Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 12 years ago.
Improve this question
I am using John the Ripper to crack a copy of the passwd file at my work. I want to alert users that have weak passwords. I happen to know that many accounts have the default password which is different for every user but matches a specific pattern.
Let's say this is the default password format:
'[2nd and 3rd characters in username]cc\d\d\l\l'
where c is a constant (the same in every password), \d is a single digit (0-9) and \l is a single lowercase letter.
How would I write a custom rule in john.conf that would check all hashes for all combinations that fit this format before trying anything else? I've tried to figure it out myself but I can't find any good documentation.
Related
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 8 years ago.
Improve this question
Neither will be public.
I want a really minimal user registration, that gets people the most connected to my site.
Can you think of pros or cons to this?
I don't like it. A person's email address can be guessed (usually firstname.lastname at something), and their phone number can be looked up by name using a reverse lookup 411 website.
Usernames and passwords should not be correlated at all with any third value. In your case, if I guess that someone belongs to your site and guess their email address (or search for it online), then I am one lookup away from possibly having their password.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 9 years ago.
Improve this question
When we have a url containing a hash bang google will use the escaped fragment as described here: https://developers.google.com/webmasters/ajax-crawling/docs/getting-started
e.g:
http://mysite.com/search#!potato
becomes:
http://mysite.com/search?_escaped_fragment_=potato
But what about encoding?
How will google behave if my url is like this:
http://mysite.com/search#!?q=potato&p=23
Will it just be:
http://mysite.com/search?_escaped_fragment_=?q=potato&p=23
or something like this
http://mysite.com/search?_escaped_fragment_=%3Fq%3Dpotato%26p%3D23
UPDATE:
This guy has a different tak on the quistion - but still no answer:
http://productforums.google.com/forum/#!msg/webmasters/21O7HlAB90A/wfCdo3KcmskJ
Second option. You have to URL parameter encode the content otherwise the & will cause it to be a new parameter.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 11 years ago.
Improve this question
There are several places that you can enter this character by typing ctrl-backspace, including windows loggon password.
Which character is this and can I use it in a password?
Depends on the control being used. Assuming a regular text box, that's character code 127 (0x7f), legacy mapping for the DEL control code. Displays as a rectangle since there's no Unicode glyph for it. This will not necessarily reproduce well, a Rich Edit control will interpret it as a "delete to begin of line" control key. Very unlikely you'll be able to enter such a password at a web page prompt for example.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 11 years ago.
Improve this question
I want to connect to ssh and type in a command that will show me live updates such as their ip address as they enter my site. is that possible? simply see what page an ip address entered or just the ip of a person that connected to the site.
Live meaning i see the list updated as it happens.
tail -f /path/to/your/access.log
Usually reading the log is pretty useless though.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I am creating a pricing program. I need to calculate the amounts according to the current tax list in the US (in various places).
I want to have a button 'Update taxes' in the administrative settings of the application, so when the user clicks it, it should download from somewhere the active tax amounts.
So I actually want to have a function decimal GetTax(string zip).
Does anyone knows about a free downloadable xml, or RSS accessible or even a website that I can crawle in and get this info from?
There are a number of third-party solutions out there. Here is one:
http://www.avalara.com/Products/Integrations/Ecommerce?gclid=CI2CyKfuu6ECFZIU5wodtUWW_w
Try http://www.telcotax.com/?
try this http://www.taxrates.com