Criando senha, e analisando

[xanburzum 169]

Criando senha, e analisando para ver se é realmente boa...

 

<link href="admin.css" type=text/css rel=stylesheet>

<%
const ForReading=1,ForWriting=2,ForAppending=8

Const CVRYWEAK = 0.2 'Número de crack, que é muito fraco
Const CWEAK = 0.5 '   "   "   fraco
Const COK = 10 ' "  "  OK
Const CSTRONG = 100 ' " " forte
Const CVRYSTRONG = 1000 ' " " muito forte
Const NUMBERPERSECOND = 100000000 ' Personalizar para o número de possibilidades por segundo que você quer
Dim PasswordList
Dim PasswordNum
%>


<%	
PassEntered=Request.Form("password")
If not IsEmpty(PassEntered) then


'Carregar um banco de dados de senhas comuns para pesquisa
	PthStr = Server.MapPath("passwords.txt")
	set fso=server.CreateObject("Scripting.FileSystemObject")
	set tfile=fso.OpenTextFile(PthStr,ForReading,true)
	
	If  not tfile.AtEndOfStream then
		PassWordList=tfile.readall
	end if
	tfile.Close
	set tfile = nothing
	'Contando quantas palavras do dicionário 
	PasswordNum = CountSubstring(PasswordList, ";") - 1

	'Nota: você pode acrescentar palavras do dicionário usando um; delimitador

pass_check(PassEntered)

end if
%>
<center>
<form method=post action=password_check.asp>

<input type=text name=password>
<input type=submit value="Check Password">
</form>
</center>





<%
Function IsAlpha(sData)

	If Asc(sData) >= 65 And Asc(sData) <= 90 Then
		IsAlpha = True
		Exit Function
	ElseIf Asc(sData) >= 97 And Asc(sData) <= 122 Then
		IsAlpha = True
		Exit Function
	End If

	IsAlpha = False
End Function

Function CountSubstring(sData,sSubstring)

	CoutSubstring = 0
	Dim i
	Dim lSub
	Dim lData
	i = 1

	lSub = Len(sSubstring)
	lData = Len(sData)

	Do
		i = InStr(i, sData, sSubstring)
		If i = 0 Then
			Exit Function
		Else
			CountSubstring = CountSubstring + 1
			i = i + lSub
		End If

	Loop Until i > lData
End Function



%>



<%

function pass_check(sPass)

	Dim lLenPass
	Dim i
	'Dim sPass
	Dim tmpchar
	Dim dPossib
	Dim range
	Dim dTime
	Dim lMesCaption

	Dim lProgress
	Dim commonFlag
	Dim upperFlag
	Dim lowerFlag
	Dim specialFlag
	Dim numberFlag
	Dim lenFlag
	Dim flagtot
	Dim sAnalysis 'A variável para armazenar a análise personalizada

	if sPass = "" then
		Response.Write "Você deve digitar uma senha"
	end if


	lLenPass = Len(sPass) 'comprimento da senha
	'sPass = tPass.Text ' senha


	'Verificar se a senha está na lista comum de senhas

	If InStr(1, PasswordList, ";" & sPass & ";") <> 0 Then
		commonFlag = True 
	End If

	'Procurando por letras maiúsculas
	For i = 1 To lLenPass
		If UCase(Mid(sPass, i, 1)) = Mid(sPass, i, 1) And IsAlpha(Mid(sPass, i, 1)) = True Then upperFlag = True: Exit For
	Next

	'Procurando por letras minúsculas
	For i = 1 To lLenPass
		If LCase(Mid(sPass, i, 1)) = Mid(sPass, i, 1) And IsAlpha(Mid(sPass, i, 1)) = True Then lowerFlag = True: Exit For
	Next

	'Procurando por números Chr 048-057
	For i = 1 To lLenPass
		If Asc(Mid(sPass, i, 1)) <= 57 And Asc(Mid(sPass, i, 1)) >= 48 Then numberFlag = True: Exit For
	Next

	'Buscando a char 065-090 097-122 048-057 
	For i = 1 To lLenPass
		tmpchar = Asc(Mid(sPass, i, 1))
		If tmpchar < 65 Or tmpchar > 90 Then
			If tmpchar < 97 Or tmpchar > 122 Then
				If tmpchar < 48 Or tmpchar > 57 Then
					specialFlag = True
					Exit For
				End If
			End If
		End If
	Next

