CSE 231 Updated 04/02/2019 Spring 2019 Programming Project 09
This assignment is worth 55 points (5.5% of the course grade) and must be completed and turned in before 11:59 on Monday, April 8, 2019.
Assignment Overview
(learning objectives)
This assignment will give you more experience on the use of:
1. lists
2. sets
3. functions
4. dictionaries 5. input/output
The goal of this project is to comprehend password strength and implement a dictionary attack on password hashes.
Assignment Background
Passwords are used everywhere, and their secrecy is paramount to security. The strength of a password is an important factor in determining how the password would fare against attacks by nefarious entities. The entropy of a password is helpful in determining how strong a password really is. Simply stated, entropy gives an indication of how many other passwords can be created using the characters in the given password. The higher the entropy of a password, the stronger it is. Obligatory xkcd comic on the entropy of a password: https://xkcd.com/936/
Each time you create a password, it gets converted to gibberish (encryption) and is then stored in a database for future reference. This encryption (called a ‘hash’) is one-way, meaning you can obtain the same hash from the same password every time however it is impossible to reverse the hash back to the original password. This hashing is done so that in the event of a database leak, the passwords are still illegible. An example of such hashing is MD5 hashing.
A well-know and effective attack is the ‘dictionary attack’ against password hash leaks. Since password hashes cannot be reversed to obtain the plaintext password, hackers use “wordlists” that contain plaintext words and phrases and use these as candidate passwords. A plaintext password candidate is taken from the wordlist, hashed, and then the resulting hash is compared against the password hash. If there is an exact match, we have successfully recovered the password. Otherwise, we try another password candidate from the wordlist. This process is repeated until we reach the end of the wordlist or all passwords are discovered (or “cracked”).
Project Description
We have provided a file called ‘pass.txt’ that stores the most common passwords observed. These are all real passwords obtained from password leaks that are available freely on the Internet. Caution: this is an unfiltered list so you likely will find crude or otherwise disturbing passwords. Needless to say, using one of the passwords in the file is really insecure. In this project, we will crack passwords, examine common patterns in these passwords, and calculate their entropies.
open_file(message) -> fp
This function taken in a prompt message (string) and returns a file pointer. You likely have a copy from a previous project, but this one adds a default. It repeatedly prompts for a file until one is successfully opened. It should have a try-except statement. By default (when the user does not provide a filename), this function opens the file ‘pass.txt’.
check_characters(str, str)
This function accepts the password string and a string with the characters to check against as parameters. It returns True if there is at least one matching character anywhere in the string; False otherwise. The string.punctuation is what we will use to define which characters are special characters.
For example, if the given password is ’24x6A8+’, all the following checks should return True:
password = ’24x6A8+’
check_characters(password, string.ascii_lowercase) -> True check_characters(password, string.ascii_uppercase) -> True check_characters(password, string.digits) -> True check_characters(password, string.punctuation) -> True
password_entropy_calculator(str) -> float
This function takes a string password as input and returns the entropy (float) of the password string. For example, if the password string is ‘Tr0ub4dor&3’, the entropy is 72.10. If the password is ‘correcthorsebatterystaple’, the entropy is
117.51. The entropy of a password is calculated as follows:
entropy = L * log2(N)
where N is the number of possible symbols and L is the number of symbols in the password (its
length).
The number of possible symbols, N, is determined as follows:
• if the password is an empty string, the function should return 0
• only numbers in the password string, N = 10
• only special characters in the password string, N = 32
• only numbers and special characters in the password string, N = 42
• only lowercase characters in the password string, N = 26
• only uppercase characters in the password string, N = 26
• only uppercase and lowercase characters in the password string, N = 52
• only lowercase and numbers in the password string, N = 36
• only uppercase and numbers in the password string, N = 36
• only uppercase and special characters in the password string, N = 58
• only lowercase and special characters in the password string, N = 58
• only lowercase and numbers and special characters in the password, N = 68
• only uppercase and numbers and special characters in the password, N = 68
• only lowercase and uppercase and numbers in the password string, N = 62
• only lowercase and uppercase and special characters in the password string, N = 84
• lowercase and uppercase and numbers and special characters in password string, N = 94
For example, if the given password contains only numbers, N = 10. The check_characters() function described above checks if a password has numbers. Use the check_characters function to assist in determining N.
