return ctx.hash(password) return ctx.hash(password)