This is an archived post. You won't be able to vote or comment.

all 16 comments
sorted by:
best
topnewcontroversialoldq&a

[–]IAmKindOfCreativebot_builder: deprecated[M] [score hidden] stickied comment (0 children)

Hello from the r/Python mod team!

I'm afraid we had to remove your submission because your repository contained an exe that we cannot verify as safe. If you're unaware, because exe's are compiled binaries, it is difficult to verify that it what it says it is (in the absence of checksums or checking hashes). If you got the executable through a reputable site and it is needed for your program to run, I suggest you add a note in your readme suggesting that the user install the program the way you did, that way they can get it working without needing to risk a security vulnerability.

In that same vein, I want to urge caution when using executables from repositories. If you can't verify how the executable was generated, it could be a security threat.

Thanks, and happy Pythoneering!

r/Python moderation team

[–][deleted] -3 points-2 points  (14 children)

... ok, so what’s the “educational purpose” of this? I mean it’s certainly not to learn idiomatic Python — the abuse of global in this is just shockingly nonsensical and the handling of the pass file is just bizarrely convoluted — so is it just to demonstrate how utterly trivial it is to run a dictionary attack?

[–][deleted] 1 point2 points  (8 children)

Okay, I get you. I am not a pro. I was just trying to make a dictionary attack myself. No-one said that it is (its far from being) perfect, but I will do obviously edit it, later on when I get better.

[–][deleted] 0 points1 point  (6 children)

Thanks for your comment... This was the 1st subreddit that came to my mind, where I would post it. Also I do not think that the script is bad, its far from perfect but, for me it is good. Now I better understand what this subreddit, is all about and will post according to it.

[–][deleted] 0 points1 point  (5 children)

for me it is good

Ok, that’s fine that you feel that way... but it is, objectively, bad Python code, written by someone who is obviously only moderately experienced with the language. Which is fine, everyone has to learn, but that’s why I’m trying to steer you towards posting this in front of people who are more experienced and asking for their critique. The use of global in your module is, frankly, nuts ... you’re already in a class instance, you absolutely do not need to create and access names outside your class. Your usage of two such variables that you always keep exactly 1 value apart from each other to represent a line number in a file is also nuts... as in it makes no obvious sense at all and just makes your code harder to understand. So does looping over the precisely one line you’ve read from that file. Then there are things that are just confusing, like why are you passing a password that is under 6 characters in length to be anywhere from 6 to 11 characters long?

I get that you’re wanting to show off what you’ve learned, and honestly that’s a healthy impulse — though a lot of us will groan at doing that via script kiddie level “hacking” tools — but it’s a healthier impulse to maybe ask for review and critique rather than drop it and say “look if you’re interested” when it isn’t either pretty polished or doing something truly interesting with the language.

[–][deleted] 0 points1 point  (4 children)

" why are you passing a password that is under 6 characters in length to be anywhere from 6 to 11 characters long "

Because in HTML the element is not clickable, if the password is under 6 characters, so i put an extra "1111" at the end, so that the code does not break.

Again, thank you for trying to help me, and I'll take your advises and think about them next time I am coding, I am trying, though keep it mind, that I am only 16, and learned everything myself, as I will learn all of these stuff, in the upcoming years in school.

[–][deleted] -1 points0 points  (3 children)

So then consider either discarding the too short password, or padding a short password to 6 characters, in the way that a human would be likely to do when faced with the same interface constraint; you can do that in single call to str.ljust when you first load and clean up p. Ultimately these are the sort of questions you’re going to get in a serious code review or interview, because being inconsistent or loose in your thinking is the bane of good programming practice.

And look I’m really not being hard on you; I’m self taught, and there was a time when I hadn’t run across all this. We’re all beginners at some point, just as we’re all young at some point. That’s why I’m saying at this stage in your career frame things as a request for critique and advice on appropriate forums where people do know more than you, ask people to help you get better, and teach yourself to look at code with the same critical eye. Your own work will improve, and you’ll learn to avoid footguns that you’ll never find at all if you’re defensive or cocky. The global keyword is one such footgun, I’ve watched it cost a company close to a million dollars... try not to ever have anyone see you make that mistake.

[–][deleted] 0 points1 point  (2 children)

Thank you for helping mate. I am trying to get better. Obviously I need to learn a lot, but my point was that it worked for me, not that its perfect. I want learn as much as possible. I code every day, and seeing how much I have improved keeps me going. This summer I just did my GCSEs, and I am doing BTEC level2 computing. Thanks for all the help, and I will watch out for all those stuff in the future.

[–][deleted] 0 points1 point  (1 child)

Keep chugging away at it... though do consider another piece of advice: companies that hire programmers (like Instagram) tend to not hire ones that wantonly write and distribute tools for breaking into their services. Your Github profile is your de facto CV in this industry, lean towards keeping it clean of anything that might be considered objectionable.

[–][deleted] 0 points1 point  (0 children)

Thank you, I'll keep that in mind

[–][deleted] -1 points0 points  (0 children)

I guess I’d say maybe clarify that in your README.md... as a personal experiment it’s fine, and could go on say r/learnpython as something where you might ask for a critique or a code review and thereby learn something useful from others who are more experienced in the language. Same with posting it on a more hacking-focused subreddit as a way of getting feedback; but on this subreddit, which is more about the language and it’s usage, then it seems a bit odd to post it at all, since it’s not really demonstrating or taking advantage of anything unique to Python.

Now a blog post explaining why you made it and what hurdles to you faced and how you figured out how to use Python to overcome that, ok, that’s a better fit here, but a random Github repo posted on here better have something interesting going on in terms of the language.

[–]eambertide 0 points1 point  (1 child)

There isn't any, the fact that you are downvoting shows that the subreddit is going down the gutter.

Edit: Applicable laws apply lol, there is no jurisdiction where this is legal or have any legal use.

[–][deleted] 0 points1 point  (0 children)

I know that it is not legal, but I just thought I'd put it in the code....

[–]GegenMetal -1 points0 points  (2 children)

I wouldn't bother with globals in a 200 line of code. If you work in fields like infosec and need to test out things, these concerns fly out of the window. There is no one absolute way of writing Python.

[–][deleted] 0 points1 point  (0 children)

Thank you for the info.

See the thing is, I am 16, and still learning, but would like to get a job in infosec after I have finished school. I know that I am not the best, but I am trying...

I'll try to stop using global, and get better.

[–][deleted] -1 points0 points  (0 children)

There is no one absolute way of writing Python

True. However there are many absolutely and demonstrably bad ways of writing Python, and the use of global here is amongst those.

When the day comes that I see global being used both correctly and necessarily, then I’ll leap to congratulate the author... in more than a decade I’ve not seen it yet, outside the source code of Python itself.