<a href="https://colab.research.google.com/github/Dravitv/Updated_ZGROW-workshop-/blob/main/types_of_attack.ipynb" target="_parent"><img src="https://colab.research.google.com/assets/colab-badge.svg" alt="Open In Colab"/></a>

**Brute-Force Attack Project in Python**

Brute-Force Function (brute_force_attack):

Generates combinations of characters up to the length of the target password.
Compares each generated combination to the target password.
Stops when the correct password is found and prints the result.


In [None]:
import itertools
import string
import time

# Define a function to perform the brute-force attack
def brute_force_attack(password):
    # Set of characters to use in the brute-force (lowercase letters and digits)
    characters = string.ascii_lowercase + string.digits

    # Start timer
    start_time = time.time()

    # Iterate over every possible length from 1 to the length of the password
    for password_length in range(1, len(password) + 1):
        # Generate all possible combinations of the given length
        for guess in itertools.product(characters, repeat=password_length):
            # Join the tuple into a string
            guess = ''.join(guess)

            # Check if the guessed password is correct
            if guess == password:
                end_time = time.time()
                print(f"Password '{password}' cracked! The correct password is '{guess}'")
                print(f"Time taken: {end_time - start_time:.2f} seconds")
                return guess

    print("Password not found!")

# Define a main function
def main():
    # Set the target password
    password = "azdr10"  # You can change this to any password you want to try
    print(f"Attempting to brute-force the password: {password}")

    # Call the brute-force attack function
    brute_force_attack(password)

# Run the main function
main()


Attempting to brute-force the password: azdr10
Password 'azdr10' cracked! The correct password is 'azdr10'
Time taken: 19.94 seconds


**Dictionary Attack Simulation**



A dictionary attack is another common method used to guess passwords. Unlike brute-force attacks, which try every possible combination, a dictionary attack uses a predefined list of potential passwords (a "dictionary").

In [None]:
import time

# Sample dictionary of common passwords
common_passwords = [
    "123456", "password", "123456789", "12345678", "12345", "1234567", "admin", "letmein", "welcome", "abc123"
]

# Function to simulate dictionary attack
def dictionary_attack(target_password, password_list):
    """
    Attempts to guess the target password using a list of common passwords.

    Parameters:
    - target_password (str): The password to guess.
    - password_list (list): A list of possible passwords to try.

    Returns:
    - None
    """
    start_time = time.time()

    for guess in password_list:
        print(f"Trying password: {guess}")
        if guess == target_password:
            end_time = time.time()
            print(f"Password '{target_password}' cracked! The correct password is '{guess}'")
            print(f"Time taken: {end_time - start_time:.2f} seconds")
            return

    print("Password not found in the provided dictionary!")

# Main function to demonstrate dictionary attack
def main():
    # The target password we are trying to guess
    target_password = "welcome"  # Change this to test different passwords

    print(f"Attempting to dictionary attack the password: {target_password}")

    # Call the dictionary attack function
    dictionary_attack(target_password, common_passwords)

# Run the main function
main()


Attempting to dictionary attack the password: welcome
Trying password: 123456
Trying password: password
Trying password: 123456789
Trying password: 12345678
Trying password: 12345
Trying password: 1234567
Trying password: admin
Trying password: letmein
Trying password: welcome
Password 'welcome' cracked! The correct password is 'welcome'
Time taken: 0.00 seconds


**Caesar Cipher Encryption and Decryption**

The Caesar Cipher is one of the simplest and most widely known encryption techniques. It involves shifting each letter in a plaintext message by a fixed number of places down or up the alphabet.



In [None]:
def caesar_cipher_encrypt(text, shift):
    """
    Encrypts the input text using the Caesar cipher technique.

    Parameters:
    - text (str): The text to encrypt.
    - shift (int): The number of positions each character is shifted.

    Returns:
    - str: The encrypted text.
    """
    encrypted_text = ""

    for char in text:
        if char.isalpha():  # Check if the character is an alphabet
            shift_base = ord('A') if char.isupper() else ord('a')
            # Shift character and wrap around the alphabet
            encrypted_text += chr((ord(char) - shift_base + shift) % 26 + shift_base)
        else:
            encrypted_text += char

    return encrypted_text

def caesar_cipher_decrypt(text, shift):
    """
    Decrypts the input text encrypted with the Caesar cipher technique.

    Parameters:
    - text (str): The text to decrypt.
    - shift (int): The number of positions each character is shifted.