	'cálculo de índice considerando todos os valores Flags

	'Calculando Possibilidades 

	If upperFlag = True Then
		range = range + 26: flagtot = flagtot + 1
	Else
		sAnalysis = sAnalysis & "<b>Fraqueza: </ b> Não há letras maiúsculas na sua senha" & vbCrLf
	End If

	If lowerFlag = True Then
		range = range + 26: flagtot = flagtot + 1
	Else
		sAnalysis = sAnalysis & "<b>Fraqueza: </ b> Não existem letras minúsculas na sua senha." & vbCrLf
	End If

	If numberFlag = True Then
		range = range + 10: flagtot = flagtot + 1
	Else
		sAnalysis = sAnalysis & "<b>Fraqueza: </ b> Não há números em sua senha." & vbCrLf
	End If

	If specialFlag = True Then
		range = range + 30: flagtot = flagtot + 1 'Este é um valor arbitrário para o número de caracteres especiais para impressão
	Else
		sAnalysis = sAnalysis & "<b>Fraqueza: </ b> Não há caracteres especiais em sua senha." & vbCrLf
	End If

	If lLenPass < 8 Then
		sAnalysis = sAnalysis & "<b>Fraqueza: </ b> O tamanho da senha é de 8."
	End If

	If commonFlag = True Then
		dPossib = PasswordNum 'Número de possibilidades é o número de senhas na lista comum
		sAnalysis = "<b>Grande fraqueza </ b>: Sua senha é detetada como uma das senhas comuns utilizadas pelos usuários. Se um hacker quiser quebrar sua senha, ele tentará primeiro esta lista." & vbCrLf & sAnalysis
	Else
		dPossib = range ^ lLenPass
	End If

	sAnalysis=replace(sAnalysis,vbCrLf,"<br>")


	'Calculando o tempo que levará

	dTime = (((dPossib / (NUMBERPERSECOND)) / (365 * 24)) / 3600) / 2 'O  / 2 é porque Demora aproximadamente a metade do teste para o passe
	'Configurando a barra de progresso: Note que você pode personalizar o const de quanto quebrar você considera ser fraco, ok, forte

	If dTime >= CVRYSTRONG Then
		lProgress = 100
	ElseIf dTime >= CSTRONG Then
		lProgress = 75
	ElseIf dTime >= COK Then
		lProgress = 47
	ElseIf dTime >= CWEAK Then
		lProgress = 23
	ElseIf dTime <= CVRYWEAK Then
		lProgress = 1
	End If
	
	'lProgress=75
	'criar barra de progresso
	with response
		.Write "<table width=80% border=1 bordercolor=#ffffff cellpadding=0 cellspacing=0 align=center>"
		.Write "<tr><td bordercolor=#000000>"
			.Write "<table width=100% border=1 bordercolor=#ffffff cellpadding=0 cellspacing=0 align=center>"
			.Write "<tr><td width="""&lProgress&"%"" bgcolor=deepskyblue bordercolor=white> </td>"
			.Write "<td bordercolor=white> </td></tr>"
			.Write "</table>"
		.Write "</td></tr></table>"
	end with

	Response.Write "<br>"
	with Response
		.Write "<table width=80% border=0 cellpadding=0 cellspacing=0 align=center>"
		.Write "<tr class=bold>"
		.Write "<td width=20% align=left bgcolor=#eeeeee>muito fraco</td>"
		.Write "<td width=20% align=left bgcolor=#dddddd>fraco</td>"
		.Write "<td width=20% align=left bgcolor=#bbbbbb>ok</td>"
		.Write "<td width=20% align=left bgcolor=#999999>forte</td>"
		.Write "<td width=20% align=right bgcolor=#888888>muito forte</td>"
		.Write "</tr></table>"
	end with

	'Formatando o tempo que levará
	lMesCaption = "years"
	If dTime < 1 Then
		dTime = dTime * 365
		lMesCaption = "days"
		
		If dTime < 1 Then
			dTime = dTime * 24
			lMesCaption = "horas"
			
			If dTime < 1 Then
				dTime = dTime * 60
				lMesCaption = "minutos"
				
				If dTime < 1 Then
					dTime = dTime * 60
					lMesCaption = "segundo"
				End If
			End If
		End If
	End If

	'mostrar o tempo formatado
	If sAnalysis = "" Then sAnalysis = "deficiências encontradas na sua senha!"
	
