SHA-1 Password Cracker

Note

This is about learning hashlib module. If you struck with some test case, remember that that salt can come before password.

Time: 30m

Problem description

Assignment

Passwords should never be stored in plain text. They should be stored as hashes, just in case the password list is discovered. However, not all hashes are created equal.

For this project you will learn about the importance of good security by creating a password cracker to figure out passwords that were hashed using SHA-1.

Create a function that takes in a SHA-1 hash of a password and returns the password if it is one of the top 10,000 passwords used. If the SHA-1 hash is NOT of a password in the database, return "PASSWORD NOT IN DATABASE".

The function should hash each password from top-10000-passwords.txt and compare it to the hash passed into the function.

The function should take an optional second argument named use_salts. If set to true, each salt string from the file known-salts.txt should be appended AND prepended to each password from top-10000-passwords.txt before hashing and before comparing it to the hash passed into the function.

Here are some hashed passwords to test the function with:

Here are some hashed passwords to test the function with when use_salts is set to True:

The hashlib library has been imported for you. You should condider using it in your code. Learn more about "hashlib" here.

Development

Write your code in password_cracker.py. For development, you can use main.py to test your code. Click the "run" button and main.py will run.

Testing

The unit tests for this project are in test_module.py. We imported the tests from test_module.py to main.py for your convenience. The tests will run automatically whenever you hit the "run" button.

Submitting

Copy your project's URL and submit it to freeCodeCamp.