1 00:00:00,000 --> 00:00:00,520 2 00:00:00,520 --> 00:00:04,380 SPEAKER 1: Let's get cracking and hack into some accounts. 3 00:00:04,380 --> 00:00:07,130 Our to dos for this problem are twofold. 4 00:00:07,130 --> 00:00:09,620 One, we'll want to get the hashed password. 5 00:00:09,620 --> 00:00:14,530 And then two, we'll want to take that hashed password and crack it. 6 00:00:14,530 --> 00:00:18,130 So the hashed password will be passed in to us via the command line. 7 00:00:18,130 --> 00:00:21,190 So you'll also want to instruct the user if they 8 00:00:21,190 --> 00:00:24,890 haven't used your program correctly. 9 00:00:24,890 --> 00:00:28,150 Next, we'll want to crack that password. 10 00:00:28,150 --> 00:00:31,340 To do this we're going to make a couple of assumptions. 11 00:00:31,340 --> 00:00:33,610 The first is that all of the passwords are 12 00:00:33,610 --> 00:00:38,320 going to be hashed with C's DES-based crypt function. 13 00:00:38,320 --> 00:00:40,840 Take a moment and check out the manual page 14 00:00:40,840 --> 00:00:45,020 for crypt, where you'll find that for a DES-based algorithm, 15 00:00:45,020 --> 00:00:49,300 the "salt" is the first two characters of the hashed password. 16 00:00:49,300 --> 00:00:54,910 And the crypt function takes in two arguments, the key and the salt. 17 00:00:54,910 --> 00:00:57,310 So check out the passwords that we've provided to you 18 00:00:57,310 --> 00:01:01,430 and see what the salt in our case is. 19 00:01:01,430 --> 00:01:04,390 So the next thing to do is to crack the password. 20 00:01:04,390 --> 00:01:09,040 We'll return to the principle that hashing a word with the very same hash 21 00:01:09,040 --> 00:01:12,370 function will always return the same hash. 22 00:01:12,370 --> 00:01:16,870 So that means that if we try a word and hash that try, 23 00:01:16,870 --> 00:01:21,430 if the hashes match the given hash by the user then 24 00:01:21,430 --> 00:01:25,900 we can assume that we've successfully cracked the password. 25 00:01:25,900 --> 00:01:29,080 In order to guess those words, then we'll 26 00:01:29,080 --> 00:01:31,510 have to make a couple of assumptions. 27 00:01:31,510 --> 00:01:36,930 And we tell you that these passwords are no longer than four characters long, 28 00:01:36,930 --> 00:01:41,800 and that they're comprised entirely of alphabetical characters. 29 00:01:41,800 --> 00:01:45,280 So your biggest job for this problem is to think 30 00:01:45,280 --> 00:01:49,990 of a way to iterate over and generate plain text to be hashed. 31 00:01:49,990 --> 00:01:52,750 Now remember that the assumption is that the passwords can 32 00:01:52,750 --> 00:01:55,000 be up to four characters long. 33 00:01:55,000 --> 00:01:58,090 Meaning that there could be shorter passwords as well. 34 00:01:58,090 --> 00:02:00,250 And these passwords are case sensitive, meaning 35 00:02:00,250 --> 00:02:05,890 that an upper case A is going to be a different password than a lowercase a. 36 00:02:05,890 --> 00:02:10,539 You might want to consider generating an array of up to 5 bytes, where 37 00:02:10,539 --> 00:02:14,580 the last byte is going to be our backslash zero. 38 00:02:14,580 --> 00:02:18,640 Then you'll want to iterate over, perhaps with just one character, 39 00:02:18,640 --> 00:02:23,200 and then add in two, and then its three, and then four characters long, 40 00:02:23,200 --> 00:02:27,320 making sure to reach all possible permutations of letters. 41 00:02:27,320 --> 00:02:32,110 So once the hash of your guess matches the hash that the user has given you, 42 00:02:32,110 --> 00:02:35,080 you've successfully found their password. 43 00:02:35,080 --> 00:02:39,030 My name is [? Amaila, ?] and this was crack. 44 00:02:39,030 --> 00:02:41,563