	on error resume next
	dTime=Clng(dTime)
	If err.number<>0 then
		dTime=Cdbl(dTime)
	end if
	on error goto 0
	If dTime=0 then dTime=2
	
	
	Response.Write "<table width=80% align=center border=0 cellpadding=0 cellspacing=0 class=search>"
	
	Response.Write "<tr><td> </td></tr>"
	Response.Write "<tr><td><b>ANÁLISE DA SUA SENHA</b></td></tr>"
	
	Response.Write "<tr><td>"
	Response.Write "<p>Levará cerca de <b>"&dTime&" "&lMesCaption&"</b>"
	Response.Write " para quebrar a senha utilizando técnicas de força bruta em um computador capaz de 100 milhões de cálculos / segundo."
	Response.Write "</td></tr>"
	
	Response.Write "<tr><td>"		
	Response.write sAnalysis ' mostra a análise
	Response.Write "</td></tr>"
	
	Response.Write "<tr><td> </td></tr>"
	Response.Write "<tr><td class=norm>Uma boa senha deve ter pelo menos 8 caracteres, devem dispor de números e caracteres em maiúscula na mesma, e deve ter caracteres especiais, como ~@#$%^&*(). </td></tr>"
	
	Response.Write "</table>"
end function
%>

arquivo txt,você pode implementar para ter mais opções

;aaa;abc;academia;academic;access;ada;admin;adrian;adrianna;aerobics;airplane;al
bany;albatross;albert;alex;alexander;alf;algebra;alias;aliases;alice;alicia;alisa
;alison;allison;alpha;alphabet;ama;amadeus;amanda;amber;amorphous;amy;analog;anch
or;andrea;andromache;andy;angela;angerine;angie;animals;anita;ann;anna;anne;annet
te;answer;anthropogenic;anvils;anything;april;aria;ariadne;arlene;arrow;arthur;as
d;asm;asshole;athena;atmosphere;aztecs;azure;bacchus;badass;bailey;banana;bananas
;bandit;banks;barbara;barber;baritone;bart;bartman;basic;bass;bassoon;batch;batma
n;beach;beater;beauty;beaver;becky;beethoven;beloved;benz;beowulf;berkeley;berlin
;berliner;beryl;beta;beth;betsie;betty;beverly;bicameral;bishop;bitch;bob;bradley
;brandi;brandy;brenda;brian;bridget;broadway;bsd;bumbling;burgess;cad;camille;cam
panile;candi;candy;cantor;cardinal;caren;carla;carmen;carol;carole;carolina;carol
ine;carrie;carson;cascades;castle;cat;catherine;cathy;cayuga;cecily;celtics;cerul
ean;change;charity;charles;charming;charon;chat;chem;chemistry;chess;chester;chri
stina;christine;christy;cigar;cindy;class;classic;claudia;cluster;clusters;code;c
offee;coke;collins;commrades;computer;comrade;comrades;condo;condom;connect;conni
e;console;cookie;cooper;cornelius;couscous;create;creation;creosote;cretin;crimin
al;cristina;crystal;cshrc;cynthia;daemon;daisy;dana;dancer;daniel;danielle;danny;
dapper;data;dave;dawn;deb;debbie;deborah;december;default;defoe;deluge;denise;des
iree;desperate;develop;device;dial;diana;diane;diet;dieter;digital;disc;discovery
;disk;disney;dog;dos;drought;dulce;duncan;eager;earth;easier;easy;eatme;edges;edi
nburgh;edwin;edwina;egghead;eiderdown;eileen;einstein;elaine;elanor;elephant;eliz
abeth;ellen;email;emerald;emily;emmanuel;enemy;engine;engineer;enterprise;enzyme;
erenity;erica;erika;erin;ersatz;establish;estate;eternity;euclid;evelyn;extension
;fairway;felicia;fender;fermat;ferrari;fidelity;field;file;finite;fishers;flakes;
float;flower;flowers;foolproof;football;foresight;format;forsythe;fourier;fred;fr
iend;frighten;fun;function;fungible;gabriel;games;gardner;garfield;gatt;gauss;geo
rge;gertrude;gibson;gina;ginger;glacier;gnu;golf;golfer;gorgeous;gorges;gosling;g
ouge;graham;grahm;group;gryphon;gucci;guess;guest;guitar;gumption;guntis;hack;hac
ker;hal;hamlet;handily;happening;harmony;harold;harvey;hawaii;heather;hebrides;he