The number of symbols L in the password is determined by the length of the password. Please note that entropy is rounded to 2 decimal places.
build_password_dictionary(fp) -> dict
This function takes a file pointer parameter of a password file. It reads the file and returns a dictionary of passwords. This dictionary has a password’s MD5 hash as the key, and a tuple as values. The tuple contains the password, its rank, and its entropy.
The MD5 hash of a string password is calculated as follows: md5(password.encode()).hexdigest()
(Explanation: for any string named password you can simply use that expression to calculate the MD5 hash—the expression returns the MD5 hash. The encode() method is a string method to prep thestringforhashing. Themd5isimportedfromhashlibandthehexdigest()isanmd5 method so you need from hashlib import md5 at the top of your program.)
For example, a key-value pair in this dictionary would be:
{‘e10adc3949ba59abbe56e057f20f883e’:(123456, 1, 19.93)} That is, {MD5_hash : (password, rank, entropy)}
The rank of a password is a variable that is incremented by 1 only when a new password is added to the dictionary. This rank is indicative of the most common passwords (Rank 1 implies the password ‘123456’ is the most common password).
cracking(fp,dict) -> (list-of-tuples,int,int)
This function takes a file pointer to the password hash file and a password dictionary as parameters. It then uses the password dictionary to crack the password hashes read from the file. The password hash file contains the password hash and hex separated by a colon ‘:’. For every password hash in the file, check if the hash is in the password dictionary (remember using in with a dictionary checks against the dictionary keys which is a hash in the password dictionary) . If a hash is found, we say that the password is “cracked.” A tuple (password_hash, password, entropy) is appended to a list. The list should then be sorted in ascending order based on password and returned along with the cracked count and the uncracked count. That is, the following is returned: (list of tuples, int, int)
create_set(fp) -> set
This function takes a file pointer to various list of words as parameter. It returns a set of all the unique words present in the file.
common_patterns(dict, common_set, name_set, phrase_set) -> dict
This function takes the password dictionary (returned by the build_password_dictionary function) and three sets as input and identifies common English words, first names, and phrases contained within the password. It returns a dictionary with the password as key and a list of patterns as
the value. The capitalization of the password does not matter, e.g., ‘They’ or ‘they’ should be treated the same.
The three sets contain common English words, first names, and phrases. Then it goes through each password in the password dictionary and checks to see if any of these English words, first names, or phrases are present in the password. For example, the password ‘password’ contains ‘[‘pass’, ‘password’, ‘word’]’.
{password: [‘pass’, ‘password’, ‘word’]}
Each list of patterns must be sorted in ascending order. Also, if two or more files contain the same strings (e.g. ‘love’ is found in both ‘phrases.txt’ and ‘most_common_english_words.txt’), the list should only store those strings only once. E.g. when password is ‘ilovegod’, list is [‘love’] and NOT [‘love’,’love’].
The function returns this dictionary with passwords as keys and the corresponding lists as values.
main()
This function prints provided BANNER and MENU and then asks the user to make a choice between the various available options shown in the menu. If the choice is 1, it calls the cracking() function, if it is 2, it calls the common_patterns() function, if it is 3, it calls calculate_password_entropy() function, and if it is 4, it exits. For choices 1 and 2, build a dictionary using build_password_dictionary(), but first use the open_file() function to open the password file (‘pass.txt’).
The program should keep asking for user input and keep displaying the MENU until the user enters 4 and choses to exit. The banner is displayed only once when the program is first executed. Ensure proper error and exception handling in case the user enters an invalid choice. An error message is shown, and the user enter an input again: ‘Error. Try again.’
For option 1, the list returned by the cracking() function is displayed as follows:
sandra
123000
pisces
hiphop
johnny
123123123
tester
skyline
28.20
19.93
28.20
28.20
28.20
29.90
28.20
32.90
[ + ] crack3d!
[ + ] crack3d!
[ + ] crack3d!
[ + ] crack3d!
[ + ] crack3d!
[ + ] crack3d!
[ + ] crack3d!
[ + ] crack3d!
