#!/usr/bin/perl local ($buffer, @pairs, $pair, $name, $value, %FORM); # Read in text $ENV{'REQUEST_METHOD'} =~ tr/a-z/A-Z/; if ($ENV{'REQUEST_METHOD'} eq "POST") { read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'}); }else { $buffer = $ENV{'QUERY_STRING'}; } # Split information into name/value pairs @pairs = split(/&/, $buffer); foreach $pair (@pairs) { ($name, $value) = split(/=/, $pair); $value =~ tr/+/ /; $value =~ s/%(..)/pack("C", hex($1))/eg; $FORM{$name} = $value; } my $old_pass = $FORM{oldpass}; my $new_pass = $FORM{newpass1}; my $new_pass2 = $FORM{newpass2}; print "Content-type:text/html\r\n\r\n"; use CGI; use warnings; use strict; use Crypt::CBC; my $KEY = 'secrect_foo'; my $readfile ="pass.txt"; open (my $passfile, '<', $readfile) or die "could not open file"; my $readpass = do{ local $/; <$passfile> }; # print "Reading pass from file: $readpass\n"; close ($passfile); my $dec = decryptString($readpass); if($dec eq $old_pass) { print "

Password Matched

\n"; if($new_pass eq $new_pass2) { my $enc = encrypString($new_pass); print "encrypted binary: $enc\n"; my $storedpassfile = 'pass.txt'; open(my $fh, '>', $storedpassfile) or die "Could not open the pass file"; print $fh "$enc"; close $fh; print "New Password Updated\n"; } else { print "New pass & Confirm Pass is not same"; } } else{ print "Old Pass & Stored Pass mismatch\n"; } sub encrypString { my $string = shift; my $cipher = Crypt::CBC->new( -key => $KEY, -cipher => 'Blowfish', -padding => 'space', -add_header => 1 ); my $enc = $cipher->encrypt($string); return $enc; } sub decryptString { my $string = shift; my $cipher = Crypt::CBC->new( -key => $KEY, -cipher => 'Blowfish', -padding => 'space', -add_header => 1 ); my $dec = $cipher->decrypt($string); return $dec; }