idi;heinlein;hello;help;herbert;hiawatha;hibernia;hidden;holly;homework;honey;hor
se;horus;hutchins;hydrogen;ibm;imbroglio;imperial;include;ingres;ingress;ingrid;i
nna;innocuous;internet;irene;irishman;isis;jackie;jane;janet;janice;janie;japan;j
asmin;jean;jeanne;jen;jenni;jennifer;jenny;jessica;jester;jill;jixian;joanne;jody
;johnny;joseph;joshua;joy;joyce;judith;judy;juggle;julia;julie;june;jupiter;karen
;karie;karina;kate;kathleen;kathrine;kathy;katina;katrina;kelly;keri;kermit;kerne
l;kerri;kerrie;kerry;key;kim;kimberly;kirkland;kitten;knight;krista;kristen;krist
i;kristie;kristin;kristine;kristy;ladle;lambda;lamination;lana;lara;larkin;larry;
laura;lazarus;leah;lebesgue;lee;leland;leroy;leslie;lewis;library;light;linda;lis
a;lisp;liz;lock;lockout;lois;lori;lorin;lorraine;louis;love;lucy;lynn;lynne;macin
tosh;mack;maggot;magic;mail;maint;malcolm;malcom;manager;mara;marci;marcy;maria;m
arietta;mark;markus;marni;mars;marty;marvin;mary;master;math;maurice;meagan;megan
;melissa;mellon;memory;mercury;merlin;mets;mgr;michael;michele;michelle;mickey;mi
ke;minimum;minsky;mit;modem;mogul;moguls;monica;moose;morley;mouse;mozart;mutant;
nagel;nancy;napoleon;nasa;nepenthe;neptune;ness;net;network;new;news;newton;next;
nicole;nita;nobody;noreen;noxious;nuclear;nutrition;nyquist;oceanography;ocelot;o
ffice;olivetti;olivia;open;operator;oracle;orca;orwell;osiris;outlaw;oxford;pacif
ic;pad;painless;pakistan;pam;pamela;paper;papers;pass;password;pat;patricia;patty
;paula;pencil;penelope;penguin;penis;peoria;percolate;persimmon;persona;pete;pete
r;philip;phoenix;phone;pierre;pizza;plane;playboy;plover;pluto;plymouth;polly;pol
ynomial;pondering;pork;porsche;poster;power;praise;precious;prelude;presto;prince
;princeton;priv;private;privs;professor;profile;program;protect;protozoa;pub;publ
ic;pumpkin;puneet;puppet;qwerty;rabbit;rachel;rachelle;rachmaninoff;rainbow;raind
rop;raleigh;random;rascal;reagan;really;rebecca;regional;remote;renee;rick;ripple
;risc;rje;robin;robot;robotics;robyn;rochelle;rochester;rodent;rolex;romano;ronal
d;root;rose;rosebud;rosemary;roses;ruben;rules;ruth;sal;samantha;sandra;sandy;sar
a;sarah;saturn;saxon;scamper;scheme;school;scott;scotty;secret;security;sensor;se
renity;service;sesame;---;shannon;sharc;shark;sharks;sharon;sheffield;sheldon;she
ll;sherri;shirley;shit;shiva;shivers;shuttle;signature;simon;simple;simpsons;sing
er;single;smile;smiles;smooch;smother;snatch;snoopy;soap;socrates;somebody;sondra
;sonia;sonya;sossina;sparrows;spit;spring;springer;squires;stacey;staci;stacie;st
acy;steph;stephanie;strangle;stratford;student;stuttgart;subway;success;summer;su
n;super;superstage;superuser;support;supported;surfer;susan;susanne;susie;suzanne
;suzie;swearer;sybil;symmetry;sys;sysadmin;system;tamara;tami;tamie;tammy;tangeri
ne;tape;tara;target;tarragon;taylor;tech;telephone;temptation;tennis;terminal;tes
t;thailand;theresa;tiffany;tiger;tina;toggle;tomato;topography;tortoise;toxic;toy
ota;traci;tracie;tracy;trails;transfer;trisha;trivial;trombone;tty;tubas;tuttle;u
mesh;unhappy;unicorn;unix;unknown;uranus;urchin;ursula;util;utility;uucp;valerie;
vasant;venus;veronica;vertigo;vicky;village;virgin;virginia;visitor;wargames;warr
en;water;weenie;wendi;wendy;whatever;whatnot;whiting;whitney;wholesale;will;willi
am;williamsburg;willie;wilma;winston;wisconsin;wizard;wombat;woodwind;word;work;w
ormwood;wyoming;xfer;xmodem;xyz;xyzzy;yaco;yang;yellowstone;yolanda;yosemite;zap;
zimmerman;zmodem;

