# Password Cracking PEX

## PEX Explanation

This Pwning Exercise (PEX) is meant to be minimal in writing new code and maximal in using what you've already been taught so far in this course. To that end, much code is provided, but it is still no small challenge to provide what is left out to crack the passwords. Every flag can be obtained by supplying the correct password to the checker. Not every level requires new code. Level 1 is defintely easiest, but there is no need to solve these Levels in order.

## Ignore the `str_xor` Function Below!

The code below will be present in all 4 levels of difficulty. **Please ignore it.** 

It is what decodes the flag if the provided password is correct. Circumventing the password check and invoking this function directly, while plenty clever, will not work in this case, as this decoding function is just using whatever password you've supplied as a key to decrypt the flag. *If you don't know the password, this function is useless!* And if you have found the password, you can completely ignore this function, anyway!!

In [None]:
"""
The function below is used for decrypting the flag when the correct password is given,
however, it is quite dense and uses a function `zip` that I don't intend to cover in
this class. It exists here so that the actual flags can live in this Notebook but only
be viewed if the correct password is given.
Documentation: https://stackoverflow.com/questions/20557999/xor-python-text-encryption-decryption
"""
def str_xor(secret, key):
    #extend key to secret length
    new_key = key
    i = 0
    while len(new_key) < len(secret):
        new_key = new_key + key[i]
        i = (i + 1) % len(key)        
    return "".join([chr(ord(secret_c) ^ ord(new_key_c)) for (secret_c,new_key_c) in zip(secret,new_key)])



"""
Short demo of using the `str_xor` encode/decode function for the curious
"""
##################################################################################### DELETE PWS:
# * The key for str_xor is 'blah' in ASCII, but truly, it is just a number.
# * In ASCII ciphers, the "key" was the amount of shift in each letter.
#key = 'blah'
key = "my-super-secret-key"

# The string we're encrypting is 'hoop'
#secret = 'hoop'
secret = 'picoCTF{p4p4-wh1sk3y-11m4-t35t-f14g}'

print("Secret: " + secret)

# ciphertext is the resulting text after putting a secret string through a cipher
ciphertext = str_xor(secret, key)
ciphertext_bytes = bytearray()
ciphertext_bytes.extend(ciphertext.encode())

# For the ASCII cipher, we keep all shifting to the printable alphabet, but this
#   enciphering results in number that have no corresponding letter, number or symbol.
print("Encrypted: " + str(ciphertext_bytes))

# * plaintext should be the orginal secret string after deciphering the ciphertext
# * like ROT47, for str_xor, encoding and decoding are the same function with the 
#     same key
plaintext = str_xor(ciphertext, key)

print("Decrypted: " + plaintext)

## Level 1

This first level of difficulty is a throwback to the early days of the Internet. When the Internet first began, no one was very sure what would happen with it (kind of like AI in this age). Generally, network communications were very trusting. No one tried to hide anything.

In [None]:
### THIS FUNCTION WILL NOT HELP YOU FIND THE FLAG --LT ########################
def str_xor(secret, key):
    #extend key to secret length
    new_key = key
    i = 0
    while len(new_key) < len(secret):
        new_key = new_key + key[i]
        i = (i + 1) % len(key)        
    return "".join([chr(ord(secret_c) ^ ord(new_key_c)) for (secret_c,new_key_c) in zip(secret,new_key)])
###############################################################################

# v-- this is the flag in encrypted form!
flag_enc = bytearray(b'\x13\x01\x17\x07,:/\x1a\x1eW\x18@E\x18\x06X\x12\x05P\x11YY^\x03]L^\r[YQ\t\x0cQ\x1c')



def level_1_pw_check():
    user_pw = input("Please enter correct password for flag: ")
    if( user_pw == "chthonian"):
        print("Welcome back... your flag, user:")
        decryption = str_xor(flag_enc.decode(), user_pw)
        print(decryption)
        return
    print("That password is incorrect")



level_1_pw_check()

## Level 2

This second level of challenge is a throwback to one of the first concepts we learned in class. Sometimes we don't need cryptography, just getting a password out of plain view is enough! 

This is a good time to ignore code you don't understand and look for code (or numbers) that you do understand. One important part of Python syntax for this snippet is that hexadecimal numbers are written like: `\x6e`, where `\x` tells Python that a hexadecimal number is about to follow, in this case `6e` which is `110` in decimal. Level 2 is very similar to Level 1. Noting the different line will help you understand what the new code is doing...

In [None]:
### THIS FUNCTION WILL NOT HELP YOU FIND THE FLAG --LT ########################
def str_xor(secret, key):
    #extend key to secret length
    new_key = key
    i = 0
    while len(new_key) < len(secret):
        new_key = new_key + key[i]
        i = (i + 1) % len(key)        
    return "".join([chr(ord(secret_c) ^ ord(new_key_c)) for (secret_c,new_key_c) in zip(secret,new_key)])
###############################################################################

# v-- this is the flag in encrypted form!
flag_enc = bytearray(b"\x15\x07\x08\x06\'!#\x15\x1b]\x14AH\x19\x03X\x17\x1eV\x17FXU\x18QC\x1f\x1eTXQ\rZQ\x19")



def level_2_pw_check():
    user_pw = input("Please enter correct password for flag: ")
    if( user_pw == bytearray(b'\x65\x6e\x6b\x69\x64\x75').decode()):
        print("Welcome back... your flag, user:")
        decryption = str_xor(flag_enc.decode(), user_pw)
        print(decryption)
        return
    print("That password is incorrect")



level_2_pw_check()

## Level 3

A mathematical function called a "hash" changed the face of password authorization once people started buying into personal computers and the Internet so much so that thieves started bothering to learn what they needed to steal from others using this new electronic medium.