    Returns:
    - str: The decrypted text.
    """
    return caesar_cipher_encrypt(text, -shift)

# Main function to demonstrate Caesar Cipher encryption and decryption
def main():
    original_text = "Hello, World!"
    shift_value = 3

    print(f"Original Text: {original_text}")

    # Encrypt the text
    encrypted_text = caesar_cipher_encrypt(original_text, shift_value)
    print(f"Encrypted Text: {encrypted_text}")

    # Decrypt the text
    decrypted_text = caesar_cipher_decrypt(encrypted_text, shift_value)
    print(f"Decrypted Text: {decrypted_text}")

# Run the main function
main()


Original Text: Hello, World!
Encrypted Text: Khoor, Zruog!
Decrypted Text: Hello, World!


**XOR Cipher for Simple Encryption**

The XOR (exclusive or) cipher is a type of encryption algorithm that uses a key to encrypt and decrypt data. This is a simple encryption method often used in obfuscation.



In [None]:
def xor_cipher(data, key):
    """
    Encrypts or decrypts the input data using XOR cipher with the given key.

    Parameters:
    - data (str): The text to encrypt or decrypt.
    - key (str): The key to use for XOR operation.

    Returns:
    - str: The result of XOR encryption or decryption.
    """
    return ''.join(chr(ord(c) ^ ord(key)) for c in data)

# Main function to demonstrate XOR Cipher encryption and decryption
def main():
    original_text = "Hello, XOR Cipher!"
    key = 'K'  # Key for XOR operation

    print(f"Original Text: {original_text}")

    # Encrypt the text
    encrypted_text = xor_cipher(original_text, key)
    print(f"Encrypted Text: {encrypted_text}")

    # Decrypt the text (XOR encryption is symmetric)
    decrypted_text = xor_cipher(encrypted_text, key)
    print(f"Decrypted Text: {decrypted_text}")

# Run the main function
main()


Original Text: Hello, XOR Cipher!
Encrypted Text: .''$gkk";#.9j
Decrypted Text: Hello, XOR Cipher!


**Simulating a Simple Man-in-the-Middle (MITM) Attack**

A Man-in-the-Middle (MITM) attack involves an attacker secretly intercepting and possibly altering the communication between two parties who believe they are directly communicating with each other.

Python Code to Simulate Simple MITM Attack
This is a simplified example showing how a MITM might intercept messages. Note: This is purely theoretical and for educational purposes only.

In [None]:
def sender():
    """
    Simulates a sender sending a message.

    Returns:
    - str: The message to be sent.
    """
    return "Hello, this is a secret message."

def receiver(message):
    """
    Simulates a receiver receiving a message.

    Parameters:
    - message (str): The message received.

    Returns:
    - None
    """
    print(f"Receiver got message: {message}")

def mitm_attack(message):
    """
    Simulates a man-in-the-middle attack by intercepting and modifying a message.

    Parameters:
    - message (str): The original message.

    Returns:
    - str: The modified message.
    """
    print(f"MITM intercepted message: {message}")
    modified_message = message.replace("secret", "tampered")
    print(f"MITM modified message to: {modified_message}")
    return modified_message

# Main function to demonstrate a simple MITM attack
def main():
    # Sender sends a message
    original_message = sender()

    # MITM intercepts and modifies the message
    tampered_message = mitm_attack(original_message)

    # Receiver gets the tampered message
    receiver(tampered_message)

# Run the main function
main()


MITM intercepted message: Hello, this is a secret message.
MITM modified message to: Hello, this is a tampered message.
Receiver got message: Hello, this is a tampered message.


**SQL Injection Simulation**

SQL Injection is a common web attack technique where malicious SQL statements are inserted into an input field for execution against a database.

Python Code to Simulate SQL Injection
This simulation demonstrates how SQL injection could be used to bypass simple login systems.



In [None]:
def login(username, password):
    """
    Simulates a login function vulnerable to SQL injection.

    Parameters:
    - username (str): The username to log in with.
    - password (str): The password to log in with.

    Returns:
    - str: Success or failure message.
    """
    # Simulated database with a single user
    database_username = "admin"
    database_password = "password123"

    # Vulnerable SQL query
    query = f"SELECT * FROM users WHERE username='{username}' AND password='{password}'"
    print(f"Executing query: {query}")

    # Check if the injected query would always be true
    if username == database_username and password == database_password:
        return "Login successful!"
    else:
        return "Login failed!"

# Main function to demonstrate SQL injection
def main():
    print("Simulating normal login attempt...")
    print(login("admin", "password123"))  # Normal attempt

    print("\nSimulating SQL injection attack...")
    # Injection attempt
    print(login("admin' OR '1'='1", "anything"))

# Run the main function
main()


Simulating normal login attempt...
Executing query: SELECT * FROM users WHERE username='admin' AND password='password123'
Login successful!

Simulating SQL injection attack...
Executing query: SELECT * FROM users WHERE username='admin' OR '1'='1' AND password='anything'
Login failed!
