用所给的密码字典,实现一个密码暴露破解器,练习crypto lib的用法。
Requirement
One of the first steps in most intrusion attempts is to try to guess user
logins and passwords. Your objective in this lab assignment is to create a C
language program (convince me you want to do this in a language other than C)
to read a pseudo-password file named jfd_passwords.txt and attempt to guess
the encrypted passwords within.
You may work on this assignment in pairs. You must write the program in C.
You should use the crypt(3) library function to encrypt your password guesses.
You should extract the salt string from the pseudo-password file entry. You
may use any technique you wish to guess passwords (see suggestions below). The
Linux system dictionary file is (usually) in /usr/share/dict/words (or
linux.words). It has 480K words in it, including numbers, hyphenated words,
and a host of very strange ones. The system dictionary on Mac OS X 10.11 is
also in /usr/share/dict/words. It has 235K words, however. On a Mac OS X
system there is also a /usr/share/dict/web2a dictionary that include
hyphenated words, and a /usr/share/dict/propernames file that contains 1323
proper names, all one per line. I’ve also got several lists of common and
pilfered passwords that I’ll post on the Google Classroom page.
The jfd_passwords.txt file is in the Google Classroom, attached to this
problem set. The format of the entries in the file matches that of
the/etc/passwd file as found in the passwd(5) man page on your local Linux
box. Copy this file to your own computer or to one of the computers in the
Crash and Burn lab to work on it.
DO NOT execute your password program on euclid.
DO NOT use the system password file as a test file. (It doesn’t have any
passwords in it anyway!)
DO NOT execute your password program on any of the ITS lab machines, or on
KnoxAnyWare.
If you’ve installed Kali Linux on your machine (under VirtualBox), then that’s
a great place to create and test your program. You can easily move files back
and forth via your Google Drive (just login to my.knox.edu using the Ice
Weasel web browser on Kali Linux). If you don’t want to use Kali Linux, you
can use the SEED version of Ubuntu, or you can just login to
euclid.lab.knet.edu and do your work there (except for that final testing bit
from above). If you have a Mac, just open up the terminal window and work
there. If you have a Windoze machine, I’d suggest downloading Cygwin and
working in there.
In addition to your program and the documentation described below, you should
turn in:
- the list of the passwords you recovered
- the number of tries it took to recover each password
- the time it took your program to recover each password.
Your grade for this problem set will depend on how many passwords you crack.
The more the better!!
HINTS AND SUGGESTIONS:
I’d try a straight dictionary attack first, using one of the dictionary files
mentioned above.
Then try some of the common passwords from the files on the Google Drive.
Then try dictionary words backwards.
Then try replacing certain characters with digits O = 0, I = 1, E = 3, etc.
The above attacks should get you several passwords; then be creative!
Be aware that your program might execute for a loooooooonnnnnngggggg time,
(like for 12 to 24 hours or more). You must print each password you find
(including the original line from the password file) to an output file along
with a timestamp. You should consider executing your program in the
background. To do this from the command line, do something like:
$ time ./mypasswordCracker&
You must time how long your password program works and print the elapsed time
at the end. (you can do this using the time(1) command line function in Linux
as above).
The plaintext passwords used to create the jfd_passwords.txt file have the
following characteristics:
- They are composed of only the characters [a-zA-Z0-9*_]
- The password lengths are between 3 and 12 characters, inclusive. (I’m being nice.)
- At least some of the passwords are dictionary words. (Nice again.)
To help you understand the use of the crypt() function , here’s a simple
example that works on MacOS X systems and (with slight modification) on Linux
systems:
Example
/*
* Short program to test the crypt(3) library function.
* note that on a Linux system you must include
* crypt.h and link with -lcrypt
* this is not necessary on Mac OS X
*/
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
int main(int argc, char *argv[]) {
char *salt;
char *password;
if (argc < 3) {
fprintf(stderr, "usage: %s <salt> <password>\n", argv[0]);
exit(1);
}
salt = argv[1];
password = argv[2];
printf("Encrypted password is %s\n", crypt(password, salt));
return 0;
}
—|—
