scripts/passenter at master · DOSYCORPS/scripts · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
#!/usr/bin/env python3

# my (almost) state-less password manager

import hashlib, os, re, sys, base64, time, json
from subprocess import Popen, PIPE

script_path = os.path.realpath(__file__)

try:
  # try hard
  from getpass import getpass
except ImportError:
  # stop complaining and try harder
  os.system("sudo pip3 install getpass")
  from getpass import getpass

# domain name in question, e.g. google.com
domain = sys.argv[1]

# load parameters for different sites' nitpicks about password requirements
params = {}
with open(os.path.dirname(os.path.realpath(__file__)) + '/passgen-params.json', 'r') as f:
    try:
        params = json.loads(f.read()).get(domain, {})
    except:
        print("Error loading params")

# have user input master password
master_password = getpass()

# nth password used on site
if 'n' not in params:
  params['n'] = 0

# tack this onto the end of a password
# useful if a site requires a use of a particular restricted set of symbols
if 'tail' not in params:
  params['tail'] = ""

# ensure an uppercase character
if 'ensure-upper' not in params:
  params['ensure-upper'] = True

# ensure an lowercase character
if 'ensure-lower' not in params:
  params['ensure-lower'] = True

# ensure a number
if 'ensure-number' not in params:
  params['ensure-number'] = True

# ensure a symbol
if 'ensure-symbol' not in params:
  params['ensure-symbol'] = True

# length of password
if 'length' not in params:
  params['length'] = 16

# generate password
thehash = hashlib.pbkdf2_hmac(
  'sha256',
  (master_password + "/" + domain).encode('utf-8'),
  b'',
  200000 + params['n'],
)

password_text = bytearray(base64.b64encode(thehash)
    .replace(b'+', b'')
    .replace(b'/', b'')
    .replace(b'=', b'')
)

if params['ensure-upper']:
    password_text[0] = 0x41 + (password_text[0] % 26)

if params['ensure-lower']:
    password_text[1] = 0x61 + (password_text[0] % 26)

if params['ensure-number']:
    password_text[2] = 0x30 + (password_text[0] % 10)

if params['ensure-symbol']:
    password_text[3] = 0x21 + (password_text[0] % 10)


password = password_text.decode()[0:params['length']] + params['tail']

macro = ""
for char in password:
  if char == '!':
    macro += "keydown Shift_L\nkey 1\nkeyup Shift_L\n"
  if char == '@':
    macro += "keydown Shift_L\nkey 2\nkeyup Shift_L\n"
  if char == '#':
    macro += "keydown Shift_L\nkey 3\nkeyup Shift_L\n"
  if char == '$':
    macro += "keydown Shift_L\nkey 4\nkeyup Shift_L\n"
  elif char == '%':
    macro += "keydown Shift_L\nkey 5\nkeyup Shift_L\n"
  elif char == '^':
    macro += "keydown Shift_L\nkey 6\nkeyup Shift_L\n"
  elif char == '&':
    macro += "keydown Shift_L\nkey 7\nkeyup Shift_L\n"
  elif char == '*':
    macro += "keydown Shift_L\nkey 8\nkeyup Shift_L\n"
  elif char == '(':
    macro += "keydown Shift_L\nkey 9\nkeyup Shift_L\n"
  elif char == ')':
    macro += "keydown Shift_L\nkey 0\nkeyup Shift_L\n"
  elif char == '+':
    macro += "keydown Shift_L\nkey equal\nkeyup Shift_L\n"
  elif char == '\'':
    macro += "key apostrophe\n"
  elif char == '\"':
    macro += "keydown Shift_L\nkey apostrophe\nkeyup Shift_L\n"
  elif char == '/':
    macro += "key slash\n"
  elif char.isupper():
    macro += "keydown Shift_L\nkey %s\nkeyup Shift_L\n" % char
  elif char.islower() or char.isdigit():
    macro += "key %s\n" % char

print("Entering password in 3 seconds ... [^C to abort]")
time.sleep(3)

p = Popen(['xte'], stdin=PIPE)
p.communicate(macro.encode('utf-8'))