So Im doing the Python Password project here
https://www.sciencebuddies.org/science- ... #procedure
When I open up crack2 It asks me which password 0-6, When I do this I type 0 or 1
When that happens I get this:
Using method 3 with 435 in the list
The search took 0.0 seconds for 870 tests or 66,872 tests per second.
Using method 4 with 26 punc chars and 435 in the list
I didnt think this was right since It didnt return the password so I tried putting in random #s to guess the password and I received different information.
Im not sure how to make python file open passwords.txt, so how can I use method_2 to try and guess the password instead of Method_3/Method_4
Python Password cracker
Moderators: AmyCowen, kgudger, bfinio, MadelineB, Moderators
Re: Python Password cracker
DP6:
I have tried running the program, and you are correct. It is not working correctly. I have reported this issue to the Science Buddies staff. If you are adept in programming, you can continue with your science project and attempt to write your own program!
We apologize for the error.
I have tried running the program, and you are correct. It is not working correctly. I have reported this issue to the Science Buddies staff. If you are adept in programming, you can continue with your science project and attempt to write your own program!
We apologize for the error.
Deana
-
HowardE
- Posts: 496
- Joined: Thu Nov 20, 2014 1:35 pm
- Occupation: Science Buddies content developer
- Project Question: N/A
- Project Due Date: N/A
- Project Status: Not applicable
Re: Python Password cracker
DP6-
I'm sorry you had trouble with the code for this project. I hope you followed Deana's suggestion and wrote your own, as that was the bigger plan anyway.
The code has 6 prestored passwords that are encrypted. We'll call these password 1 through 6. Password 0 is a special seventh one that is not encrypted. In the example code it's simply "314" because guessing it is as easy as pie. [Sorry for the lame math pun]
What the program is asking you for is which of the 7 passwords you want it to try. It goes through the different methods in order. I selected that order because people tend to pick passwords that this order is more likely to get quickly. If you disagree or want to try something else, we encourage you to alter the program to experiment.
What you saw was correct. When you asked it to guess password 0, it first tried method 3 (which is simply comparing it to the list of words in the file passwords.txt). Since it's a 3 digit number, that's going to fail. It then tries combining two words together with punctuation. That takes longer but it too, will fail on this one. It then tries guessing numbers and it will succeed. If you had waited long enough for the program to go through the many tests you should have gotten this: (I added some comments in [])
-------
Science Buddies: How Easily Can Your password Be Hacked?
Which password (0-6)? 0
Trying to guess password 0
Using method 3 with 435 in the list [since there aren't any numbers in the password text file, this will fail for sure]
The search took 0.0 seconds for 870 tests or 953,999 tests per second.
Using method 4 with 26 punc chars and 435 in the list [combining multiple words together will still fail]
The search took 23 seconds for 19,679,400 tests or 872,705 tests per second.
Using method 1 and searching for 1 digit numbers. [it's not a single digit number]
The search took 0.03 seconds for 10 tests or 301 tests per second.
Using method 1 and searching for 2 digit numbers. [it's not a two digit number]
The search took 0.03 seconds for 100 tests or 2,998 tests per second.
Using method 1 and searching for 3 digit numbers. [it is a 3-digit number, so this test will find it]
Success! Password 0 is 314
The search took 0.06 seconds for 315 tests or 4,760 tests per second.
The total search for all methods took 23 seconds and 19,680,695 guesses.(856,763 guesses per second)
Your algorithm correctly guessed the password you entered. Try some others or see if you can make it guess faster.
------
Answering random numbers into that initial question won't work. The only available choices are 0 through 6, where 0 is for the one you can enter in plain readable text and 1 through 6 are for the encrypted ones. The program as provided with that specific 'passwords.txt' file will correctly guess passwords 1 through 5. You'll have to modify the program and try some new ideas of your own to guess password 6. And of course, you should use password 0 as a test bed to see how your new strategies work.
