Tornado Hash Competition

1. import tornado.ioloop
2. import tornado.web
3. import hashlib
4. import httplib, urllib
5. import base64
6.  
7. sha1all = set([])
8. sha1cracked = set([])
9. sha1uncracked = set([])
10. sha1pot = dict()
11. userscore = dict()
12.  
13. inf = open("sha1.hash")
14. line = inf.readline()
15. while line != "":
16.     line = line.strip().lower()
17.     sha1uncracked.add(line)
18.     sha1all.add(line)
19.     line = inf.readline()
20. inf.close()
21. inf = open("users.txt")
22. line = inf.readline()
23. while line != "":
24.     data = line.split(" ")
25.     userscore[data[0]] = data[1]
26.     line = inf.readline()
27. inf.close()
28. inf = open("sha1.pot")
29. line = inf.readline()
30. while line != "":
31.     try:
32.         h = line[:line.find(":")].strip().lower()
33.         sha1pot[h] = line[line.find(":") + 1:].strip("\r\n")
34.         sha1uncracked.remove(h)
35.         sha1cracked.add(h)
36.     except:
37.         h = ""
38.     line = inf.readline()
39. inf.close()
40. print "Finished loading"
41.  
42. class HashCompetition(tornado.web.RequestHandler):
43.     def get(self, input):
44.         global sha1all, sha1cracked, sha1uncracked, userscore
45.         if input == "cracked":
46.             inf = open("sha1.pot")
47.             line = inf.readline()
48.             while line != "":
49.                 self.write(line)
50.                 line = inf.readline()
51.             inf.close()
52.         elif input == "notcracked":
53.             for h in sha1uncracked:
54.                 self.write(h + "\n")
55.         else:
56.             self.write("<html><head><title>@bwallHatesTwits Hash Cracking Competition Platform</title></head>")
57.             self.write("<body><h2>Submit Hashes</h2><form action='/sha1/query' method='post'><textarea name='hashes'></textarea><br/><input type='submit' value='Submit Hashes'/></form></body></html>")
58.  
59.     def decode_argument(self, value, name = None):
60.         return str(value)
61.  
62.     def post(self, input):
63.         global sha1all, sha1cracked, sha1uncracked, sha1pot, userscore
64.         if input == "submit":
65.             passwords = self.get_argument("pass").split("\n")
66.             user = self.get_argument("user")
67.             submitted = set([])
68.             added = dict()
69.             for password in passwords:
70.                 m = hashlib.sha1()
71.                 m.update(password.strip("\n"))
72.                 h = m.hexdigest().lower()
73.                 submitted.add(h)
74.                 added[h] = password.strip("\n")
75.             correct = sha1uncracked & submitted
76.             inf = open("sha1.pot", "a")
77.             for key in correct:
78.                 sha1pot[key] = added[key]
79.                 print>>inf, key + ":" + added[key]
80.             inf.close()
81.             self.write(str(len(correct)) + " correct answers")
82.             sha1uncracked = sha1uncracked - correct
83.             sha1cracked = sha1cracked | correct
84.         if input == "query":
85.             hashes = self.get_argument("hashes").split("\n")
86.             submitted = set([])
87.             found = set([])
88.             for h in hashes:
89.                 h = h.lower().strip()
90.                 if len(h) != 40:
91.                     self.write(h + " is not the right size")
92.                     continue
93.                 if h in sha1pot:
94.                     self.write(sha1pot[h] + "\n")
95.                     continue
96.                 submitted.add(h)
97.             newhashes = submitted - sha1uncracked
98.             sha1all = sha1all | newhashes
99.             sha1uncracked = sha1uncracked | newhashes
100.             inf = open("sha1.hash", "a")
101.             for h in newhashes:
102.                 print>>inf, h
103.             inf.close()
104.  
105. application = tornado.web.Application([(r"/sha1/(\w*)", HashCompetition),])
106.  
107. if __name__ == "__main__":
108.     application.listen(8888)
109.     tornado.ioloop.IOLoop.instance().start()