Search Results

Search found 14302 results on 573 pages for 'saved password'.

Page 105/573 | < Previous Page | 101 102 103 104 105 106 107 108 109 110 111 112  | Next Page >

  • youtube python api gdata.service. requesterror

    - by nashr rafeeg
    i have the following code which is trying to add a set of videos into a youtube play list import urllib,re import gdata.youtube import gdata.youtube.service class reddit(): def __init__(self, rssurl ='http://www.reddit.com/r/chillmusic.rss' ): self.URL = rssurl self._downloadrss() def _downloadrss(self): if self.URL.endswith('.rss'): # Downloadd the RSS feed of the subreddit - save as "feed.rss" try: print "Downloading rss from reddit..." urllib.urlretrieve (URL, "feed.rss") except Exception as e: print e def clean(self): playList = open("feed.rss").read() links = re.findall(r'(http?://www.youtube.com\S+)', playList) for link in links: firstPass = link.replace('&quot;&gt;[link]&lt;/a&gt;', '') secondPass = firstPass.replace('&amp;amp;fmt=18', '') thirdpass = secondPass.replace('&amp;amp;feature=related', '') finalPass = thirdpass.replace('http://www.youtube.com/watch?v=', '') print thirdpass, "\t Extracted: ", finalPass return finalPass class google(): def __init__(self, username, password): self.Username = username self.password = password #do not change any of the following self.key = 'AI39si5DDjGYhG_1W-8n_amjgEjbOU27sa0aw2RQI5gOaoK5KqCD2Fzffbkh8oqGu7CqFQLLQ7N7wK0gz7lrTQbd70srC72Niw' self.appname = 'Reddit playlist maker' self.service = gdata.youtube.service.YouTubeService() def authenticate(self): self.service.email = self.Username self.service.password = self.password self.service.developer_key = self.key self.service.client_id = self.appname self.service.source = self.appname self.service.ssl = False self.service.ProgrammaticLogin() def get_playlists(self): y_playlist = self.service.GetYouTubePlaylistFeed(username='default') l = [] k = [] for p in y_playlist.entry: k=[] k=[p.link[1].href, p.title.text] l.append(k) return l def get_playlist_id_from_url(self, href): #quick and dirty method to get the playList id's return href.replace('http://www.youtube.com/view_play_list?p=','') def creat_playlist(self, name="Reddit list", disc ="videos from reddit"): playlistentry = self.service.AddPlaylist(name, disc) if isinstance(playlistentry, gdata.youtube.YouTubePlaylistEntry): print 'New playlist added' return playlistentry.link[1].href def add_video_to_playlist(self,playlist_uri,video): video_entry = self.service.AddPlaylistVideoEntryToPlaylist( playlist_uri, video) if isinstance(video_entry, gdata.youtube.YouTubePlaylistVideoEntry): print 'Video added' URL = "http://www.reddit.com/r/chillmusic.rss" r = reddit(URL) g = google('[email protected]', 'xxxx') g.authenticate() def search_playlist(playlist="Reddit list3"): pl_id = None for pl in g.get_playlists(): if pl[1] == playlist: pl_id = pl[0] print pl_id break if pl_id == None: pl_id = g.creat_playlist(name=playlist) return pl_id pls = search_playlist() for video_id in r.clean(): g.add_video_to_playlist(pls, video_id) when i run the code i am geting the following error message gdata.service.RequestError: {'status': 303, 'body': '', 'reason': 'See Other'} any one have any idea why i am getting this error cheers Nash

    Read the article

  • C# Encryption Functions

    - by KHALID
    i have table in my database that have senestive data such as password field i want to encrypt data before inserting it to table and then i want not to decrypt data but i want only to compare encrypted password with the input password without decrypting

    Read the article

  • django manual login and redirect

    - by Zayatzz
    Hello I have such view that handles user registration. After creating new user i want to manually authenticate it and log it in.: def register(request): ... ... if form.is_valid(): username = form.cleaned_data['username'] password = form.cleaned_data['password1'] email = '' newuser = User.objects.create_user(username, email, password) user = authenticate(username=username, password=password) login (request, user) I have set LOGIN_REDIRECT_URL to '/profile/', but after authenticating and logging user in, it redirects me back to the same view not to /profile/, why? And how can i specify where to redirect after logging in? If i add HttpResponseRedirect('/profile/') After login line - nothing happens. The script never ends up there. Alan.

