Review the brute Login function on p. 58 of Ch. 2, “Penetration Testing with Python,” of Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers.
You have been hired by a company to provide consultation on security and provide recommendations. Using Microsoft® Word, write a 1-page document explaining how the username and password are extracted from the password file. Describe what would happen if the script fails to open the password file.
Recommend and provide additional code that would better handle cases where the password file might not open.
Submit your assignment using the Assignment Files tab.
Linux systems keep user account information in the passwd file and the encrypted password in the shadow file.
The passwd file containing account information might look like this:
smithj:x:1001:1001:John Smith:/home/smithj:/bin/bash
The shadow file containing password and account expiration information for users might look like this:
smithj:KJDKKkkLLjjwlnttqoiybnm.:10063:0:99999:7:::
The fields in the shadow file are separated by a colon, with the first field being the username and the second the password.
Under normal circumstances, the password is encrypted but for the purpose of this assignment, you can assume the password is already unencrypted.
Review the bruteLogin function program on pp. 58 through 59 of Ch. 2, “Penetration Testing with Python,” of Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers.
Make the following changes/additions to the function:
Capture screenshots of your code and output for each conversion. Paste the screenshot in a Word document.
Submit your assignment using the Assignment Files tab.