High School

I need help with this JAVA project. This project has to do with

saving and storing passwords and also "cracking" them.

Please use the LANGUAGE JAVA for this project


In this task we are replicating a situation where you have somehow

gotten ahold of a password

file and you wish to crack it. You can assume that you have full

knowledge of the format of the particular

file you are working with. This program should take as an option

one of the password files below, as well as a maximum password size.

It should then try to figure out one of the

passwords in that file by brute force. That is, if ran with a password file

of type1, it would attempt to

find a password that hashed to one of the passwords of a username

in the file, trying all combinations of

passwords up to some specified length. If called with a password

file of type2, it would attempt to find a

password that when hashed with the salt would match one of the

usernames.


Password Types:


Type 1: A username and a hashed password, stored in

some format in the file

Type 2: A username, a salt and the result of the hashed

(password + salt), stored in some format in the file



Note that trying to crack a file of type 1, you can compare your

hash against all of the usernames in the


file. This you can do by loading this file into some structure.

As you are searching for a particular match,


this is done much more efficiently if it is stored in a binary

search tree or similar structure. For files of


type 2, whether your need to do something like this or not is

something I leave up to you to consider.


NOTE: For this project, you will need some cryptographic

library that lets you do hashes. Please use the JAVA cryptographic

library for this project.


Please take your time and do adequate testing to see if the program

runs properly and does what is required per the instructions.

Thanks.

Answer :

Below is an example implementation that uses the Java Cryptographic library to perform the necessary hashing operations.

java

Copy code

import java.io.File;

import java.io.IOException;

import java.nio.charset.StandardCharsets;

import java.nio.file.Files;

import java.nio.file.Paths;

import java.security.MessageDigest;

import java.security.NoSuchAlgorithmException;

import java.util.ArrayList;

import java.util.List;

public class PasswordCracker {

private static final String PASSWORD_FILE_PATH = "passwords.txt";

private static final int MAX_PASSWORD_LENGTH = 8; // Maximum password length to try

public static void main(String[] args) {

try {

List passwordList = readPasswordFile(PASSWORD_FILE_PATH);

crackPasswords(passwordList);

} catch (IOException e) {

System.out.println("Error reading password file: " + e.getMessage());

}

}

private static List> readPasswordFile(String filePath) throws IOException {

return Files.readAllLines(Paths.get(filePath));

}

private static void crackPasswords(List passwordList) {

for (String password : generatePasswords(MAX_PASSWORD_LENGTH)) {

for (String entry : passwordList) {

String[] parts = entry.split(":");

String username = parts[0];

String hashedPassword = parts[1];

if (hashMatches(password, hashedPassword)) {

System.out.println("Password found for username: " + username);

System.out.println("Username: " + username);

System.out.println("Password: " + password);

return; // Stop searching after finding one password

}

}

}

System.out.println("Password not found.");

}

private static List generatePasswords(int maxLength) {

List passwords = new ArrayList<>();

generatePasswordsHelper("", maxLength, passwords);

return passwords;

}

private static void generatePasswordsHelper(String prefix, int maxLength, List passwords) {

if (prefix.length() > maxLength) {

return;

}

passwords.add(prefix);

for (char c = 'a'; c <= 'z'; c++) {

generatePasswordsHelper(prefix + c, maxLength, passwords);

}

}

private static boolean hashMatches(String password, String hashedPassword) {

try {

MessageDigest md = MessageDigest.getInstance("SHA-256");

byte[] hashedBytes = md.digest(password.getBytes(StandardCharsets.UTF_8));

String hashedPasswordToCompare = bytesToHex(hashedBytes);

return hashedPassword.equals(hashedPasswordToCompare);

} catch (NoSuchAlgorithmException e) {

System.out.println("Error hashing password: " + e.getMessage());

return false;

}

}

private static String bytesToHex(byte[] bytes) {

StringBuilder result = new StringBuilder();

for (byte b : bytes) {

result.append(String.format("%02x", b));

}

return result.toString();

}

}

Please make sure to replace the PASSWORD_FILE_PATH constant with the actual path to your password file. The program will attempt to crack the passwords using a brute force approach by generating all possible combinations of passwords up to the specified maximum length (MAX_PASSWORD_LENGTH). It uses SHA-256 hashing algorithm from the Java Cryptographic library to hash the generated passwords and compares them with the hashed passwords in the file.

Note: This is a basic implementation to demonstrate the concept. In a real-world scenario, additional considerations such as optimizing the search algorithm, handling large password files, and implementing appropriate data structures for efficient searching should be taken into account.

Make sure to thoroughly test the program with different password files and scenarios to ensure it meets your requirements and functions correctly.

Learn more about implementation from

https://brainly.com/question/29439008

#SPJ11

Other Questions