    Read the article

  • Command not write in buffer with Expect

    - by Romuald
    Hello, I try to backup a Linkproof device with expect script and i have some trouble. It's my first script in expect and i have reach my limits ;) #!/usr/bin/expect spawn ssh @IPADDRESS expect "username:" # Send the username, and then wait for a password prompt. send "@username\r" expect "password:" # Send the password, and then wait for a shell prompt. send "@password\r" expect "#" # Send the prebuilt command, and then wait for another shell prompt. send "system config immediate\r" #Send space to pass the pause expect -re "^ *--More--\[^\n\r]*" send "" expect -re "^ *--More--\[^\n\r]*" send "" expect -re "^ *--More--\[^\n\r]*" send "" # Capture the results of the command into a variable. This can be displayed, or written to disk. sleep 10 expect -re .* set results $expect_out(buffer) # Copy buffer in a file set config [open linkproof.txt w] puts $config $results close $config # Exit the session. expect "#" send "logout\r" expect eof The content of the output file: The authenticity of host '@IP (XXX.XXX.XXX.XXX)' can't be established. RSA key fingerprint is XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX. Are you sure you want to continue connecting (yes/no)? @username Please type 'yes' or 'no': @password Please type 'yes' or 'no': system config immediate Please type 'yes' or 'no': Like you can see, the result of the command is not in the file. Could you, please, help me to understantd why ? Thanks for your help. Romuald

    Read the article

  • Opera: closed window w/many tabs, window still open w/one tab, how to retrieve the many tabs

    - by Abel
    This is a little recipe for a little disaster: accidentally close a window with many important tabs open, only to find out that another window is still active with one tab open. Closing it will overwrite the saved tabs of the other window, which I want to recover. I need to recover the window with "many tabs" if possible,I didn't yet close the window with the one tab open, hopefully that prevents overwriting the saved settings. How do I retrieve, now that Opera is still active, the tabs of the closed window? I.e., where would Opera normally store these tabs when it closes a window? Can I prevent it from overwriting the saved state of "many tabs" with the current "one tab"?

    Read the article

  • SSRS CSV Rendering Export Issue....

    - by BALAMURUGAN
    I am having my table like this (2 tables) UserId Name 2 Welcome 3 Rename Password Data 2dfdf dfd 3 dfdf I need the data while exported to csv like this... UserId, Name 2,Welcome 3, Rename, password, Data 2dfdf ,dfd 3 ,dfdf But it is displaying like this UserId, name, Password, Data 1, Welcome, 2dfdf ,dfd 3, Rename,3,dfdf How can I get the actual result

    Read the article

  • Can you exclude code automatically when using the publish feature in Visual Studio

    - by LarryDev
    Is their a way to exclude a block of code when you use the publish feature in visual studio. In other words say I had a log in button that did something like: // Start Exclude when publishing if (txtUserName.Text == "" && txtPassword.Password == "") { lp = new System.ServiceModel.DomainServices.Client.ApplicationServices.LoginParameters("UserName", "Password"); } else // Stop Exclude when publishing { lp = new System.ServiceModel.DomainServices.Client.ApplicationServices.LoginParameters(txtUserName.Text, txtPassword.Password); } This way when I am debugging I can just leave the username and password field blank and just click login and the application will log me on. But when the application is published the compiler woudl ignore that code and not compile it in to the application.

    Read the article

  • How do I change the on-screen keyboard for a PasswordBox

    - by McKay
    I have a box that I want to take a password of only numbers (like an ATM-card PIN), how is the best way to do that? Requirements: Password (with the hidden numbers) Typing digits as the default (only?) keyboard What I've tried: I thought that InputScopes would be the way to go, but I can't set the input scope on a password box. I even tried putting the password InputScope on a normal TextBox, but that didn't mask the appearance of the characters in the text box. Suggestions?

    Read the article

  • How come module-level validation errors only display when property-level validators are Valid?

    - by jonathanconway
    I'm using the module-level validator: 'PropertiesMustMatch' on my view-model, like so: [PropertiesMustMatch("Password", "PasswordConfirm")] public class HomeIndex { [Required] public string Name { get; set; } public string Password { get; set; } public string PasswordConfirm { get; set; } } I'm noticing that if I submit the form without Name filled in, the ValidationSummary() helper returns only the following error: The Name field is required. However, if I fill in Name, then ValidationSummary() will return a PropertiesMustMatch error: 'Password' and 'PasswordConfirm' do not match. So it looks like the property-level validators are being evaluated first, then the model-level validators. I would much prefer if they were all validated at once, and ValidationSummary would return: The Name field is required. 'Password' and 'PasswordConfirm' do not match. Any ideas what I can do to fix this? I'm studying the MVC 2 source-code to try to determine why this happens.