[ i ] stats: cracked 1,107; uncracked 136,588,893
f40a37048732da05928c3d374549c832
f46ef81f2464441ba58aeecbf654ee41
f480034fee8f39994f1989df74cdd206
f4e72bc32f2c636059d5f3ba44323921
f4eb27cea7255cea4d1ffabf593372e8
f5bb0c8de146c67b44babbf4e6584cc0
f5d1278e8109edd94e1e4197e04873b9
f5ddf8166360017ab573e218b2b7809c
Use this format string to get the formatting shown: ‘[ + ] {:<12s} {:<34s} {:<14s} {:.2f}' Cracking stats are displayed showing counts for cracked and uncracked passwords. Note the commas
in the format: '[ i ] stats: cracked {:,d}; uncracked {:,d}'
If option 2 is selected, after prompting for a password file and calling the build_password_dictionary() the program next asks the user to enter three files:
• most common English words: most_common_english_words.txt
• first names: firstnames.txt
• Phrases: phrases.txt
After reading these files, it creates 3 sets containing common English words, first names, and phrases. You should use a function that take a file pointer and returns a set.
This function also displays the contents of this dictionary in the following format:
lilbit
password
KILLER
kerry
kcchiefs
istheman
implants
herring
grunt
granite
['bit', 'lil']
['pass', 'password', 'word']
['kill', 'killer']
['kerry']
['chief']
['ema', 'man', 'the', 'them']
['plan', 'plant']
['her', 'ring']
['run']
['ran', 'rani']
The output can be formatted as follows:
for k,v in D_patterns.items():
print("{:20s} [".format(k),end='')# print password print(', '.join(v),end=']\n') # print comma separated list
Note that all of the lists shown above are sorted and the lists should also only store th strings only once. E.g. when password is ‘ilovegod’, list is [‘love’] and NOT [‘love’,’love’].
Assignment Deliverable
The deliverable for this assignment is the following file: proj09.py – the source code for your Python program
Be sure to use the specified file name and to submit it for grading via Mimir before the project deadline.
Assignment Notes
1. More about storing passwords as hashes:
a. https://crackstation.net/hashing-security.htm
2. Use ‘punctuation’ from ‘string’ module to identify punctuation. Similarly, use string.uppercase, string.lowercase etc.
3. from ‘math’ import ‘log2’ to perform the log calculations.
4. Videos on cracking passwords:
https://www.youtube.com/channel/UC_MuHQPbf3EatJc7M6nDTlQ
5. Items 1-9 of the Coding Standard will be enforced for this project.
Test Cases
Test 1: cracking password hashes
-Password Analysis-
____
, =, ( _________
| =' (VvvVvV--'
|____(
https://security.cse.msu.edu/
[ 1 ] Crack MD5 password hashes
[ 2 ] Locate common patterns
[ 3 ] Calculate entropy of a password
[ 4 ] Exit
[ ? ] Enter choice: 1
Common passwords file [enter for default]: passsmall.txt Hashes file: hashsmall.txt
Cracked Passwords: [ + ] crack3d!
[+ ] crack3d!
[+ ] crack3d!
df53ca268240ca76670c8566ee54568a
37b4e2d82900d5e94b8da524fbeb33c0
df0349ce110b69f03b4def8012ae4970
c62d929e7b7e7b6165923a5dfc60cb56
e8c522a4c9bdc5ea1f7a0483d965e196
e91e6348157868de9dd8b25c81aebfb9
f3f8d7edcb9ac392250f2571fccc7dad
computer
football
hockey
q1w2e3r4
realmadrid
security
slapshot
37.60
37.60
28.20
41.36
47.00
37.60
37.60
[+ ] crack3d!
[+ ] crack3d!
[+ ] crack3d!
[+ ] crack3d!