You also said that you weren't sure how to get the password file. It's available on the website in the project idea materials list. Simply download it the same way you downloaded crack2.py, and make sure you put them in the same directory. Then when you run the program in Python3 (we like to use IDLE3 to do that) the program can find the text file of passwords.
Finally, if you want to test out an idea and not waste a lot of time using methods that you don't care about, simply remove them from the code by commenting them out. The main part of the program called the various methods in order. Place a hashmark in from to a line to comment it out - then Python won't execute it.
For example, the code starts with method 3. If you don't want to waste time trying method 3, you can change this:
print("Trying to guess password "+str(which_password))
# Look through our list of common passwords first
if not foundit:
foundit = search_method_3("passwords.txt")
# Still looking? Let's combine the common passwords 2 at a time
to this:
print("Trying to guess password "+str(which_password))
# Look through our list of common passwords first
#if not foundit:
#foundit = search_method_3("passwords.txt")
# Still looking? Let's combine the common passwords 2 at a time
Notice the extra hashmarks on lines 3 and 4? Python will notice them too and simply skip that test. Do that with the first several and your program can just go straight to method 2. Remember that to test 8 'wheels' with 62 positions each is over 200 TRILLION tests and it's going to take a while. Start with shorter passwords and get a sense of how long it will take to try that many tests.
Maybe there's a better method you have in mind? If you find an improved method I'd love to hear about it.
Howard Eglowstein
Scientist, Science Buddies content development team
I'm sorry you had trouble with the code for this project. I hope you followed Deana's suggestion and wrote your own, as that was the bigger plan anyway.
The code has 6 prestored passwords that are encrypted. We'll call these password 1 through 6. Password 0 is a special seventh one that is not encrypted. In the example code it's simply "314" because guessing it is as easy as pie. [Sorry for the lame math pun]
What the program is asking you for is which of the 7 passwords you want it to try. It goes through the different methods in order. I selected that order because people tend to pick passwords that this order is more likely to get quickly. If you disagree or want to try something else, we encourage you to alter the program to experiment.
What you saw was correct. When you asked it to guess password 0, it first tried method 3 (which is simply comparing it to the list of words in the file passwords.txt). Since it's a 3 digit number, that's going to fail. It then tries combining two words together with punctuation. That takes longer but it too, will fail on this one. It then tries guessing numbers and it will succeed. If you had waited long enough for the program to go through the many tests you should have gotten this: (I added some comments in [])
-------
Science Buddies: How Easily Can Your password Be Hacked?
Which password (0-6)? 0
Trying to guess password 0
Using method 3 with 435 in the list [since there aren't any numbers in the password text file, this will fail for sure]
The search took 0.0 seconds for 870 tests or 953,999 tests per second.
Using method 4 with 26 punc chars and 435 in the list [combining multiple words together will still fail]
The search took 23 seconds for 19,679,400 tests or 872,705 tests per second.
Using method 1 and searching for 1 digit numbers. [it's not a single digit number]
The search took 0.03 seconds for 10 tests or 301 tests per second.
Using method 1 and searching for 2 digit numbers. [it's not a two digit number]
The search took 0.03 seconds for 100 tests or 2,998 tests per second.
Using method 1 and searching for 3 digit numbers. [it is a 3-digit number, so this test will find it]
Success! Password 0 is 314
The search took 0.06 seconds for 315 tests or 4,760 tests per second.
The total search for all methods took 23 seconds and 19,680,695 guesses.(856,763 guesses per second)
Your algorithm correctly guessed the password you entered. Try some others or see if you can make it guess faster.
------
Answering random numbers into that initial question won't work. The only available choices are 0 through 6, where 0 is for the one you can enter in plain readable text and 1 through 6 are for the encrypted ones. The program as provided with that specific 'passwords.txt' file will correctly guess passwords 1 through 5. You'll have to modify the program and try some new ideas of your own to guess password 6. And of course, you should use password 0 as a test bed to see how your new strategies work.
