Reference no: EM133662962
Assignment
Problem I: Linux File Permissions
For each permission requirement below, provide (i) symbolic permission and (ii) 4-digit octal (numeric) permission.
1. For a file named "a.png",
a. Owner: can read and write
b. Group: can read and write
c. World: forbidden
Symbolic permission?
Numeric permission?
2. For a directory of "dir1",
a. Owner: can read, write, and execute
b. Group: can read and execute
c. World: can read and execute
Symbolic permission?
Numeric permission?
3. For a file named "passwd",
a. Owner: can read, write, and execute
b. Group: can read and execute
c. World: can read and execute
d. Set user ID bit enabled
Symbolic permission?
Numeric permission?
4. For a directory of "dir2",
a. Owner: can read, write, and execute
b. Group: can read, write, and execute
c. World: can read, write, and execute
d. Sticky bit enabled
Symbolic permission?
Numeric permission?
5. For a file of "b.txt",
a. Owner: can read, write, and execute
b. Group: can read, write, and execute
c. World: can read and execute
d. Set group ID bit enabled
Symbolic permission?
Numeric permission?
Problem II: Password Strength Checker
What makes a strong password?
Strong passwords have many different attributes:
1. Length - typically > 8 characters
2. Case - contain both uppercase and lowercase letters
3. Special characters - contain at least one special character (e.g., !, %,@)
4. Numbers - contain one or more numbers
5. Additionally, your password should never contain any personal information (like your birthday, middle name).
Develop a Python or C++ program that can check the strength of a password. There are a few requirements for the program.
Requirements
1. Take user input (the password to be tested)
2. Calculate a score based on the contents of the password
3. Tell the user the score of their password
4. Tell the user the strength of their password (Weak, Moderate, Strong)
Below is a python program snippet for reference.
# Get user's password to check
userPassword = input("What is your password: ")
# Set a baseline for the possible counts of each character type
# Loop through each character and see what type it is
# Calculate the score of the password
# Tell the user how strong their password is
Problem III: Password Brute-force Attack
Write a program that performs the brute-force attack to break the password. The following table shows encrypted passwords using the crypt() function. Your mission is to break the password corresponding to your CWID in the table. For example, the last digit of your CWID is 1, then you should identify the password for indBOW06MoVz6.
In this case my last number is 7.
|
Last digit of CWID
|
Encrypted password
|
|
1
|
indBOW06MoVz6
|
|
2
|
in79RsnfG/VWo
|
|
3
|
inbqJM0dLgWvo
|
|
4
|
incT1ji3YqQ/Y
|
|
5
|
in7haMV00ylgk
|
|
6
|
in1U0tb9WpIcI
|
|
7
|
inPlXS.yNKivQ
|
|
8
|
inqidvfWapJp2
|
|
9
|
injY7hdQJTeu2
|
|
0
|
inQW.HgtuEe.M
|
Crypt() is a function to check UNIX/LINUX passwords, and the encrypted passwords above are encoded by the standard crypt() function. Hence, you should use the crypt() function to break the password. The crypt() function takes two input parameters and returns the encrypted password, as follows:
Input parameters:
1. Password (plaintext): string
2. Salt: string
Output:
1. Encrypted password: string
The password length is six and the salt is set to ‘infosec' (without using the quotation mark). For the brute-force attack, you should try 6-character lower case letters of alphabet from ‘aaaaaa', ‘aaaaab', ‘aaaaac', ..., to ‘zzzzzz', with the salt. Report the original plaintext password by breaking the encrypted password (one based on your CWID). Also report how many words you tested to find the original password.
It is recommended to write a program using either Python or C/C++. While there are numerous resources for referencing crypt(), the following shows just two of them (but you can refer to any other helpful resources).
Below is a python program snippet for reference.
# Please show the pycharm inside our VM with Kali Linux to do the coding
# import the following modules import pwd
import crypt
#usage and sample output password = "computer"
salt="science"
crypt.crypt(password, salt)
Output is:
'scRKJfdmHndxk'