Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

PLEASE EXPLAIN ANSWER Develop code (in programming of language(s) of your choice

ID: 3765107 • Letter: P

Question

PLEASE EXPLAIN ANSWER

Develop code (in programming of language(s) of your choice) to guess passwords using brute-force technique of dictionary attacks, as discussed in the class. The project assumes that a system to be attacked for password guessing has file that contains a table in which each entry is a 2-tuple and this file is readable by any user. Your code should provide the following functionalities:

-Read the plaintext password dictionary file, one line at time and compute its 160-bit SHA-1 hash value to and create another file (“PasswordHash.txt”) containing all the plain text dictionary passwords and their corresponding hash values.

-Create a GUI that has two dialog boxes. First dialog box should be used to provide a user name and the second dialog box some arbitrary 6-10 character long password.

-Using this GUI, create a file (“PasswordYellow.txt”) of 16 user names and the hash value of the password typed in the second dialog box.

-Having created these two files, now develop code for password guessing. This part will also have an associated GUI with one dialog box in which you will type in the password that is your guess that it belongs to some user. Next, compute the hash of the guessed password and search the file “PasswordYellow.txt” to find if this hash value exists in this file or not.

-The second GUI should also have a frame box. In this frame box, if the search was successful, display the user name associated with the guessed password. Otherwise display the message “ No user with the provided guessed password” and then try 4 additional guesses.

Explanation / Answer

Brute-force is an algorithm that iterates all possible passwords assuming a certain charset.

Let’s assume we forgot our router’s password, but we remember that it contains max. 5 characters without numbers (which by the way is a bad idea).

A brute-force algorithm would then start with the letter “a”, “b”, “c”, … “x”, “y”, “z”, …, “aa”, “ab”, “ac”, … “az”, … “ba”, … “bz”, …, “aaa”, …, “azz”, “baa”, … “aaaaa”, … “zzzzz”.

So, somewhere between the single character “a” and “zzzzz” the brute-force algorithm will finally find your password, because there is only a finite amount of possible password permutations based on a given alphabet and brute-force algorithms are designed to iterate every password’s permutation so it has to match eventually;

The overall number of permutations for a password with charset i and length n can be interpreted as polynomial function:

Example is

{a-z, A-Z, 0-9} (26 * 2 + 10 = 62 characters) and a password length of max. 5?

Answer – Polynomial function:
625 + 624 + 623 + 622 + 62 = 931.151.402 permutations

#include "stdio.h"

int letterCounter[8];

char validCharacters[] = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890!@#$%^&*()_+[]{}:;<>,./?'";

char bruteString[9]; // One more to null terminate.

bool evaluateString(char *testString)

{

                // Do something here, to test the zero terminated string testString, and if it is valid, return true.

                //printf("%s ", testString);

                return false;

}

int main()

{

                int nDigits = 1;

                int maxDigits = -1;

                int validResult = -1;

                int letterIndex = 0;

                while (!((maxDigits < 8) && (maxDigits > 0)) && (validResult != 1))

                {

                                printf(" How many characters to brute force ? ");

                                validResult = scanf_s("%d", &maxDigits);

                }

                for (int i = 0; i < maxDigits;i++)

                {

                                letterCounter[i] = -1;                     // Initialize them all to nill.

                                bruteString[i+1] = 0;                       // Null terminate the string.

                }

                letterCounter[0] = 0;                                      // But we will initialize the first counter to 0.

                int wordLength = 0;

                while (true)

                {

                                // First thing we do, is update the text string with the character that changed.

                                bruteString[letterIndex] = validCharacters[letterCounter[letterIndex]];

                                if (evaluateString(&bruteString[0]) == true)

                                {

                                                printf("%d character String "%s" has been found ", wordLength+1, &bruteString[0]);

                                                return 0;

                                }

                               

                                // We always start incrementing the first character.

                                letterIndex = 0;

                                // And if it overflows, then we start walking up the letterCounter stack.

                                while (++letterCounter[letterIndex] == sizeof(validCharacters)-1)

                                {

                                                letterCounter[letterIndex] = 0;

                                               

                                                // Update the text string, at the stack position.

                                                bruteString[letterIndex] = validCharacters[0];

                                                // Let's check the next position on the stack.

                                                letterIndex++;

                                                // If we are starting a new wordlength. We need to update that counter.

                                                if (letterIndex > wordLength)

                                                {

                                                                wordLength++;

                                                                // If we have searched all characters, for all wordlengths, we are done.

                                                                if (wordLength >= maxDigits)

                                                                {

                                                                                printf("No valid password found. ");

                                                                                return -1;

                                                                }

                                                }

                                }

                }

}

Related Questions

PLEASE DONT ANSWER THE ONES WITH THE GREEN CHECK! Start with the one above E and
Question #3234442
PLEASE DONT ANSWER THE ONES WITH THE GREEN CHECK! Start with the one above E and
Question #3249156
PLEASE DONT ANSWER UNLESS YOU ANSWER ALL 3 PARTS..... Homework: HW 2 Score: 0 of
Question #3062150
PLEASE DONT ANSWER UNLESS YOU ANSWER ALL 3 PARTS..... THANKS IN ADVANCE Homework
Question #3062151
PLEASE DONT ANSWER UNLESS YOU ANSWER ALL PARTS..... THANKS IN ADVANCE Homework:
Question #3062156
PLEASE DONT COMPLICATE THIS PROGRAM. USE FILE OPERATIONS C++ ONLY. * Programming
Question #3859679
PLEASE DONT COPY FROM INTERNET PLAGIRISM IS PROHIBITED Questions for Discussion
Question #349126
PLEASE DONT COPY PASTE WRONG ANSWERS! #Lab 2: Finding the minimum of a set of el
Question #3850026
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
PLEASE EXPLAIN ANSWER ( Please state what language this is written in, would pre
Next
PLEASE EXPLAIN ANSWER The figure shows two metal disks of the same size and mate

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.