    Read the article

  • Excel VBA SQL Import

    - by user307655
    Hi All, I have the following code which imports data from a spreadsheet to SQL directly from Excel VBA. The code works great. However I am wondering if somebody can help me modify the code to: 1) Check if data from column A already exists in the SQL Table 2) If exists, then only update rather than import as a new role 3) if does not exist then import as a new role. Thanks again for your help Sub SQLIM() ' Send data to SQL Server ' This code loads data from an Excel Worksheet to an SQL Server Table ' Data should start in column A and should be in the same order as the server table ' Autonumber fields should NOT be included' ' FOR THIS CODE TO WORK ' In VBE you need to go Tools References and check Microsoft Active X Data Objects 2.x library Dim Cn As ADODB.Connection Dim ServerName As String Dim DatabaseName As String Dim TableName As String Dim UserID As String Dim Password As String Dim rs As ADODB.Recordset Dim RowCounter As Long Dim ColCounter As Integer Dim NoOfFields As Integer Dim StartRow As Long Dim EndRow As Long Dim shtSheetToWork As Worksheet Set shtSheetToWork = ActiveWorkbook.Worksheets("Sheet1") Set rs = New ADODB.Recordset ServerName = "WIN764X\sqlexpress" ' Enter your server name here DatabaseName = "two28it" ' Enter your database name here TableName = "COS" ' Enter your Table name here UserID = "" ' Enter your user ID here ' (Leave ID and Password blank if using windows Authentification") Password = "" ' Enter your password here NoOfFields = 7 ' Enter number of fields to update (eg. columns in your worksheet) StartRow = 2 ' Enter row in sheet to start reading records EndRow = shtSheetToWork.Cells(Rows.Count, 1).End(xlUp).Row ' Enter row of last record in sheet ' CHANGES ' Dim shtSheetToWork As Worksheet ' Set shtSheetToWork = ActiveWorkbook.Worksheets("Sheet1") '** Set Cn = New ADODB.Connection Cn.Open "Driver={SQL Server};Server=" & ServerName & ";Database=" & DatabaseName & _ ";Uid=" & UserID & ";Pwd=" & Password & ";" rs.Open TableName, Cn, adOpenKeyset, adLockOptimistic For RowCounter = StartRow To EndRow rs.AddNew For ColCounter = 1 To NoOfFields rs(ColCounter - 1) = shtSheetToWork.Cells(RowCounter, ColCounter) Next ColCounter Next RowCounter rs.UpdateBatch ' Tidy up rs.Close Set rs = Nothing Cn.Close Set Cn = Nothing End Sub

    Read the article

  • Handling User Authentication in .NET?

    - by Daniel
    I am new to .NET, and don't have much experience in programming. What is the standard way of handling user authentication in .NET in the following situation? In Process A, User inputs ID/Password Process A sends the ID/Password to Process B over a nonsecure public channel. Process B authenticates the user with the recieved ID/Password what are some of the standard cryptographic algorithms I can use in above model?

    Read the article

  • Convert MSSQL Varbinary field to MYSQL, keeping data intact

    - by Mike Sheridan
    I was given the daunting task of converting a ASP website to PHP and MSSQL to MySQL, and I ran into an issue that hopefully somebody can help I have a user table which has a password field with datatype Varbinary(128), are using pwdencrypt to encrypt the password. Is there a way to transfer that over to MySQL, and somehow i need to be able to keep the password intact... how can i go about that? any pointers would be greatly appreciated!

    Read the article

  • RijndaelManaged: IV Generation?

    - by cam
    I want to implement the most secure, and most reliable form of symmetric key cryptography in my application. The user should input a password to encrypt/decrypt, and that's all. For RijndaelManaged, one must enter a key and an IV. I'm not sure how to address the situation. Right now, I have the entered password being hashed by SHA256 and then being used as the key for the Rijndael. What do I use for the IV? Another password?