You also said that you weren't sure how to get the password file. It's available on the website in the project idea materials list. Simply download it the same way you downloaded crack2.py, and make sure you put them in the same directory. Then when you run the program in Python3 (we like to use IDLE3 to do that) the program can find the text file of passwords.
Finally, if you want to test out an idea and not waste a lot of time using methods that you don't care about, simply remove them from the code by commenting them out. The main part of the program called the various methods in order. Place a hashmark in from to a line to comment it out - then Python won't execute it.
For example, the code starts with method 3. If you don't want to waste time trying method 3, you can change this:
print("Trying to guess password "+str(which_password))
# Look through our list of common passwords first
if not foundit:
foundit = search_method_3("passwords.txt")
# Still looking? Let's combine the common passwords 2 at a time
to this:
print("Trying to guess password "+str(which_password))
# Look through our list of common passwords first
#if not foundit:
#foundit = search_method_3("passwords.txt")
# Still looking? Let's combine the common passwords 2 at a time
Notice the extra hashmarks on lines 3 and 4? Python will notice them too and simply skip that test. Do that with the first several and your program can just go straight to method 2. Remember that to test 8 'wheels' with 62 positions each is over 200 TRILLION tests and it's going to take a while. Start with shorter passwords and get a sense of how long it will take to try that many tests.
Maybe there's a better method you have in mind? If you find an improved method I'd love to hear about it.
Howard Eglowstein
Scientist, Science Buddies content development team
-
randomstring
- Posts: 1
- Joined: Sun Jan 24, 2016 3:30 pm
- Occupation: Parent
Re: Python Password cracker
It's not documented in the code, but password0 is treated differently from password1-6. Password0 (zero) is assigned as "plaintext" (just as you would type it into a password prompt) while the other variables password1-6 are all MD5 versions of the password.
So if you wanted to use a different passwords than the defaults, you need to set them as follows:
The program worked as is for my child. Passwords 0-5 can be "cracked" quickly, password6 takes a very, very long time. In fact we're still waiting on password6...
Code: Select all
# This is a place for you to set a password of your own
password0 = "314"
# Set up the passwords we want to crack. These must be MD5 hash
# data blocks. Set them up using MD5me like:
# 'password1=MD5me("ScienceBuddies")'
#
password1="202cb962ac59075b964b07152d234b70"
Code: Select all
# password0 is set in plaintext
password0 = "1234"
# all other passwords are MD5 versions of the password
password1 = MD5me("secret")
password2 = MD5me("starwars")-
HowardE
- Posts: 496
- Joined: Thu Nov 20, 2014 1:35 pm
- Occupation: Science Buddies content developer
- Project Question: N/A
- Project Due Date: N/A
- Project Status: Not applicable
Re: Python Password cracker
Just to clarify for anyone reading this old thread, passwords 1 through 6 are hashed with MD5 so that you can write your guessing program without knowing in advance what you're looking for. If you are going to replace those passwors with ones of your own, you don't need to bother with the hashing. So instead of setting , it's just easier to set and then in the code that does the checking, change to
I'll also give you a bit of a spoiler. Password 6 isn't one that this program can guess as you downloaded it. The brute force 'try all letters' method is only set up to handle passwords up to 8 characters and the program only checks for 6. Password 6 is more than 8 characters long. To get it you'll either have to check more character positions (and wait for millenia) or attack the problem differently and come up with another way of guessing it. One hint: it is based on one or more words in the provided dictionary.
It's not likely that the original poster will see this since they asked the question back in October of 2014. We love it when students help each other with good suggestions, but adding information to old threads can just be confusing.
Howard
Code: Select all
password1=MD5me("secret")Code: Select all
password1="secret"Code: Select all
if (1 == which_password):
if MD5me(password) == password1:
result = True
Code: Select all
if (1 == which_password):
if password == password1:
result = True
It's not likely that the original poster will see this since they asked the question back in October of 2014. We love it when students help each other with good suggestions, but adding information to old threads can just be confusing.
Howard