mirror of
https://github.com/pi-hole/pi-hole
synced 2024-11-20 15:18:32 +00:00
Compute double hashes to avoid rainbow table vulnerability
This commit is contained in:
parent
9193c71cff
commit
01bf1ae92d
@ -1,9 +1,8 @@
|
||||
#!/usr/bin/env bash
|
||||
# Pi-hole: A black hole for Internet advertisements
|
||||
# (c) 2015, 2016 by Jacob Salmela
|
||||
# Network-wide ad blocking via your Raspberry Pi
|
||||
# http://pi-hole.net
|
||||
# Whitelists and blacklists domains
|
||||
# Web interface settings
|
||||
#
|
||||
# Pi-hole is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
@ -44,8 +43,9 @@ SetWebPassword(){
|
||||
|
||||
# Remove password from file (create backup setupVars.conf.bak)
|
||||
sed -i.bak '/webpassword/d' /etc/pihole/setupVars.conf
|
||||
# Compute password hash
|
||||
# Compute password hash twice to avoid rainbow table vulnerability
|
||||
hash=$(echo -n ${args[2]} | sha256sum | sed 's/\s.*$//')
|
||||
hash=$(echo -n ${hash} | sha256sum | sed 's/\s.*$//')
|
||||
# Save hash to file
|
||||
echo "webpassword=${hash}" >> /etc/pihole/setupVars.conf
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user