    Read the article

  • PHP mySQL Error

    - by happyCoding25
    Hello, Im new to php so I decided to follow this tutorial for a simple login screen. I got the code setup but when I try login I get this error: Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in (a long file path to the script) on line 27 The code I got from the tutorial is: <?php ob_start(); $host="thehost"; // Host name $username="myusername"; // Mysql username $password="mypass"; // Mysql password $db_name="test"; // Database name $tbl_name="members"; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // Define $myusername and $mypassword $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "login_success.php" session_register("myusername"); session_register("mypassword"); header("location:login_success.php"); } else { echo "Wrong Username or Password"; } ob_end_flush(); ?> (Note: All of the mySQL database info is filled in on my version) Aslo, the author gives a php5 version and a normal php version. I have tried both and gotten the same error. If anyone knows why this is happening help is really appreciated.

    Read the article

  • Map only certain parts of the class to a database using SQLAlchemy?

    - by Az
    When mapping an object using SQLAlchemy, is there a way to only map certain elements of a class to a database, or does it have to be a 1:1 mapping? Example: class User(object): def __init__(self, name, username, password, year_of_birth): self.name = name self.username = username self.password = password self.year_of_birth = year_of_birth Say, for whatever reason, I only wish to map the name, username and password to the database and leave out the year_of_birth. Is that possible and will this create problems? Edit - 25/03/2010 Additionally, say I want to map username and year_of_birth to a separate database. Will this database and the one above still be connected (via username)?

    Read the article

  • iPhone Twitter Integration: Validating login.

    - by Mr. McPepperNuts
    The following code posts to twitter: NSString *compoundLoginString = [NSString stringWithFormat:@"http://%@:%@@twitter.com/statuses/update.xml",extractedUsername, extractedPassword]; NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL: [NSURL URLWithString:compoundLoginString] cachePolicy:NSURLRequestUseProtocolCachePolicy timeoutInterval:20.0]; // The text to post NSString *msg = tweetText; [request setHTTPMethod:@"POST"]; [request setHTTPBody:[[NSString stringWithFormat:@"status=%@", msg] dataUsingEncoding:NSASCIIStringEncoding]]; NSURLResponse *response; NSError *error; if ([NSURLConnection sendSynchronousRequest:request returningResponse:&response error:&error] != nil){ [self postSuccessfulAlert]; }else{ [self postNotSuccessfulAlert]; } I am curious as to how I could check if the username and password is correct before proceeding to the above piece of code. I found the following code in a tutorial, but am unsure how I would implement or call this function. - (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge { if ([challenge previousFailureCount] == 0) { NSURLCredential *newCredential; newCredential=[NSURLCredential credentialWithUser:[self username] password:[self password] persistence:NSURLCredentialPersistenceNone]; [[challenge sender] useCredential:newCredential forAuthenticationChallenge:challenge]; } else { [[challenge sender] cancelAuthenticationChallenge:challenge]; // inform the user that the user name and password // in the preferences are incorrect NSLog(@"Invalid Username or Password"); } } Any ideas? Please note, I have taken snippets of code from both of the following tutorials. http://iphonedevelopertips.com/networking/post-to-a-twitter-account-from-the-iphone.html and http://icodeblog.com/2009/07/09/integrating-twitter-into-your-applications/

    Read the article

  • Make PasswordRecovery control work with locked out users ?

    - by Moe Sisko
    Example scenario in an ASP.NET application using SQL Server membership provider : 1) a user can't remember their exact password, and tries many times in a short space of time to login with an invalid password (say 5 times in a 10 minute window). This locks out the user (i.e. sets the IsLockedOut flag of the aspnet_Membership table to 1). 2) user goes to the "forgot my password" screen to try to get a new password emailed to them. This screen uses the PasswordRecovery control. User enters their correct user id, but then cannot go further in the password recovery process, since the IsLockedOut flag is 1. (They don't even get to see their security question). 3) The user would then have to phone tech support to get themselves unlocked etc. To reduce the burden on support staff, we are trying to eliminate step 3) if possible, by making the PasswordRecovery control (if possible), work with locked out users. i.e. when they enter their login ID, the security question comes up, and IF they enter the correct answer, the system will unlock the user, then send the new email to them. I'm wondering if it is possible to tweak the PasswordRecovery control to do this. Or maybe I'm approaching this the wrong way ?

