The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

wwwacct hack - auto generate password

Discussion in 'General Discussion' started by Lem0nHead, Mar 5, 2004.

  1. Lem0nHead

    Lem0nHead Well-Known Member

    Joined:
    Sep 2, 2003
    Messages:
    69
    Likes Received:
    0
    Trophy Points:
    6
    Hello

    I just changed wwwacct so it generates random hard-to-guess passwords automatically when you try to create an account without supplying a password.

    As I could see, cPanel already had this option (or something similar to that, but I didn't get how to use it, nor found in documentation).

    So, just below $pass = $ARGV[2];
    you have

    if ($pass =~ /^fd:/) {

    between these lines, add:


    my($lem0n_length) = 8;

    this is the length of the password
    if you want a random length, you can use, for example:
    my($lem0n_length) = 8 + int(rand(7));

    this will generate a random length from 8 to 14 (because rand(7) generate a number from 0 to 6)

    in the end of $lem0n_possible lines you see "x [number]"

    this [number] is the relative probability of, in order, lowercase, uppercase and numbers happening on the password
    in this case the [numbers] are 2, 2 and 1. So the probability is that the password has, for each 5 characteres: 2 lowercase, 2 uppercase letters and 1 number
    of course that's just a probability, so you can have, for example, a password just with lowercases

    well... i think that's all

    if someone knows another way of creating random passwords easily, please let me know

    -- Luis Fernando Estrozi
     
  2. nickn

    nickn Well-Known Member
    PartnerNOC

    Joined:
    Jun 15, 2003
    Messages:
    619
    Likes Received:
    1
    Trophy Points:
    18
    A checkbox when creating accounts to choose a random password would be a great addition :)
     
  3. Lem0nHead

    Lem0nHead Well-Known Member

    Joined:
    Sep 2, 2003
    Messages:
    69
    Likes Received:
    0
    Trophy Points:
    6
    yes

    the problem that i just found is that wwwacct is overwritten on cpanel updates...
     
  4. PWSowner

    PWSowner Well-Known Member

    Joined:
    Nov 10, 2001
    Messages:
    2,948
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    ON, Canada
    You need to either write protect it, or even better, use my watchwwwacct script. It'll be at http://www.premierwebsitesolutions.com/scripts/ in the very near future.

    What it does is compare the wwwacct file to a copy of your edited version and if it has changed, it then compares the new one to a copy of the original one. In most cases the change just put it back to it's original and in that case my script automatically changes it back to your edited version. If the cpanel update mad changes to the original version, my script will email you to tell you it's no longer your custom one and where it has changed from the original to help you change it back.
     
Loading...

Share This Page