[ i ] stats: cracked 7; uncracked 20
[ 1 ] Crack MD5 password hashes
[ 2 ] Locate common patterns
[ 3 ] Calculate entropy of a password
[ 4 ] Exit
[ ? ] Enter choice: 4
Test 2 Locating common patterns
-Password Analysis-
____
, =, ( _________
| =' (VvvVvV--'
|____(
https://security.cse.msu.edu/
[ 1 ] Crack MD5 password hashes
[ 2 ] Locate common patterns
[ 3 ] Calculate entropy of a password
[ 4 ] Exit
[ ? ] Enter choice: 2
Common passwords file [enter for default]: passsmall.txt Common English Words file: common_small.txt
First names file: firstnames_small.txt
Phrases file: phrases.txt
Password
security
realmadrid
hockey
slapshot
football
computer
pranshu
q1w2e3r4
enbody
Patterns
[i, it]
[alma, i, rea, real]
[key]
[hot]
[all, ball, foot, football]
[put]
[an, ran]
[]
[body]
[ 1 ] Crack MD5 password hashes
[ 2 ] Locate common patterns
[ 3 ] Calculate entropy of a password
[ 4 ] Exit
[ ? ] Enter choice: 4
Test 3: calculating entropy
-Password Analysis-
____
, =, ( _________
| =' (VvvVvV--'
|____(
https://security.cse.msu.edu/
[ 1 ] Crack MD5 password hashes
[ 2 ] Locate common patterns
[ 3 ] Calculate entropy of a password
[ 4 ] Exit
[ ? ] Enter choice: 3
Enter the password: dogponyCATFROG123456789cartruck?!
The entropy of dogponyCATFROG123456789cartruck?! is 216.3
[ 1 ] Crack MD5 password hashes
[ 2 ] Locate common patterns
[ 3 ] Calculate entropy of a password
[ 4 ] Exit
[ ? ] Enter choice: 4
Test 4
-Password Analysis-
____
, =, ( _________
| =' (VvvVvV--'
|____(
https://security.cse.msu.edu/
[ 1 ] Crack MD5 password hashes
[ 2 ] Locate common patterns
[ 3 ] Calculate entropy of a password
[ 4 ] Exit
[ ? ] Enter choice: 6
Error. Try again.
[ 1 ] Crack MD5 password hashes
[ 2 ] Locate common patterns
[ 3 ] Calculate entropy of a password
[ 4 ] Exit
[ ? ] Enter choice: 0
Error. Try again.
[ 1 ] Crack MD5 password hashes
[ 2 ] Locate common patterns
[ 3 ] Calculate entropy of a password
[ 4 ] Exit
[ ? ] Enter choice: 1
Common passwords file [enter for default]: xyz
File not found. Try again.
Common passwords file [enter for default]:
Hashes file: hashes.txt
Cracked Passwords:
[ + ] crack3d!
[ + ] crack3d!
[ + ] crack3d!
[ + ] crack3d!
[ + ] crack3d!
[ + ] crack3d!
[ + ] crack3d!
############ many
[ + ] crack3d!
[ + ] crack3d!
[ + ] crack3d!
[ + ] crack3d!
[ + ] crack3d!
[ + ] crack3d!
[ + ] crack3d!
[ + ] crack3d!
670b14728ad9902aecba32e22fa4f6bd
dd4b21e9ef71e1291183a46b913ae6f2
aa88d07736f55fbea78388eedcab2816
8c90bd835b348a4b83bf6ad3b3b07e96
90b6a9b0171a9ed05629dbcb189c3b2a
04c451b99027474c510677cbc1bd8331
d6a9a933c8aafc51e55ac0662b6e4d4a
000000
00000000
01011975
01011979
010180
01121987
012345
19.93
26.58
26.58
26.58
19.93
26.58
19.93
28.20
28.20
28.20
28.20
28.20
32.90
28.20
28.20
lines not displayed in this document #########
0f5366b3b19afc3184d23bc73d8cd311
345d5fcc11a5d03ee3284a3a8e31cedc
f16b82ee4c79ac26a8c8882cb2e7c525
bd05aeb379f308de27d2d3a8d8142f72
dad3a37aa9d50688b5157698acfd7aee
04adb4e2f055c978c9bb101ee1bc5cd4
168d3c263aa44687fc3f8e78ad56d869
9be0a80012d71ede383e06ad6f6c9cee
xavier
xerxes
xfiles
xtreme
xxxxxx
xxxxxxx
yasmin
yugioh
[ + ] crack3d!
[ + ] crack3d!
[ + ] crack3d!
[ + ] crack3d!