Hash functions take any input and transform it into a fixed length string. The same string always creates the same hash, but similar strings create completely different hashes (ideally).

For the Level 3 challenge, please use the hash function as provided in the code below. Also note the 7 possible passwords listed at the end of the code!

In [None]:
import hashlib

### THIS FUNCTION WILL NOT HELP YOU FIND THE FLAG --LT ########################
def str_xor(secret, key):
    #extend key to secret length
    new_key = key
    i = 0
    while len(new_key) < len(secret):
        new_key = new_key + key[i]
        i = (i + 1) % len(key)        
    return "".join([chr(ord(secret_c) ^ ord(new_key_c)) for (secret_c,new_key_c) in zip(secret,new_key)])
###############################################################################

# v-- this is the flag in encrypted form!
flag_enc = bytearray(b"\x11\x19\x0c\x08&1\'\x0b\x1fS\x15QL\x07\x07V\x16\x0eR\tBVT\x08U]\x1b\x0f\x17VR]\x0cQ\\\x01\x1c")



def hash_pw(pw_str):
    pw_bytes = bytearray()
    pw_bytes.extend(pw_str.encode())
    m = hashlib.md5()
    m.update(pw_bytes)
    return m.digest()



def level_3_pw_check():
    user_pw = input("Please enter correct password for flag: ")
    user_pw_hash = hash_pw(user_pw)
    
    if( user_pw_hash == bytearray(b'\xc6&\xef\x0b{>\nRw\xabo\xbb\x9a\xaa\xfd_') ):
        print("Welcome back... your flag, user:")
        decryption = str_xor(flag_enc.decode(), user_pw)
        print(decryption)
        return
    print("That password is incorrect")



level_3_pw_check()

### NOTE: You can make a new cell or put code below here to work with it.
### NOTE: You can comment out the `level_3_pw_check()` line viz. insert "#" at
###         beginning of line.

# The strings below are 7 possibilities for the correct password. 
#   (Only 1 is correct)
pos_pw_list = ["cortana", "maximus", "apogee", "astraeus", "xenophobia", "byzantine", "enkidu"]




## Level 4

In Level 3, trying all passwords by hand is possible, though I would hope you take the opportunity to practice automating your password cracking attempts.

In this level, Level 4, trying every password by hand is ill-advised.

In [None]:
import hashlib

### THIS FUNCTION WILL NOT HELP YOU FIND THE FLAG --LT ########################
def str_xor(secret, key):
    #extend key to secret length
    new_key = key
    i = 0
    while len(new_key) < len(secret):
        new_key = new_key + key[i]
        i = (i + 1) % len(key)        
    return "".join([chr(ord(secret_c) ^ ord(new_key_c)) for (secret_c,new_key_c) in zip(secret,new_key)])
###############################################################################

# v-- this is the flag in encrypted form!
flag_enc = bytearray(b'\x13\x08\x0f\n07#\x15\x13Q\x13UA\x12\x1bR\x16\x05P\x1cNP]\x08GN\x03^\x16\x17NU\x08]K\x1e')



def hash_pw(pw_str):
    pw_bytes = bytearray()
    pw_bytes.extend(pw_str.encode())
    m = hashlib.md5()
    m.update(pw_bytes)
    return m.digest()



def level_4_pw_check():
    user_pw = input("Please enter correct password for flag: ")
    user_pw_hash = hash_pw(user_pw)
    
    if( user_pw_hash == bytearray(b'\xdc\xf0\xc2\x94\x1a\x1b|\xf6P\x19\xfd\xa3\xf1DKK') ):
        print("Welcome back... your flag, user:")
        decryption = str_xor(flag_enc.decode(), user_pw)
        print(decryption)
        return
    print("That password is incorrect")



level_4_pw_check()

### NOTE: You can make a new cell or put code below here to work with it.
### NOTE: You can comment out the `level_3_pw_check()` line viz. insert "#" at
###         beginning of line.

# The strings below are over 100 possibilities for the correct password. 
#   (Only 1 is correct)
pos_pw_list = ["calelectric","calelectrical","calelectricity","calembour","calemes","calenda","calendal","calendar","calendared","calendarer","calendarial","calendarian","calendaric","calendaring","calendarist","calendars","calendas","calender","calendered","calenderer","calendering","calenders","calendric","calendrical","calendry","calends","calendula","calendulas","calendulin","calentural","calenture","calentured","calenturing","calenturish","calenturist","calepin","calesa","calesas","calescence","calescent","calesero","calesin","calf","calfbound","calfdozer","calfhood","calfish","calfkill","calfless","calflike","calfling","calfret","calfs","calfskin","calfskins","calgary","calgon","caliban","calibanism","caliber","calibered","calibers","calibogus","calibrate","calibrated","calibrater","calibrates","calibrating","calibration","calibrations","calibrator","calibrators","calibre","calibred","calibres","caliburn","caliburno","calic","calicate","calices","caliche","caliches","caliciform","calicle","calicles","calico","calicoback","calicoed","calicoes","calicos","calicular","caliculate","calybite","calycanth","calycanthaceae","calycanthaceous","calycanthemous","calycanthemy","calycanthin","calycanthine","calycanthus","calycate","calyceal","calyceraceae","calyceraceous","calyces","calyciferous","calycifloral","calyciflorate","calyciflorous","calyciform","calycinal","calycine","calycle","calycled","calycles","calycli","calycocarpum","calycoid","calycoideous","calycophora","calycophorae","calycophoran","calycozoa","calycozoan","calycozoic","calycozoon","calycular","calyculate"]




## Conclusion

Great job! I hope you learned something being going through these password cracking exercises. Please message me on Discord if you finish early.