# Practical 20: Hacking Lab Python

## Overview

This practical exercise is designed to help you understand and implement the theory learnt in the threat-vectors session through hands-on exercises. You will perform a series of tasks that simulate common hacking techniques and explore how to protect against them. This session will take about 30 minutes to complete.

## Task

### Part 1: Brute Force Attack on a Password (5 minutes)

1. **Set Up a Simple Password System:**

In [None]:
import hashlib


def hash_password(password):
    return hashlib.sha256(password.encode()).hexdigest()


# Example password hash (password is 'password123')
password_hash = hash_password("password123")

2. **Implementing a Brute Force Attack:**

In [None]:
import itertools
import string


def brute_force_attack(hash_to_crack, max_length=4):
    characters = string.ascii_lowercase + string.digits
    for length in range(1, max_length + 1):
        for guess in itertools.product(characters, repeat=length):
            guess = "".join(guess)
            guess_hash = hash_password(guess)
            if guess_hash == hash_to_crack:
                return guess
    return None

3. **Exercise 1: Brute Force Attack (Recap):**
   - Perform a brute force attack to crack the password.

<!-- 
max_length = 4
cracked_password = brute_force_attack(password_hash, max_length)
print(f"Cracked Password: {cracked_password}")
   -->

In [None]:
# TODO: Solve Exercise 1

4. **Exercise 2:**
   - Enhance the `brute_force_attack` function to include uppercase letters and special characters in the character set.

In [None]:
# TODO: Solve Exercise 2

### Part 2: SQL Injection Simulation (10 minutes)

1. **Set Up a Simple SQL Query:**
   - Simulate an SQL query that is vulnerable to SQL injection.

In [None]:
def simulate_sql_query(user_input):
    query = f"SELECT * FROM users WHERE username = '{user_input}'"
    return query

2. **Exercise 3: SQL Injection (Recap):**
   - Show how a malicious input can exploit the SQL query.

<!-- 
user_input = "admin' OR '1'='1"
malicious_query = simulate_sql_query(user_input)
print(f"Malicious SQL Query: {malicious_query}")
 -->

In [None]:
# TODO: Solve Exercise 3

3. **Secure the SQL Query:**
   - Modify the function to use parameterized queries to prevent SQL injection.

In [None]:
def secure_sql_query(user_input):
    query = "SELECT * FROM users WHERE username = %s"
    parameters = (user_input,)
    return query, parameters

4. **Exercise 4:**
   - Test the `secure_sql_query` function with a malicious input.

In [None]:
# TODO: Solve Exercise 4

### Part 3: Phishing Simulation (5 minutes)

1. **Exercise 5: Create a Simple Phishing Email:**
   - Write a function to generate a phishing email that looks like it is from a legitimate source.

In [None]:
# TODO: Solve Exercise 5
def generate_phishing_email():
    email = """
    Dear ...
    
    ...
    """
    return email

2. **Exercise 6: Educate Users on Phishing Detection:**
   - Discuss common signs of phishing emails and how to avoid falling victim to them.
   - Encourage users to verify the sender's email address, check for spelling and grammar mistakes, and avoid clicking on suspicious links.


// TODO: Solve Exercise 6

(Note this is in md and not python code, so it won't run.)

### Part 4: Additional Threat Vectors (10 minutes)

1. **Cross-Site Scripting (XSS):**
   - Write a function to simulate an XSS attack by injecting a malicious script into a web page.
   - Example
   
        ```py
        def simulate_xss(user_input):
            web_page = f"<html><body>Welcome {user_input}</body></html>"
            return web_page
        ```
2. **Example of XSS:**
   - Show how a malicious input can exploit the web page.
   - Example
   
        ```py
        user_input = "<script>alert('Hacked!');</script>"
        malicious_page = simulate_xss(user_input)
        print(f"Malicious Web Page: {malicious_page}")
        ```

3. **Exercise 7:**
   - TODO: Implement a function to sanitize user input to prevent XSS attacks.

In [None]:
# TODO: Solve Exercise 7

4. **Man-in-the-Middle (MITM) Attack Simulation:**
   - Write a function to simulate a simple MITM attack where an attacker intercepts and alters communication between two parties.
    - Example
    
        ```py
        def mitm_attack(original_message):
            intercepted_message = original_message.replace("Hello", "Hacked")
            return intercepted_message
        ```

5. **Example of MITM:**
   - Show how an intercepted message can be altered.
    - Example
    
        ```py
        original_message = "Hello, how are you?"
        intercepted_message = mitm_attack(original_message)
        print(f"Intercepted Message: {intercepted_message}")
        ```

## Summary

- You have performed a brute force attack to crack a hashed password.
- You have simulated an SQL injection and learned how to secure SQL queries using parameterized queries.
- You have generated a phishing email and discussed how to detect and avoid phishing attacks.
- You have explored additional threat vectors such as XSS and MITM attacks.
- You have completed exercises to enhance your understanding of these threat vectors and how to mitigate them.

## Submission

- Complete the exercises and ensure all solutions are documented.
- Save your progress and ensure all solutions are documented and submitted to GitHub.