diff options
author | Matt Strapp <matt@mattstrapp.net> | 2021-12-11 17:43:10 -0600 |
---|---|---|
committer | Matt Strapp <matt@mattstrapp.net> | 2021-12-11 17:43:10 -0600 |
commit | a46fe163786bce3ff6213300e8f61b21d79c94dc (patch) | |
tree | 1e6c62248ee95046e17d17499b54e821aa4914e8 /csci5271/ho2/crack2.py | |
parent | do more of ho2 (diff) | |
download | homework-a46fe163786bce3ff6213300e8f61b21d79c94dc.tar homework-a46fe163786bce3ff6213300e8f61b21d79c94dc.tar.gz homework-a46fe163786bce3ff6213300e8f61b21d79c94dc.tar.bz2 homework-a46fe163786bce3ff6213300e8f61b21d79c94dc.tar.lz homework-a46fe163786bce3ff6213300e8f61b21d79c94dc.tar.xz homework-a46fe163786bce3ff6213300e8f61b21d79c94dc.tar.zst homework-a46fe163786bce3ff6213300e8f61b21d79c94dc.zip |
actually commit changes
Signed-off-by: Matt Strapp <matt@mattstrapp.net>
Diffstat (limited to '')
-rw-r--r-- | csci5271/ho2/crack2.py | 31 |
1 files changed, 17 insertions, 14 deletions
diff --git a/csci5271/ho2/crack2.py b/csci5271/ho2/crack2.py index 5322917..b24f90e 100644 --- a/csci5271/ho2/crack2.py +++ b/csci5271/ho2/crack2.py @@ -1,20 +1,23 @@ # HTTP Digest Authentication cracker import hashlib -username = "Mufasa" -realm = "testrealm@host.com" -password="Circle Of Life" -nonce = "dcd98b7102dd2f0e8b11d0f600bfb0c093" -uri = "/dir/index.html" +username = "travis14" +realm = "Cheese" +nonce = "/DPYEFbSBQA=c06893026441a70acf049b49540e97acd2bdd640" +uri = "/secret/cheese" qop = "auth" -nc = 1 -cnonce = "0a4f113b" -response = "6629fae49393a05397450978507c4ef1" -opaque = "5ccc069c403ebaf9f0171e9517f40e41" +nc = "00000001" +cnonce = "ZjdlNTk0ZGZmMDQwZTU3OTM2MTIxOGEyNzljNDJlYzc=" +response = "872aafc461761e417d2df47b85e43d2b" # Calculate the response -ha1 = hashlib.md5((username + ":" + realm + ":" + password).encode('utf-8')).hexdigest() -ha2 = hashlib.md5(("GET" + ":" + uri).encode('utf-8')).hexdigest() -response = hashlib.md5((ha1 + ":" + nonce + ":" + nc + ":" + cnonce + ":" + qop + ":" + ha2).encode('utf-8')).hexdigest() - -print("Response: " + response)
\ No newline at end of file +with open("10k-most-common.txt") as f: + for line in f: + line = line.strip('\n').strip() + ha1 = hashlib.md5((username + ":" + realm + ":" + line).encode('utf-8')).hexdigest() + ha2 = hashlib.md5(("HEAD" + ":" + uri).encode('utf-8')).hexdigest() + response = hashlib.md5((ha1 + ":" + nonce + ":" + nc + ":" + cnonce + ":" + qop + ":" + ha2).encode('utf-8')).hexdigest() + # print(line + ":" + response) + if (response == "872aafc461761e417d2df47b85e43d2b"): + print("Password: " + line) + break |