|
| 1 | +{ |
| 2 | + "cells": [ |
| 3 | + { |
| 4 | + "cell_type": "markdown", |
| 5 | + "metadata": {}, |
| 6 | + "source": [ |
| 7 | + "# Password Hacker\n", |
| 8 | + "\n", |
| 9 | + "You are going to create a program that trys to hack users passwords given a list of the top 500 (450 with the explicit ones taken out) most common passwords (available in passwords.txt). You will also add in some common trick that people use to make their password 'more secure' like adding numbers or special characters to the end of a word. This will be an eye opener to how easily passwords can be hacked.\n", |
| 10 | + "\n", |
| 11 | + "To do this you will have a list of usernames for the site you want to hack `user_list` imported from the password_check module that I wrote. You will also have access to a function `check_user_pass` that takes as parameters `username` and `password` and will return True if `password` is `username`'s password and False if it is not a match. (Imagine it is like you checking by logging into a website)\n", |
| 12 | + "\n", |
| 13 | + " #example\n", |
| 14 | + " check_user_pass('Olivia', '123456') # -> True\n", |
| 15 | + " check_user_pass('Olivia', '13579') # -> False\n", |
| 16 | + "\n", |
| 17 | + "Fill in the functions starting with `getallpasswords`, and run the code. See if you can hack all seven user's passwords.\n", |
| 18 | + "\n", |
| 19 | + "Since this is a project, the training wheels are off. Instead of telling you how to do something I'm only going to tell you what to do, and you can figure out the rest. I encourage you to look back over old lessons and to take your time, this should take much longer than other end of lesson projects." |
| 20 | + ] |
| 21 | + }, |
| 22 | + { |
| 23 | + "cell_type": "code", |
| 24 | + "execution_count": null, |
| 25 | + "metadata": { |
| 26 | + "collapsed": true |
| 27 | + }, |
| 28 | + "outputs": [], |
| 29 | + "source": [ |
| 30 | + "# Run this first no matter what!\n", |
| 31 | + "from password_check import check_user_pass, user_list" |
| 32 | + ] |
| 33 | + }, |
| 34 | + { |
| 35 | + "cell_type": "code", |
| 36 | + "execution_count": null, |
| 37 | + "metadata": { |
| 38 | + "collapsed": true |
| 39 | + }, |
| 40 | + "outputs": [], |
| 41 | + "source": [ |
| 42 | + "def getallpasswords():\n", |
| 43 | + " '''\n", |
| 44 | + " Opens file with list of all passwords and populates a list\n", |
| 45 | + " with all of the passwords. (Don't forget to strip off the newline character)\n", |
| 46 | + " \n", |
| 47 | + " Returns: the list of passwords\n", |
| 48 | + " \n", |
| 49 | + " '''\n", |
| 50 | + " pass" |
| 51 | + ] |
| 52 | + }, |
| 53 | + { |
| 54 | + "cell_type": "code", |
| 55 | + "execution_count": null, |
| 56 | + "metadata": { |
| 57 | + "collapsed": true |
| 58 | + }, |
| 59 | + "outputs": [], |
| 60 | + "source": [ |
| 61 | + "def check_basic_passwords(user):\n", |
| 62 | + " '''\n", |
| 63 | + " Uses the check_user_pass function to check if a\n", |
| 64 | + " user has a password that exactly matches one from the list\n", |
| 65 | + " Returns: The password if there is a match, False if not\n", |
| 66 | + " '''\n", |
| 67 | + " pass" |
| 68 | + ] |
| 69 | + }, |
| 70 | + { |
| 71 | + "cell_type": "code", |
| 72 | + "execution_count": null, |
| 73 | + "metadata": { |
| 74 | + "collapsed": false |
| 75 | + }, |
| 76 | + "outputs": [], |
| 77 | + "source": [ |
| 78 | + "def check_passwords_plus_number(user):\n", |
| 79 | + " '''\n", |
| 80 | + " Uses the check_user_pass function to check if a\n", |
| 81 | + " user has a password that matches one from the list with a number from 0-9\n", |
| 82 | + " either at the begining or the end of the password ex. 1password or password6\n", |
| 83 | + " Returns: The password if there is a match, False if not\n", |
| 84 | + " '''\n", |
| 85 | + " pass" |
| 86 | + ] |
| 87 | + }, |
| 88 | + { |
| 89 | + "cell_type": "code", |
| 90 | + "execution_count": null, |
| 91 | + "metadata": { |
