*PHYTHON* OVERWHELMED WITH MIDTERMS AND IM MAKING LITTLE PROGRESS WITH THIS ASSIGNMENT PLEASE HELP! AND EXPLAIN AS BEST AS YOU CAN! THANK YOU! THANK YOU! Assignment Background Over the past several decades computer systems have relied on the concept of a password in order to authenticate users and grant access to secure systems. I hope you all are using several different passwords for different systems and websites as that is currently the best security practice. However even when requiring users to use strong passwords and change them frequently, passwords inevitably get leaked and people unfortunately use the same password for their bank account as for Facebook.

There are a vast array of methods for cracking passwords but this project will introduce you to 2 of them. Brute force and dictionary.

A brute force attack is a computer program will generate every possible combination of input then try all possibilities. Take a smartphone as an example, most have a 4 digit pass code so a brute force attack would start by first trying 0000, 0001, 0002, 0003, 0004, so on and so forth, until the correct passcode is found. In the case of a 4-digit password, there are 10,000 combinations. When using all the characters on your keyboard, the possible combinations quickly climb into the millions.

Given enough time and computing power, a brute force attack will always work. However, keep in mind though that most modern encryption standards would take several thousand years and require a lot of computing power to generate all possible combinations. So, if you're encrypting your devices (as you should be) and using strong passwords youre probably safe from a brute force attack.

A dictionary attack relies on a source file (like the one we provide you) in order to carry out an attack.

A source file is simply just a text file containing passwords. Sometimes, when malicious hackers manage to break into a secure system they release a password dump which is a file containing all the passwords found on that system. This is a good way of seeing the most common passwords.

Note: there are several ways of cracking / stealing passwords that can range from tricking people into telling you (known as phishing) to breaking some vulnerability in a website (such as an SQL injection) and many more.

Assignment Specifications You will be developing a python program that implements the two password cracking methods and allows the user to crack .zip (archive) files.

The first task is to implement a driver loop that prompts the user for which file cracking method theyd like to use (brute force, dictionary, or both). After determining which method the user would like to use, call the respective function(s) and show the time each function took to run. The user should be able to quit by typing q. If the attack is both, do a dictionary attack first and do a brute force attack only if the dictionary attack failed.

Your second task is to develop a brute force function that generates a strings containing a-z (all lowercase) of length 8 or less as the password to attempt (Hint: start small trying small passwords first). For example ,your string should start out with a, then b, then c, so on and so forth. When you get to z change the first character back to a and append another letter so your string becomes aa then ab. Once the password is cracked you should display the password to the user. Hint: see notes below about itertools.

The third task is to then develop the dictionary function. After you have prompted for the name of the dictionary file and the target .zip file your function should go through every line (one password per line) and try opening the .zip file. If it opens successfully, then again, display the password to the user. If you try all the passwords in the source file, display an appropriate error message. Hint: remember to strip() the word read from the file before trying it as a password!

The fourth and final task for this project is a research question. With this project we are providing you with two password protected .zip files. On behalf of the Computer Science Department you have our full permission to attack these two specific files for demonstration and educational purposes only. Breaking into secure computer systems is illegal in the US. (most other countries have similar laws). Your research question is to find out what US federal law youre breaking if you decide to do this without permission. Your program should warn the user what the name of the law is, and what the maximum penalty is before prompting for input.

Assignment Notes You are also not allowed to use sets, or dictionaries. Divide-and-conquer is an important problem solving technique. In fact, inside of every challenging problem is a simpler problem trying to get out. Your challenge is to find those simpler problems and divide the problem into smaller pieces that you can conquer. Functions can assist in this approach. Hint: build the following functions one at a time and test each one before moving on to the next. 1. open_dict_file() function does not take in any arguments and should return a file pointer to the dictionary file. It should keep re-prompting the user if the file doesnt exist. 2. open_zip_file() function does not take in any arguments and should return a file pointer to the zip file. It should keep re-prompting the user if the file doesnt exist. 3. brute_force_attack(zip_file) function takes the zip file pointer as an argument. The brute force function will generate all the possibilities, and attempt them. It should output the correct password once found. If successful, return True, otherwise return False. 4. dictionary_attack(zip_file, dict_file) function takes the zip file pointer and dictionary file pointer as arguments. It should output the correct password once found or print an error message if not successful. If successful, return True, otherwise return False. 5. File reading and closing. The order of reading files is important for testing. When doing a dictionary or both attack, prompt for the dictionary file before prompting for zip file(s). Also, always close() all files after each crack; otherwise with the dictionary file you will start reading passwords where you left off rather than at the beginning. 6. Using the code we provide for you, display the time need to finish each function. This will allow the user to see the time needed to complete various attacks. (You should notice quite a difference between the two methods).

Working with Archive (zip) Files To properly open zip files in python you need to import the zipfile module. To attempt extracting a password protected zip file, use

zip_file = zipfile.ZipFile(filename)

to first open the zip file, then apply your password to the opened zip file using

zip_file.extractall(pwd=password.encode())

so you can extract all its members. The type of the variable password is string and encode() is a string method that you must apply to the password variable when used as an argument to extractall. Basically, you try to unzip the file using extractall: if it generates an error, the password didnt work; if it doesnt generate an error, the password succeeded. Therefore, you want to put the call to extractall within try-except. Unfortunately, a variety of errors get generated by extractall so you must use except with no error type specified (that is generally not good practice, but necessary in this case). Therefore, your except line is simply

except: