Book Image

Python Web Penetration Testing Cookbook

By : Benjamin May, Cameron Buchanan, Andrew Mabbitt, Dave Mound, Terry Ip
Book Image

Python Web Penetration Testing Cookbook

By: Benjamin May, Cameron Buchanan, Andrew Mabbitt, Dave Mound, Terry Ip

Overview of this book

Table of Contents (16 chapters)
Python Web Penetration Testing Cookbook
Credits
About the Authors
About the Reviewers
www.PacktPub.com
Preface
Index

Generating a Bcrypt hash


One of the less commonly used, yet more secure hash functions, is Bcrypt. Bcrypt hashes were designed to be slow when encrypting and decrypting hashes. This design was used to prevent hashes from being easily cracked if hashes got leaked to the public, for example from a database exposure.

Getting ready

For this script, we will be using the bcrypt module within Python. This can be installed by using either pip or easy_install, albeit you will want to ensure version 0.4 is installed and not version 1.1.1, as version 1.1.1 removes some functionality from the Bcrypt module.

How to do it…

Generating Bcrypt hashes within Python is similar to generating other hashes such as SHA and MD5, but also slightly different. Like the other hashes, we can either prompt the user for a password or hard-code it into the script. The hashing in Bcrypt is more complex due to the use of randomly generated salts, which get appended to the original hash. This increases the complexity of the hash...