    Read the article

  • Encryption puzzle / How to create a ProxyStub for a Remote Assistance ticket

    - by Jon Clegg
    I am trying to create a ticket for Remote Assistance. Part of that requires creating a PassStub parameter. As of the documenation: http://msdn.microsoft.com/en-us/library/cc240115(PROT.10).aspx PassStub: The encrypted novice computer's password string. When the Remote Assistance Connection String is sent as a file over e-mail, to provide additional security, a password is used.<16 In part 16 they detail how to create as PassStub. In Windows XP and Windows Server 2003, when a password is used, it is encrypted using PROV_RSA_FULL predefined Cryptographic provider with MD5 hashing and CALG_RC4, the RC4 stream encryption algorithm. As PassStub looks like this in the file: PassStub="LK#6Lh*gCmNDpj" If you want to generate one yourself run msra.exe in Vista or run the Remote Assistance tool in WinXP. The documentation says this stub is the result of the function CryptEncrypt with the key derived from the password and encrypted with the session id (Those are also in the ticket file). The problem is that CryptEncrypt produces a binary output way larger then the 15 byte PassStub. Also the PassStub isn't encoding in any way I've seen before. Some interesting things about the PassStub encoding. After doing statistical analysis the 3rd char is always a one of: !#$&()+-=@^. Only symbols seen everywhere are: *_ . Otherwise the valid characters are 0-9 a-z A-Z. There are a total of 75 valid characters and they are always 15 bytes. Running msra.exe with the same password always generates a different PassStub, indicating that it is not a direct hash but includes the rasessionid as they say. Some other ideas I've had is that it is not the direct result of CryptEncrypt, but a result of the rasessionid in the MD5 hash. In MS-RA (http://msdn.microsoft.com/en-us/library/cc240013(PROT.10).aspx). The "PassStub Novice" is simply hex encoded, and looks to be the right length. The problem is I have no idea how to go from any hash to way the ProxyStub looks like.

    Read the article

  • LINQtoSQL Custom Constructor off Partial Class?

    - by sah302
    Hi all, I read this question here: http://stackoverflow.com/questions/82409/is-there-a-way-to-override-the-empty-constructor-in-a-class-generated-by-linqtosq Typically my constructor would look like: public User(String username, String password, String email, DateTime birthday, Char gender) { this.Id = Guid.NewGuid(); this.DateCreated = this.DateModified = DateTime.Now; this.Username = username; this.Password = password; this.Email = email; this.Birthday = birthday; this.Gender = gender; } However, as read in that question, you want to use partial method OnCreated() instead to assign values and not overwrite the default constructor. Okay so I got this : partial void OnCreated() { this.Id = Guid.NewGuid(); this.DateCreated = this.DateModified = DateTime.Now; this.Username = username; this.Password = password; this.Email = email; this.Birthday = birthday; this.Gender = gender; } However, this gives me two errors: Partial Methods must be declared private. Partial Methods must have empty method bodies. Alright I change it to Private Sub OnCreated() to remove both of those errors. However I am still stuck with...how can I pass it values as I would with a normal custom constructor? Also I am doing this in VB (converted it since I know most know/prefer C#), so would that have an affect on this?

    Read the article

  • Quick MySQLi security question

    - by Benjamin Falk
    I have a quick MySQLi security related question... For example, take a look at this code (gets in put from the user, checks it against the database to see if the username/password combination exist): $input['user'] = htmlentities($_POST['username'], ENT_QUOTES); $input['pass'] = htmlentities($_POST['password'], ENT_QUOTES); // query db if ($stmt = $mysqli->prepare("SELECT * FROM members WHERE username=? AND password = ?")) { $stmt->bind_param("ss", $input['user'], md5($input['pass'] . $config['salt'])); $stmt->execute(); $stmt->store_result(); // check if there is a match in the database for the user/password combination if ($stmt->num_rows > 0) {} } In this case, I am using htmlentities() on the form data, and using a MySQLi prepared statement. Do I still need to be using mysql_real_escape_string()?

