Re: [WebDNA] Apache .htpasswd

This WebDNA talk-list message is from

2014


It keeps the original formatting.
numero = 111239
interpreted = N
texte = --001a11369330076b9404f4f9a34d Content-Type: text/plain; charset=ISO-8859-1 Well, I think it's theoretically possible, but tricky and a bit of a security risk. Anyhow a few things come to mind: 1) Pretty sure .htpasswd passwords are hashed (Md5/SHA, etc.) not encoded (Base64, etc.) 2) WebDNA runs as user "apache" or "www-data" depending on your linux flavor -- not sure about mac (unix) or windows. You can run [shell]whoami[/shell] to get this info. 3) Permission for WebDNA's user are the main issue here, so you'd need to give root-like perms to webdna's user, but ideally only for the specific command you're running such as htpasswd. Check out "sudoers" I've done something similar which allows WebDNA to directly block an IP at the firewall level to run some honeytraps/bot-spankers and it works flawlessly. -Dan Strong http://DanStrong.com On Wed, Mar 19, 2014 at 11:52 AM, IBS Ltd. wrote: > I am wondering if it is possible to create an .htpasswd file using webdna. > > I have a shell script I am using now - but it is not ideal. > > This is what I tried - and doesn't work :) > > Searching a database of users and then writing the file: > > [WriteFile secure=F&file=htpasswd][founditems][email_address]:[encrypt > method=Base64][this_password][/encrypt] > [/founditems][/writefile] > > Apache server complains about the file and I can see the Base64 encryption > is not correct (thought I would give it a shot!!). > > The shell script: > > [WriteFile secure=F&file=htpasswd][founditems][shell]htpasswd -nb > [email_address] [this_password][/shell][/founditems][/writefile] > > The shell script unfortunately adds two carriage returns each time - not > sure how to stop it from doing that. The shell script does work though. > > Once the file is written - I delete the original and move the new one into > place. > > I would like to be able to do this without the shell script. > > Is it possible? > > -- > Gary > > > > > --------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us > Bug Reporting: support@webdna.us > --001a11369330076b9404f4f9a34d Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable
Well, I think it's theoretically possible, but tricky = and a bit of a security risk.

Anyhow a few things come t= o mind:

1) Pretty sure .htpasswd passwords are has= hed (Md5/SHA, etc.) not encoded (Base64, etc.)

2) WebDNA runs as user "apache" or "www-= data" depending on your linux flavor -- not sure about mac (unix) or w= indows. You can run [shell]whoami[/shell] to get this info.

3) Permission for WebDNA's user are the main issue here, so = you'd need to give root-like perms to webdna's user, but ideally on= ly for the specific command you're running such as htpasswd. Check out = "sudoers"

I've done something similar which allows WebDNA to = directly block an IP at the firewall level to run some honeytraps/bot-spank= ers and it works flawlessly.




On Wed, Mar 19, 2014 at 11:52 AM, IBS Lt= d. <admin@ibsltd.nb.ca> wrote:
I am wondering if it is possible to create an .htpasswd file using webdna.<= br>
I have a shell script I am using now - but it is not ideal.

This is what I tried - and doesn't work :)

Searching a database of users and then writing the file:

[WriteFile secure=3DF&file=3Dhtpasswd][founditems][email_address]:[encr= ypt
method=3DBase64][this_password][/encrypt]
[/founditems][/writefile]

Apache server complains about the file and I can see the Base64 encryption<= br> is not correct (thought I would give it a shot!!).

The shell script:

[WriteFile secure=3DF&file=3Dhtpasswd][founditems][shell]htpasswd -nb [email_address] [this_password][/shell][/founditems][/writefile]

The shell script unfortunately adds two carriage returns each time - not sure how to stop it from doing that. The shell script does work though.

Once the file is written - I delete the original and move the new one into<= br> place.

I would like to be able to do this without the shell script.

Is it possible?

--
Gary




---------------------------------------------------------
This message is sent to you because you are subscribed to
the mailing list <talk@webdna.us&g= t;.
To unsubscribe, E-mail to: <talk= -leave@webdna.us>
archives: http://mail.webdna.us/list/talk@webdna.us
Bug Reporting: support@webdna.us

--001a11369330076b9404f4f9a34d-- Associated Messages, from the most recent to the oldest:

    
  1. Re: [WebDNA] Apache .htpasswd (Tom Duke 2014)
  2. Re: [WebDNA] Apache .htpasswd (Donovan Brooke 2014)
  3. Re: [WebDNA] Apache .htpasswd (Dan Strong 2014)
  4. [WebDNA] Apache .htpasswd ("IBS Ltd." 2014)
--001a11369330076b9404f4f9a34d Content-Type: text/plain; charset=ISO-8859-1 Well, I think it's theoretically possible, but tricky and a bit of a security risk. Anyhow a few things come to mind: 1) Pretty sure .htpasswd passwords are hashed (Md5/SHA, etc.) not encoded (Base64, etc.) 2) WebDNA runs as user "apache" or "www-data" depending on your linux flavor -- not sure about mac (unix) or windows. You can run [shell]whoami[/shell] to get this info. 3) Permission for WebDNA's user are the main issue here, so you'd need to give root-like perms to webdna's user, but ideally only for the specific command you're running such as htpasswd. Check out "sudoers" I've done something similar which allows WebDNA to directly block an IP at the firewall level to run some honeytraps/bot-spankers and it works flawlessly. -Dan Strong http://DanStrong.com On Wed, Mar 19, 2014 at 11:52 AM, IBS Ltd. wrote: > I am wondering if it is possible to create an .htpasswd file using webdna. > > I have a shell script I am using now - but it is not ideal. > > This is what I tried - and doesn't work :) > > Searching a database of users and then writing the file: > > [WriteFile secure=F&file=htpasswd][founditems][email_address]:[encrypt > method=Base64][this_password][/encrypt] > [/founditems][/writefile] > > Apache server complains about the file and I can see the Base64 encryption > is not correct (thought I would give it a shot!!). > > The shell script: > > [WriteFile secure=F&file=htpasswd][founditems][shell]htpasswd -nb > [email_address] [this_password][/shell][/founditems][/writefile] > > The shell script unfortunately adds two carriage returns each time - not > sure how to stop it from doing that. The shell script does work though. > > Once the file is written - I delete the original and move the new one into > place. > > I would like to be able to do this without the shell script. > > Is it possible? > > -- > Gary > > > > > --------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us > Bug Reporting: support@webdna.us > --001a11369330076b9404f4f9a34d Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable
Well, I think it's theoretically possible, but tricky = and a bit of a security risk.

Anyhow a few things come t= o mind:

1) Pretty sure .htpasswd passwords are has= hed (Md5/SHA, etc.) not encoded (Base64, etc.)

2) WebDNA runs as user "apache" or "www-= data" depending on your linux flavor -- not sure about mac (unix) or w= indows. You can run [shell]whoami[/shell] to get this info.

3) Permission for WebDNA's user are the main issue here, so = you'd need to give root-like perms to webdna's user, but ideally on= ly for the specific command you're running such as htpasswd. Check out = "sudoers"

I've done something similar which allows WebDNA to = directly block an IP at the firewall level to run some honeytraps/bot-spank= ers and it works flawlessly.




On Wed, Mar 19, 2014 at 11:52 AM, IBS Lt= d. <admin@ibsltd.nb.ca> wrote:
I am wondering if it is possible to create an .htpasswd file using webdna.<= br>
I have a shell script I am using now - but it is not ideal.

This is what I tried - and doesn't work :)

Searching a database of users and then writing the file:

[WriteFile secure=3DF&file=3Dhtpasswd][founditems][email_address]:[encr= ypt
method=3DBase64][this_password][/encrypt]
[/founditems][/writefile]

Apache server complains about the file and I can see the Base64 encryption<= br> is not correct (thought I would give it a shot!!).

The shell script:

[WriteFile secure=3DF&file=3Dhtpasswd][founditems][shell]htpasswd -nb [email_address] [this_password][/shell][/founditems][/writefile]

The shell script unfortunately adds two carriage returns each time - not sure how to stop it from doing that. The shell script does work though.

Once the file is written - I delete the original and move the new one into<= br> place.

I would like to be able to do this without the shell script.

Is it possible?

--
Gary




---------------------------------------------------------
This message is sent to you because you are subscribed to
the mailing list <talk@webdna.us&g= t;.
To unsubscribe, E-mail to: <talk= -leave@webdna.us>
archives: http://mail.webdna.us/list/talk@webdna.us
Bug Reporting: support@webdna.us

--001a11369330076b9404f4f9a34d-- Dan Strong

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

writing orders to a db (1997) Emailer (1997) Where's Cart Created ? (1997) Date Bug (1998) AJAX with WebDNA (2006) Help name our technology! (1997) WebCat Bulletin Board Solution ? (1998) Web Catalog 2 demo (1997) WebCatalog 2.1 for NT (1998) [WebDNA] Intranet site request (2010) Cookie set browser session. (1998) Whats up with emailer? (1998) Online reference (1997) HTTP Header info (1997) webcat- multiple selection in input field (1997) BUG: Random sort is not random at all..... (2000) [LookUp] (1999) YACBQ.....(Yet another checkbox question) (2000) Submit buttons not working.... (1999) uploads (2000)