00:00:00,520 --> 00:00:04,380 SPEAKER 1: Let's get cracking and hack into some accounts. Our to dos for this problem are twofold. One, we'll want to get the hashed password. And then two, we'll want to take that hashed password and crack it. So the hashed password will be passed in to us via the command line. So you'll also want to instruct the user if they haven't used your program correctly. Next, we'll want to crack that password. To do this we're going to make a couple of assumptions. The first is that all of the passwords are going to be hashed with C's DES-based crypt function. Take a moment and check out the manual page for crypt, where you'll find that for a DES-based algorithm, the "salt" is the first two characters of the hashed password. And the crypt function takes in two arguments, the key and the salt. So check out the passwords that we've provided to you and see what the salt in our case is. So the next thing to do is to crack the password. We'll return to the principle that hashing a word with the very same hash function will always return the same hash. So that means that if we try a word and hash that try, if the hashes match the given hash by the user then we can assume that we've successfully cracked the password. In order to guess those words, then we'll have to make a couple of assumptions. And we tell you that these passwords are no longer than four characters long, and that they're comprised entirely of alphabetical characters. So your biggest job for this problem is to think of a way to iterate over and generate plain text to be hashed. Now remember that the assumption is that the passwords can be up to four characters long. Meaning that there could be shorter passwords as well. And these passwords are case sensitive, meaning that an upper case A is going to be a different password than a lowercase a. You might want to consider generating an array of up to 5 bytes, where the last byte is going to be our backslash zero. Then you'll want to iterate over, perhaps with just one character, and then add in two, and then its three, and then four characters long, making sure to reach all possible permutations of letters. So once the hash of your guess matches the hash that the user has given you, you've successfully found their password. My name is [? Amaila, ?] and this was crack.