Graduate

Signed-off-by: Matt Strapp <matt@mattstrapp.net>

1 files changed, 23 insertions, 0 deletions

diff --git a/csci5271/ho2/crack2.py b/csci5271/ho2/crack2.py
new file mode 100644
index 0000000..b24f90e
--- /dev/null
+++ b/csci5271/ho2/crack2.py
@@ -0,0 +1,23 @@
+# HTTP Digest Authentication cracker
+import hashlib
+
+username = "travis14"
+realm = "Cheese"
+nonce = "/DPYEFbSBQA=c06893026441a70acf049b49540e97acd2bdd640"
+uri = "/secret/cheese"
+qop = "auth"
+nc = "00000001"
+cnonce = "ZjdlNTk0ZGZmMDQwZTU3OTM2MTIxOGEyNzljNDJlYzc="
+response = "872aafc461761e417d2df47b85e43d2b"
+
+# Calculate the response
+with open("10k-most-common.txt") as f:
+    for line in f:
+        line = line.strip('\n').strip()
+        ha1 = hashlib.md5((username + ":" + realm + ":" + line).encode('utf-8')).hexdigest()
+        ha2 = hashlib.md5(("HEAD" + ":" + uri).encode('utf-8')).hexdigest()
+        response = hashlib.md5((ha1 + ":" + nonce + ":" + nc + ":" + cnonce + ":" + qop + ":" + ha2).encode('utf-8')).hexdigest()
+        # print(line + ":" + response)
+        if (response == "872aafc461761e417d2df47b85e43d2b"):
+            print("Password: " + line)
+            break