## CSc 4222 - Cyber Security | Assignment 2

### Bryan W. Nonni

### Password Salt System Implementation and Brutal Force Cracker 

### 1. Implementation of the Password Salt System
In this section, students are required to implement a password salt verification system. With the given UID and Hash files, students need to implement the verification system, such that the given example of the password and salt can match with the hash value in the `Hash.txt` file. For example, the first`UID` is `001`, the `password` is `0599`, the salt associated with the first `UID` is `054`. When applying the MD5 Hash Function with the encode format as `utf-8` as shown in the figure below, the expected output should be `4a1d6f102cd95fac33853e4d72fe1dc5`. It is worth to mention that, the concatenation between password and salt needs to be in the format of `(password||salt)`. For example, with the aforementioned input, the concatenation result will be `0599054`. 0 should not be omitted. 

__Requirement for the designed system:__

The designed verification system should be able to correctly verify the example shown above. When the input is correct, the system will output a String “The input password and salt matches the hash value in the database”. Otherwise, the output should be “The input password and salt does not match the hash value in the database”. 

In [6]:
from hashlib import md5
import pandas as pd

Hash = open('Hash.txt', 'r')
UID = open('UID.txt', 'r')

hash_dictionary = { 'uid': UID, 'hash': Hash }
hash_df = pd.DataFrame(hash_dictionary).replace('\n', '', regex=True)

hash_df.head(5)

Unnamed: 0,uid,hash
0,1,4a1d6f102cd95fac33853e4d72fe1dc5
1,2,e8e7d67256aedc225a072540540d910c
2,3,0c6a7629e1fe2eab887de89dd65072d9
3,4,0e8b4ee66ad464aee37a934d74088613
4,5,6261a6ddd461304eaed4090348d8d117


In [7]:
def computeMD5hash(pwsalt):
    m = md5()
    m.update(pwsalt.encode('utf-8'))
    return m.hexdigest()

In [5]:
uid001_hash = '4a1d6f102cd95fac33853e4d72fe1dc5'

compute_hash = computeMD5hash('0599 054')

print(uid001_hash, "matches", compute_hash, "=>", True) if uid001_hash == compute_hash else print(False)

a591a6d40bf420404a011733cfb7b190d62c65bf0bcda32b57b277d9ad9f146e


### 2. Implementation of the Cracker System

To reduce the complexity for cracking the password and salt, the passwords are randomly set in the range of `[0000, 1000]`, while the salt is randomly set in the range of `[000,100]` for each `UID`. One easy idea to implement a cracker system is to brute-forcely try all possible combinations of password and salt for one UID. As the `Hash.txt` and `UID.txt` files are given, students are requested to implement a cracker system which could find the correct password and salt for a specific `UID`.

__Requirement for the designed system:__

For a specific `UID`, the cracker system can output the correct password and salt value. For example, when input the `UID` as `001`, the output should be `password: 0599; salt: 054`.

__Demo and Report:__

__1)__ Each student is required to go to either TA or instructor to demo both systems. The TA or instructor will ask the students to run one or two specific UID(s) to check the corresponding password and salt.

__2)__ The report should firstly describe how these two systems are designed; secondly, the report should also include the set of passwords and salts for ten different UIDs.

<a href='./Report.txt'>Bryan's Report</a>

__3)__ For undergraduate students, the verification and cracker systems can be designed separately. For graduate students, the cracker system should include the function of verification system.

In [8]:
salt = [f"{i:03}" for i in range(1000)]
password = [f"{i:04}" for i in range(10000)]


In [9]:
def getUidHash(UID):
    j = 0
    Hash = hash_df.loc[hash_df.uid == UID, 'hash'].values
    Hash = Hash[-1]
    print('uid', UID, 'Hash:',Hash)
    while(j < len(hash_df)):
        for p in password:
            for s in salt:
                pass_salt = p + s
                #print(pass_salt)
                md5_hash = computeMD5hash(pass_salt)
                #print(md5_hash)
                if md5_hash == Hash:
                    return 'Match! uid: {}; password: {}; salt: {}; hash: {}'.format(UID, p, s, Hash)
                else:
                    pass
        j+=1

In [10]:
getUidHash('059')

uid 059 Hash: 1de0c17431522b41496f4617b34ccbb6


'Match! uid: 059; password: 0726; salt: 077; hash: 1de0c17431522b41496f4617b34ccbb6'

In [11]:
getUidHash('002')

uid 002 Hash: e8e7d67256aedc225a072540540d910c


'Match! uid: 002; password: 0973; salt: 027; hash: e8e7d67256aedc225a072540540d910c'

In [12]:
getUidHash('003')

uid 003 Hash: 0c6a7629e1fe2eab887de89dd65072d9


'Match! uid: 003; password: 0242; salt: 079; hash: 0c6a7629e1fe2eab887de89dd65072d9'

In [13]:
getUidHash('004')

uid 004 Hash: 0e8b4ee66ad464aee37a934d74088613


'Match! uid: 004; password: 0771; salt: 001; hash: 0e8b4ee66ad464aee37a934d74088613'

In [70]:
def executeBruteForceAttack():
    i = 0
    while(i < len(hash_df)):
        uid = hash_df['uid'][i]
        Hash = hash_df['hash'][i]
        print(Hash)
        for p in password:
            for s in salt:
                pass_salt = p + s
                md5_hash = computeMD5hash(pass_salt)
                if md5_hash == Hash:
                    print("Match! uid: {}; password: {}; salt: {}; hash: {}\n".format(uid, p, s, Hash))
                else:
                    pass
        i+=1

In [71]:
executeBruteForceAttack()

4a1d6f102cd95fac33853e4d72fe1dc5
Match! uid: 001; password: 0599; salt: 054; hash: 4a1d6f102cd95fac33853e4d72fe1dc5

e8e7d67256aedc225a072540540d910c
Match! uid: 002; password: 0973; salt: 027; hash: e8e7d67256aedc225a072540540d910c

0c6a7629e1fe2eab887de89dd65072d9
Match! uid: 003; password: 0242; salt: 079; hash: 0c6a7629e1fe2eab887de89dd65072d9

0e8b4ee66ad464aee37a934d74088613
Match! uid: 004; password: 0771; salt: 001; hash: 0e8b4ee66ad464aee37a934d74088613

6261a6ddd461304eaed4090348d8d117
Match! uid: 005; password: 0192; salt: 049; hash: 6261a6ddd461304eaed4090348d8d117

cfa0000941daff46ebf0ef1950c86db0
Match! uid: 006; password: 0187; salt: 030; hash: cfa0000941daff46ebf0ef1950c86db0

e09a3a07abbaa5bf3170e6d297dff065
Match! uid: 007; password: 0937; salt: 008; hash: e09a3a07abbaa5bf3170e6d297dff065

11dcc98c009eb5b2a9449d05ea8bb381
Match! uid: 008; password: 0825; salt: 006; hash: 11dcc98c009eb5b2a9449d05ea8bb381

dfbcb13e80aa4cfb872f987b17879ec8
Match! uid: 009; password: 0324