e o CSS

.tiny
{
	FONT-SIZE: 9px;
	FONT-FAMILY: Arial, Helvetica, sans-serif
}
.heading
{
	FONT-WEIGHT: bold;
	FONT-SIZE: 12px;
	FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif
}
.norm
{
	FONT-SIZE: 10px;
	COLOR: #666666;
	FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif
}
BODY
{
	FONT-SIZE: 11px;
	FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif
}
.search
{
	FONT-SIZE: 8pt;
	FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif;
	TEXT-DECORATION: none
}
A:link
{
	COLOR: coral;
	TEXT-DECORATION: none
}
A:visited
{
	COLOR: coral
}
A:active
{
	COLOR: coral
}
.bigtopic
{
	FONT-WEIGHT: bold;
	FONT-SIZE: 18px;
	COLOR: #999999;
	FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif
}
.prom
{
	FONT-WEIGHT: bold;
	FONT-SIZE: 12px;
	COLOR: #3399ff;
	FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif
}
.findbutton
{
	BORDER-RIGHT: 1px solid;
	BORDER-TOP: 1px solid;
	BORDER-LEFT: 1px solid;
	CURSOR: help;
	BORDER-BOTTOM: 1px solid;
	FONT-FAMILY: Arial, Verdana;
	BACKGROUND-COLOR: #6699ff
}
.normbutton
{
	BORDER-RIGHT: 1px solid;
	BORDER-TOP: 1px solid;
	BORDER-LEFT: 1px solid;
	CURSOR: hand;
	BORDER-BOTTOM: 1px solid;
	BACKGROUND-COLOR: #99ccff
}
.forminputbox
{
	BORDER-RIGHT: #666666 1px solid;
	BORDER-TOP: #666666 1px solid;
	FONT-SIZE: 10pt;
	BORDER-LEFT: #666666 1px solid;
	CURSOR: text;
	BORDER-BOTTOM: #666666 1px solid;
	FONT-FAMILY: Arial, Verdana;
	BACKGROUND-COLOR: transparent
}
.redsuper
{
	VERTICAL-ALIGN: super;
	COLOR: red
}
.findinputbox
{
	BORDER-RIGHT: #6699ff 1px solid;
	BORDER-TOP: #6699ff 1px solid;
	FONT-SIZE: xx-small;
	MARGIN: 2px 3px;
	BORDER-LEFT: #6699ff 1px solid;
	WIDTH: 150px;
	CURSOR: text;
	BORDER-BOTTOM: #6699ff 1px solid;
	FONT-FAMILY: sans-serif;
	HEIGHT: 18px;
	BACKGROUND-COLOR: transparent
}
.formselect
{
	BORDER-RIGHT: medium none;
	BORDER-TOP: medium none;
	FONT-SIZE: 10pt;
	BORDER-LEFT: medium none;
	BORDER-BOTTOM: medium none;
	FONT-FAMILY: Arial, Verdana;
	BACKGROUND-COLOR: #dddddd
}
.findselect
{
	BACKGROUND-COLOR: #6699ff
}
.bold
{
	FONT-WEIGHT: bold;
	FONT-SIZE: 12px;
	COLOR: #000000;
	FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif;
	TEXT-DECORATION: none
}
.bigheading
{
	FONT-WEIGHT: bold;
	FONT-SIZE: 14px;
	COLOR: #336666;
	FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif
}
.navbutton
{
	BORDER-RIGHT: thin solid;
	BORDER-TOP: thin solid;
	BORDER-LEFT: thin solid;
	BORDER-BOTTOM: thin solid;
	BACKGROUND-COLOR: #dedede
}
.mediumhead
{
	FONT-WEIGHT: bold;
	FONT-SIZE: 10pt;
	COLOR: #ff9933;
	FONT-FAMILY: Verdana, Arial
}
.smallwhite {  font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 10px; color: #FFFFFF}

[Ted k' 126]

opa, mais explicado que isso...

Boa dica, bom script, vou testar ele, boa xan!!

[xanburzum 169]

e dá para implementar mais...