diff options
Diffstat (limited to 'csci5271/ho2')
| -rw-r--r-- | csci5271/ho2/crack2.py | 31 | ||||
| -rw-r--r-- | csci5271/ho2/crack6.py | 6 | ||||
| -rw-r--r-- | csci5271/ho2/password.txt | 3 |
3 files changed, 23 insertions, 17 deletions
diff --git a/csci5271/ho2/crack2.py b/csci5271/ho2/crack2.py index 5322917..b24f90e 100644 --- a/csci5271/ho2/crack2.py +++ b/csci5271/ho2/crack2.py @@ -1,20 +1,23 @@ # HTTP Digest Authentication cracker import hashlib -username = "Mufasa" -realm = "testrealm@host.com" -password="Circle Of Life" -nonce = "dcd98b7102dd2f0e8b11d0f600bfb0c093" -uri = "/dir/index.html" +username = "travis14" +realm = "Cheese" +nonce = "/DPYEFbSBQA=c06893026441a70acf049b49540e97acd2bdd640" +uri = "/secret/cheese" qop = "auth" -nc = 1 -cnonce = "0a4f113b" -response = "6629fae49393a05397450978507c4ef1" -opaque = "5ccc069c403ebaf9f0171e9517f40e41" +nc = "00000001" +cnonce = "ZjdlNTk0ZGZmMDQwZTU3OTM2MTIxOGEyNzljNDJlYzc=" +response = "872aafc461761e417d2df47b85e43d2b" # Calculate the response -ha1 = hashlib.md5((username + ":" + realm + ":" + password).encode('utf-8')).hexdigest() -ha2 = hashlib.md5(("GET" + ":" + uri).encode('utf-8')).hexdigest() -response = hashlib.md5((ha1 + ":" + nonce + ":" + nc + ":" + cnonce + ":" + qop + ":" + ha2).encode('utf-8')).hexdigest() - -print("Response: " + response)
\ No newline at end of file +with open("10k-most-common.txt") as f: + for line in f: + line = line.strip('\n').strip() + ha1 = hashlib.md5((username + ":" + realm + ":" + line).encode('utf-8')).hexdigest() + ha2 = hashlib.md5(("HEAD" + ":" + uri).encode('utf-8')).hexdigest() + response = hashlib.md5((ha1 + ":" + nonce + ":" + nc + ":" + cnonce + ":" + qop + ":" + ha2).encode('utf-8')).hexdigest() + # print(line + ":" + response) + if (response == "872aafc461761e417d2df47b85e43d2b"): + print("Password: " + line) + break diff --git a/csci5271/ho2/crack6.py b/csci5271/ho2/crack6.py new file mode 100644 index 0000000..60b5a3b --- /dev/null +++ b/csci5271/ho2/crack6.py @@ -0,0 +1,6 @@ +# SHA! Key guesser +import hashlib + +name = "admin" +response = "a1a9f3ebd29ff76d45a609d98e0ec31e83dfbd4d" + diff --git a/csci5271/ho2/password.txt b/csci5271/ho2/password.txt deleted file mode 100644 index 9e265a5..0000000 --- a/csci5271/ho2/password.txt +++ /dev/null @@ -1,3 +0,0 @@ -a -Circle Of Life -b
\ No newline at end of file |