| 92 | + "collapsed": true |
| 93 | + }, |
| 94 | + "outputs": [], |
| 95 | + "source": [ |
| 96 | + "def check_passwords_plus_special_char(user):\n", |
| 97 | + " '''\n", |
| 98 | + " Uses the check_user_pass function to check if a\n", |
| 99 | + " user has a password that matches one from the list with a special character \n", |
| 100 | + " in the following set: . ! @ # $ % ^ & *\n", |
| 101 | + " either at the begining or the end of the password ex. #password or password^\n", |
| 102 | + " Returns: The password if there is a match, False if not\n", |
| 103 | + " '''\n", |
| 104 | + " pass" |
| 105 | + ] |
| 106 | + }, |
| 107 | + { |
| 108 | + "cell_type": "code", |
| 109 | + "execution_count": null, |
| 110 | + "metadata": { |
| 111 | + "collapsed": false |
| 112 | + }, |
| 113 | + "outputs": [], |
| 114 | + "source": [ |
| 115 | + "def check_passwords_plus_num_and_special_char(user):\n", |
| 116 | + " '''\n", |
| 117 | + " Uses the check_user_pass function to check if a\n", |
| 118 | + " user has a password that matches one from the list with a special character \n", |
| 119 | + " in the following set: . ! @ # $ % ^ & * and a number from 0-9\n", |
| 120 | + " either at the begining or the end of the password in either order (6 possible permutations)\n", |
| 121 | + " ex. #1password or 5password^ \n", |
| 122 | + " Returns: The password if there is a match, False if not\n", |
| 123 | + " '''\n", |
| 124 | + " pass" |
| 125 | + ] |
| 126 | + }, |
| 127 | + { |
| 128 | + "cell_type": "code", |
| 129 | + "execution_count": null, |
| 130 | + "metadata": { |
| 131 | + "collapsed": false |
| 132 | + }, |
| 133 | + "outputs": [], |
| 134 | + "source": [ |
| 135 | + "def common_replacements(user):\n", |
| 136 | + " '''\n", |
| 137 | + " Uses the check_user_pass function to check if a\n", |
| 138 | + " user has a password that matches one from the list with all of one of the vowels \n", |
| 139 | + " replaced by a number with the following mapping a->4, e->3, i->1, o->0\n", |
| 140 | + " ex. d0ct0r\n", |
| 141 | + " Returns: The password if there is a match, False if not\n", |
| 142 | + " '''\n", |
| 143 | + " pass\n", |
| 144 | + " " |
| 145 | + ] |
| 146 | + }, |
| 147 | + { |
| 148 | + "cell_type": "code", |
| 149 | + "execution_count": null, |
| 150 | + "metadata": { |
| 151 | + "collapsed": false |
| 152 | + }, |
| 153 | + "outputs": [], |
| 154 | + "source": [ |
| 155 | + "# Get a list of all passwords from the password file\n", |
| 156 | + "passwords = getallpasswords()\n", |
| 157 | + "# Loop through all users in website\n", |
| 158 | + "for u in user_list:\n", |
| 159 | + " # Check if any passwords match (this uses short circuiting, so as soon as one function returns a password, )\n", |
| 160 | + " password = check_basic_passwords(u) or check_passwords_plus_number(u) or \\\n", |
| 161 | + " check_passwords_plus_special_char(u) or check_passwords_plus_num_and_special_char(u) or \\\n", |
| 162 | + " common_replacements(u)\n", |
| 163 | + " if password:\n", |
| 164 | + " print u, password\n", |
| 165 | + " else:\n", |
| 166 | + " print \"Oops\"\n" |
| 167 | + ] |
| 168 | + }, |
| 169 | + { |
| 170 | + "cell_type": "markdown", |
| 171 | + "metadata": { |
| 172 | + "collapsed": true |
| 173 | + }, |
| 174 | + "source": [] |
| 175 | + } |
| 176 | + ], |
| 177 | + "metadata": { |
| 178 | + "kernelspec": { |
| 179 | + "display_name": "Python 2", |
| 180 | + "language": "python", |
| 181 | + "name": "python2" |
| 182 | + }, |
| 183 | + "language_info": { |
| 184 | + "codemirror_mode": { |
| 185 | + "name": "ipython", |
| 186 | + "version": 2 |
| 187 | + }, |
| 188 | + "file_extension": ".py", |
| 189 | + "mimetype": "text/x-python", |
| 190 | + "name": "python", |
| 191 | + "nbconvert_exporter": "python", |
| 192 | + "pygments_lexer": "ipython2", |
| 193 | + "version": "2.7.10" |
| 194 | + } |
| 195 | + }, |
| 196 | + "nbformat": 4, |
| 197 | + "nbformat_minor": 0 |
| 198 | +} |
0 commit comments