YCP Logo Assignment 1: Password Cracking, Part I

Due: Thursday, Jan 27th by 11:59 PM

Updated 1/21: Added some hints.

Getting Started

Download CS365_Assign1.zip. Extract the contents of the archive into a directory.

Using a Unix shell, use the cd command to navigate into the directory containing the extracted contents.

Using a text editor, open the file crack_passwd.c.

When you run the make command, the crack_passwd program will be compiled.

Your Task

This assignment is a warm up exercise to get you reacquainted with C, and is also a starting point for the next assignment.

Your task is to take an encrypted password entry, break it into its three components, and print them out.

Example session (user input in bold):

dhovemey@slartibartfast$ ./crack_passwd '$6$KZGJpy5g$LPUOKn56sQfAh/mTV/TTMk.2jt.ctjjKUk4/fjp94P9USkfurKPCz1/VKVhqTD5pjaSpvJgpTUzRZ2hX1L.Uj.'
Algorithm       : 6
Salt            : KZGJpy5g
Encrypted passwd: LPUOKn56sQfAh/mTV/TTMk.2jt.ctjjKUk4/fjp94P9USkfurKPCz1/VKVhqTD5pjaSpvJgpTUzRZ2hX1L.Uj.

The format of an encrypted password entry is:

$algorithm$salt$encrypted-passwd
  • algorithm is a string of either 1 or 2 characters identifying an encryption algorithm.
  • salt is a string of 1 to 16 characters representing a "salt value": an arbitrary value used to perturb an encrypted password to make dictionary password cracking more difficult.
  • encrypted-passwd is a string of up to 86 characters resulting from the encryption of a password and the salt value.

The constants ALGO_MAXLEN, SALT_MAXLEN, and ENCRYPTED_PASSWD_MAXLEN specify the maximum lengths (number of characters without the terminating nul character) for the algorithm, salt, and encrypted password, respectively.

Hints

This assignment will be easier if you use the C string functions. Some functions that may be useful are strlen, strcpy, memcpy, and strchr.

You can view the manual page for these functions, and all C library functions, by the man command from a terminal window. For example:

man 3 memcpy

will show you the manual page for the memcpy function. (The "3" forces man to look in Chapter 3 of the manual, which is where C functions are documented.)

Your favorite C reference should have plenty of information on C string manipulation.

Pointer arithmetic may be useful.

Make sure that any C character strings you create are properly terminated with a nul (0) character. Also, be sure that when you store a string value in a character array, the array is large enough to hold the characters of the string and the nul terminator.

Submitting

From the directory containing your source files, run the command

make submit

When prompted, enter your Marmoset username and password. You should see a message indicating that the submission was successfully uploaded to the server.

Important: You should log into the server and download your submitted files. Check to make sure that the files you submitted were the ones you intended. The server URL is

https://camel.ycp.edu:8443