SPEAKER 1: Let's get cracking
and hack into some accounts.
Our to dos for this problem are twofold.
One, we'll want to get
the hashed password.
And then two, we'll want to take
that hashed password and crack it.
So the hashed password will be
passed in to us via the command line.
So you'll also want to
instruct the user if they
haven't used your program correctly.
Next, we'll want to crack that password.
To do this we're going to
make a couple of assumptions.
The first is that all
of the passwords are
going to be hashed with C's
DES-based crypt function.
Take a moment and check
out the manual page
for crypt, where you'll find
that for a DES-based algorithm,
the "salt" is the first two
characters of the hashed password.
And the crypt function takes in two
arguments, the key and the salt.
So check out the passwords
that we've provided to you
and see what the salt in our case is.
So the next thing to do
is to crack the password.
We'll return to the principle that
hashing a word with the very same hash
function will always
return the same hash.
So that means that if we try
a word and hash that try,
if the hashes match the
given hash by the user then
we can assume that we've
successfully cracked the password.
In order to guess
those words, then we'll
have to make a couple of assumptions.
And we tell you that these passwords
are no longer than four characters long,
and that they're comprised entirely
of alphabetical characters.
So your biggest job for
this problem is to think
of a way to iterate over and
generate plain text to be hashed.
Now remember that the assumption
is that the passwords can
be up to four characters long.
Meaning that there could be
shorter passwords as well.
And these passwords are
case sensitive, meaning
that an upper case A is going to be a
different password than a lowercase a.
You might want to consider generating
an array of up to 5 bytes, where
the last byte is going
to be our backslash zero.
Then you'll want to iterate over,
perhaps with just one character,
and then add in two, and then its
three, and then four characters long,
making sure to reach all
possible permutations of letters.
So once the hash of your guess matches
the hash that the user has given you,
you've successfully
found their password.
My name is [? Amaila, ?]
and this was crack.