[ i ] stats: cracked 1,107; uncracked 12,552
yvonne
zigzag
zxcvbn
zzzzzz
28.20
28.20
28.20
28.20
7878847d55c22f58e3a702fc10d98c54
d45e977bfef260da159d651b9de7035d
b427ebd39c845eb5417b7f7aaf1f9724
453e41d218e071ccfb2d1c99ce23906a
[ 1 ] Crack MD5 password hashes
[ 2 ] Locate common patterns
[ 3 ] Calculate entropy of a password
[ 4 ] Exit
[ ? ] Enter choice: 4
Test 5
https://security.cse.msu.edu/
[ 1 ] Crack MD5 password hashes
[ 2 ] Locate common patterns
[ 3 ] Calculate entropy of a password
[ 4 ] Exit
[ ? ] Enter choice: 2
-Password Analysis-
____
, =, ( _________
| =' (VvvVvV--'
|____(
Common passwords file [enter for default]: pass1.txt
Common English Words file: most_common_english_words.txt
First names file: firstnames.txt
Phrases file: phrases.txt
Password
123456
password
12345678
qwerty
123456789
12345
1234
111111
1234567
dragon
123123
baseball
abc123
football
monkey
Patterns
[]
[a, as, or, pass, password, word]
[]
[qwer, qwerty, we]
[]
[]
[]
[]
[]
[a, ag, ago, dragon, go, on]
[]
[a, all, as, ball, base, eba]
[a]
[a, all, ball, foot, football]
[key, monkey, on]
letmein
696969
shadow
master
666666
qwertyuiop
123321
mustang
1234567890
michael
[i, in, let, me, mei]
[]
[a, do, had, shadow]
[a, as, master]
[]
[i, qwer, qwerty, we]
[]
[a, an, must, us]
[]
[a, i]
############ many lines not displayed in this document #########
beast
achilles
tatiana
studio
sterlin
plumber
patrick1
miles
kotenok
homers
gbpltw
gateway1
franky
durango
drake
deeznuts
cowboys1
ccbill
brando
[a, as, be, bea, east]
[a, hill, i]
[a, an, ana, at, i, tatiana]
[di, i]
[i, in, lin]
[be, lu]
[a, at, i, pat]
[i, mil, mile]
[no, ten]
[home, me]
[]
[a, at, way]
[a, an, fran, frank, franky, ran]
[a, an, go, ran]
[a]
[de, dee]
[boy, cow]
[bill, i]
[a, an, and, do, ran]
[ 1 ] Crack MD5 password hashes
[ 2 ] Locate common patterns
[ 3 ] Calculate entropy of a password
[ 4 ] Exit
[ ? ] Enter choice: 4
Function Tests: for each there is an input and an “instructor value” that the instructor’s version of the function returned.
Function Test of check_characters function:
---------- Testing check numbers. ----------
numbers 2468: True
numbers 24x6A8: True
numbers xA+: False
---------- Testing check lowercase. ---------- lowercase 2468: False
lowercase 24x6A8: True
lowercase 24Y6A8: False
lowercase xA+: True
---------- Testing check uppercase. ---------- uppercase 2468: False
uppercase 24x6A8: True
uppercase 24y6a8: False
uppercase xA+: True
---------- Testing check special characters. ---------- special_characters 2468: False
special_characters 24x6A8: False
special_characters 24y6&8: True
special_characters xA+: True
Function Test password_entropy_calculator(password)
entropy 2468: 13.29
entropy 24x6A8: 35.73
entropy xA+: 19.18
entropy abcd: 18.8
entropy XYZ: 14.1
entropy aXbYcZ: 34.2
entropy 123abcXYZ: 53.59
entropy $&%-: 20.0
entropy $&%-123: 37.75
entropy 24y6a8: 31.02
entropy 24Y6A8B123: 51.7
entropy A-B(C: 29.29
entropy a-b(cxyz!: 52.72
