aboutsummaryrefslogtreecommitdiffstats
path: root/csci5271/ho2
diff options
context:
space:
mode:
Diffstat (limited to 'csci5271/ho2')
-rw-r--r--csci5271/ho2/crack2.py31
-rw-r--r--csci5271/ho2/crack6.py6
-rw-r--r--csci5271/ho2/password.txt3
3 files changed, 23 insertions, 17 deletions
diff --git a/csci5271/ho2/crack2.py b/csci5271/ho2/crack2.py
index 5322917..b24f90e 100644
--- a/csci5271/ho2/crack2.py
+++ b/csci5271/ho2/crack2.py
@@ -1,20 +1,23 @@
# HTTP Digest Authentication cracker
import hashlib
-username = "Mufasa"
-realm = "testrealm@host.com"
-password="Circle Of Life"
-nonce = "dcd98b7102dd2f0e8b11d0f600bfb0c093"
-uri = "/dir/index.html"
+username = "travis14"
+realm = "Cheese"
+nonce = "/DPYEFbSBQA=c06893026441a70acf049b49540e97acd2bdd640"
+uri = "/secret/cheese"
qop = "auth"
-nc = 1
-cnonce = "0a4f113b"
-response = "6629fae49393a05397450978507c4ef1"
-opaque = "5ccc069c403ebaf9f0171e9517f40e41"
+nc = "00000001"
+cnonce = "ZjdlNTk0ZGZmMDQwZTU3OTM2MTIxOGEyNzljNDJlYzc="
+response = "872aafc461761e417d2df47b85e43d2b"
# Calculate the response
-ha1 = hashlib.md5((username + ":" + realm + ":" + password).encode('utf-8')).hexdigest()
-ha2 = hashlib.md5(("GET" + ":" + uri).encode('utf-8')).hexdigest()
-response = hashlib.md5((ha1 + ":" + nonce + ":" + nc + ":" + cnonce + ":" + qop + ":" + ha2).encode('utf-8')).hexdigest()
-
-print("Response: " + response) \ No newline at end of file
+with open("10k-most-common.txt") as f:
+ for line in f:
+ line = line.strip('\n').strip()
+ ha1 = hashlib.md5((username + ":" + realm + ":" + line).encode('utf-8')).hexdigest()
+ ha2 = hashlib.md5(("HEAD" + ":" + uri).encode('utf-8')).hexdigest()
+ response = hashlib.md5((ha1 + ":" + nonce + ":" + nc + ":" + cnonce + ":" + qop + ":" + ha2).encode('utf-8')).hexdigest()
+ # print(line + ":" + response)
+ if (response == "872aafc461761e417d2df47b85e43d2b"):
+ print("Password: " + line)
+ break
diff --git a/csci5271/ho2/crack6.py b/csci5271/ho2/crack6.py
new file mode 100644
index 0000000..60b5a3b
--- /dev/null
+++ b/csci5271/ho2/crack6.py
@@ -0,0 +1,6 @@
+# SHA! Key guesser
+import hashlib
+
+name = "admin"
+response = "a1a9f3ebd29ff76d45a609d98e0ec31e83dfbd4d"
+
diff --git a/csci5271/ho2/password.txt b/csci5271/ho2/password.txt
deleted file mode 100644
index 9e265a5..0000000
--- a/csci5271/ho2/password.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-a
-Circle Of Life
-b \ No newline at end of file