    Read the article

  • mysqli insert problem

    - by Simon
    Hello i have this error: Warning: mysqli_stmt::bind_param() [mysqli-stmt.bind-param]: Number of elements in type definition string doesn't match number of bind variables in E:\wamp\www\classes\UserLogin.php on line 31 and i dont know what it is :/ here is my code function createUser($username, $password) { $mysql = connect(); if($stmt = $mysql->prepare('INSERT INTO users (username, password, alder, hood, fornavn, efternavn, city, ip, level, email) VALUES (?,?,?,?,?,?,?,?,?,?)')) { $stmt->bind_param($username,$password, $alder, $hood, $fornavn, $efternavn, $city, $ip, $level, $email); $stmt->execute(); $stmt->close(); } else { echo 'error: ' . $mysql->error; } then my user create the user they only need to type username and password, and later they can edit the profile and edit, email,alder,hood and like that :). Thanks for helping me

    Read the article

  • Windows cmd.exe output in PowerShell

    - by noledgeispower
    I have a script for remotely executing commands on other machines, however... when using windows cmd.exe commands It does not write to the file on the remote server. Here is the code. $server = 'serverName' $Username = 'userName' $Password = 'passWord' $cmd = "cmd /c ipconfig" ######################## ######################## $ph = "C:\mPcO.txt" $rph = "\\$server\C$\mPcO.txt" $cmde = "$cmd > $ph" $pass = ConvertTo-SecureString -AsPlainText $Password -Force $mycred = new-object -typename System.Management.Automation.PSCredential -argumentlist "$Username",$pass Invoke-WmiMethod win32_process -name create -ComputerName $server -ArgumentList $cmde Credential $mycred cmd /c net use \\$server\C$ $password /USER:$username Get-Content $rph Remove-Item $rph cmd /c net use \\$server\C$ /delete As you can see we simply write $cmde = "$cmd > $ph" if I use a PowerShell command I use $cmde = "$cmd | Out-File $ph" and it works fine. Any advice Appreciated

    Read the article

  • How come module-level validators are evaluated only after property-level validators?

    - by jonathanconway
    I'm using the module-level validator: 'PropertiesMustMatch' on my view-model, like so: [PropertiesMustMatch("Password", "PasswordConfirm")] public class HomeIndex { [Required] public string Name { get; set; } public string Password { get; set; } public string PasswordConfirm { get; set; } } I'm noticing that if I submit the form without Name filled in, the ValidationSummary() helper returns only the following error: The Name field is required. However, if I fill in Name, then ValidationSummary() will return a PropertiesMustMatch error: 'Password' and 'PasswordConfirm' do not match. So it looks like the property-level validators are being evaluated first, then the model-level validators. I would much prefer if they were all validated at once, and ValidationSummary would return: The Name field is required. 'Password' and 'PasswordConfirm' do not match. Any ideas what I can do to fix this? I'm studying the MVC 2 source-code to try to determine why this happens.

    Read the article

  • Encryption puzzle / How to create a PassStub for a Remote Assistance ticket

    - by Jon Clegg
    I am trying to create a ticket for Remote Assistance. Part of that requires creating a PassStub parameter. As of the documentation: http://msdn.microsoft.com/en-us/library/cc240115(PROT.10).aspx PassStub: The encrypted novice computer's password string. When the Remote Assistance Connection String is sent as a file over e-mail, to provide additional security, a password is used.<16 In part 16 they detail how to create as PassStub. In Windows XP and Windows Server 2003, when a password is used, it is encrypted using PROV_RSA_FULL predefined Cryptographic provider with MD5 hashing and CALG_RC4, the RC4 stream encryption algorithm. As PassStub looks like this in the file: PassStub="LK#6Lh*gCmNDpj" If you want to generate one yourself run msra.exe in Vista or run the Remote Assistance tool in WinXP. The documentation says this stub is the result of the function CryptEncrypt with the key derived from the password and encrypted with the session id (Those are also in the ticket file). The problem is that CryptEncrypt produces a binary output way larger then the 15 byte PassStub. Also the PassStub isn't encoding in any way I've seen before. Some interesting things about the PassStub encoding. After doing statistical analysis the 3rd char is always a one of: !#$&()+-=@^. Only symbols seen everywhere are: *_ . Otherwise the valid characters are 0-9 a-z A-Z. There are a total of 75 valid characters and they are always 15 bytes. Running msra.exe with the same password always generates a different PassStub, indicating that it is not a direct hash but includes the rasessionid as they say. Some other ideas I've had is that it is not the direct result of CryptEncrypt, but a result of the rasessionid in the MD5 hash. In MS-RA (http://msdn.microsoft.com/en-us/library/cc240013(PROT.10).aspx). The "PassStub Novice" is simply hex encoded, and looks to be the right length. The problem is I have no idea how to go from any hash to way the PassStub looks like.

    Read the article

< Previous Page | 101 102 103 104 105 106 107 108 109 110 111 112  | Next Page >