entropy 24y6&8R: 45.88
entropy 1234567890abcdefgABCDEFG-$#: 176.97
Function Test build_password_dictionary() using passsmall.txt
Instructor dictionary:
{'e91e6348157868de9dd8b25c81aebfb9': ('security', 1, 37.6), 'e8c522a4c9bdc5ea1f7a0483d965e196': ('realmadrid', 2, 47.0), 'df0349ce110b69f03b4def8012ae4970': ('hockey', 3, 28.2), 'f3f8d7edcb9ac392250f2571fccc7dad': ('slapshot', 4, 37.6), '37b4e2d82900d5e94b8da524fbeb33c0': ('football', 5, 37.6), 'df53ca268240ca76670c8566ee54568a': ('computer', 6, 37.6), 'a6d420cb77a4b29af1c5f58dd6877401': ('pranshu', 7, 32.9), 'c62d929e7b7e7b6165923a5dfc60cb56': ('q1w2e3r4', 8, 41.36), '4de18635d510a47087963af81fe8656a': ('enbody', 9, 28.2)}
Function Test cracking(fp,dict)
password dictionary:
{'e91e6348157868de9dd8b25c81aebfb9': ('security', 1, 37.6),
'e8c522a4c9bdc5ea1f7a0483d965e196': ('realmadrid', 2, 47.0), 'df0349ce110b69f03b4def8012ae4970': ('hockey', 3, 28.2), 'f3f8d7edcb9ac392250f2571fccc7dad': ('slapshot', 4, 37.6), '37b4e2d82900d5e94b8da524fbeb33c0': ('football', 5, 37.6), 'df53ca268240ca76670c8566ee54568a': ('computer', 6, 37.6), 'a6d420cb77a4b29af1c5f58dd6877401': ('pranshu', 7, 32.9), 'c62d929e7b7e7b6165923a5dfc60cb56': ('q1w2e3r4', 8, 41.36), '4de18635d510a47087963af81fe8656a': ('enbody', 9, 28.2)}
instructor cracked:
[('df53ca268240ca76670c8566ee54568a', 'computer', 37.6),
('37b4e2d82900d5e94b8da524fbeb33c0', 'football', 37.6), ('df0349ce110b69f03b4def8012ae4970', 'hockey', 28.2), ('c62d929e7b7e7b6165923a5dfc60cb56', 'q1w2e3r4', 41.36), ('e8c522a4c9bdc5ea1f7a0483d965e196', 'realmadrid', 47.0), ('e91e6348157868de9dd8b25c81aebfb9', 'security', 37.6), ('f3f8d7edcb9ac392250f2571fccc7dad', 'slapshot', 37.6)] instructor counts: 7 20
Function Test common_patterns(D,common,names,phrases)
D= {'e91e6348157868de9dd8b25c81aebfb9': ('security', 1, 37.6), 'e8c522a4c9bdc5ea1f7a0483d965e196': ('realmadrid', 2, 47.0), 'df0349ce110b69f03b4def8012ae4970': ('hockey', 3, 28.2), 'f3f8d7edcb9ac392250f2571fccc7dad': ('slapshot', 4, 37.6), '37b4e2d82900d5e94b8da524fbeb33c0': ('football', 5, 37.6), 'df53ca268240ca76670c8566ee54568a': ('computer', 6, 37.6), 'a6d420cb77a4b29af1c5f58dd6877401': ('pranshu', 7, 32.9), 'c62d929e7b7e7b6165923a5dfc60cb56': ('q1w2e3r4', 8, 41.36), '4de18635d510a47087963af81fe8656a': ('enbody', 9, 28.2)}
common_S = {'I', 'all', 'an', 'are', 'as', 'at', 'ball', 'be', 'body', 'but', 'by', 'can', 'foot', 'football', 'from', 'had', 'have', 'his', 'hot', 'it', 'key', 'liquid', 'log', 'meant', 'motion', 'on', 'one', 'or', 'other', 'out', 'path', 'put', 'quotient', 'ran', 'real', 'shell', 'some', 'steam', 'teeth', 'they', 'this', 'we', 'were', 'what', 'with', 'word'}
names_S = {'Abagail', 'Abbe', 'Abbey', 'Alma', 'Danna', 'Danni', 'Dannie', 'Danny', 'Dannye', 'Danya', 'Danyelle', 'Danyette', 'Daphene', 'Daphna', 'Daphne', 'Dara', 'Darb', 'Malory', 'Malva', 'Malvina', 'Malynda', 'Mame', 'Mamie', 'Manda', 'Mandi', 'Mandie', 'Mandy', 'Manon', 'Manya', 'Mara', 'Marabel', 'Marcela', 'Marcelia', 'Marcella', 'Marcelle', 'Rea', 'Wally', 'Waly', 'Wanda', 'Wandie', 'Wandis', 'Waneta', 'Wanids', 'Wenda', 'Wendeline', 'Wendi', 'Wendie', 'Wendy'}
phrases_S = {'access', 'alex', 'angel', 'batman', 'catch', 'chase', 'cyclops', 'dragon', 'enjoy', 'enter', 'express', 'flash', 'football', 'freedom', 'gambit', 'green', 'hawkeye', 'ironman', 'killer', 'love', 'master', 'money', 'monkey', 'password', 'please', 'punisher', 'qazwsx', 'qwer', 'qwerty', 'remember', 'rescue', 'shadow', 'silver', 'spiderman', 'summer', 'superman', 'thor', 'welcome', 'wolverine'}
instructor_D = {'security': ['i', 'it'], 'realmadrid': ['alma', 'i', 'rea', 'real'], 'hockey': ['key'], 'slapshot': ['hot'], 'football': ['all', 'ball', 'foot', 'football'], 'computer': ['put'], 'pranshu': ['an', 'ran'], 'q1w2e3r4': [], 'enbody': ['body']}
Function Test create_set(fp)
print("---------- Testing common words. ----------") fp1 = open('common_small.txt')
common_S = create_set(fp1)
instructor_common_S = {'motion', 'from', 'were', 'liquid', 'out', 'foot', 'they', 'by', 'real', 'hot', 'shell', 'can', 'an', 'football', 'log', 'meant', 'on', 'path', 'put', 'with', 'but', 'some', 'other', 'quotient', 'be', 'had', 'this', 'his', 'teeth', 'at', 'steam', 'as', 'key', 'we', 'all', 'word', 'have', 'ran', 'I', 'ball', 'body', 'one', 'or', 'are', 'what', 'it'}
print("---------- Testing first names. ----------") fp2 = open('firstnames_small.txt')
names_S = create_set(fp2)
instructor_names_S = {'Mame', 'Malynda', 'Malory', 'Rea', 'Wandis', 'Dannye', 'Abbe', 'Marcela', 'Mamie', 'Marabel', 'Malva', 'Dara', 'Abagail', 'Wanda', 'Abbey', 'Wandie', 'Malvina', 'Wenda', 'Manda', 'Mandi', 'Waneta', 'Wanids', 'Marcelia', 'Danny', 'Manya', 'Danya', 'Manon', 'Mara', 'Daphene', 'Darb', 'Danna', 'Mandie', 'Waly', 'Wendi', 'Wendie', 'Wally', 'Wendeline', 'Danyette', 'Daphna', 'Mandy', 'Daphne', 'Dannie', 'Marcella', 'Danyelle', 'Wendy', 'Alma', 'Marcelle', 'Danni'}
print("---------- Testing phrases. ----------") fp3 = open('phrases.txt')
phrases_S = create_set(fp3)
instructor_phrases_S = {'password', 'express', 'qazwsx', 'batman', 'alex', 'gambit', 'ironman', 'green', 'football', 'qwerty', 'thor', 'money', 'silver', 'cyclops', 'dragon', 'wolverine', 'monkey', 'please', 'hawkeye', 'punisher', 'summer', 'freedom', 'enjoy', 'angel', 'master', 'shadow', 'welcome', 'killer', 'access', 'qwer', 'chase', 'superman', 'remember', 'catch', 'spiderman', 'flash', 'rescue', 'enter', 'love'}
Grading Rubric
General Requirements:
4 pts Coding Standard 1-9
(descriptive comments, source code Headers, function headers, etc...)
Function Tests:
3 pts open_file (no Mimir test)
-1 Did not use try/except
-1 Did use default file name
-1 Did not use while loop
4 pts check_characters()
5 pts password_entropy_calculator()
5 pts build_password_dictionary()
5 pts cracking()
2 pts create_set()
5 pts common_patterns()
Program Tests
4 pts Test1
4 pts Test2
4 pts Test3
5 pts Test4
5 pts Test5