The Vault of Chow

Modules - Data Structures, File Streaming, Procedural Programming

 

Teacher’s Notes:

=======================================

  • Students generally find this assignment to be challenging but fun.
  • You can change the passwords, titles, and messages in the MyFrame.java file to suit your own class.  I give actual prizes to my students but you don't need to.  You could just say, "You have passed level 1", etc.
  • To create the vault file, you will need to create a new project in Eclipse and create the MyFrame.java and PasswordBreaker.java files in it.  You should create them in Eclipse and then export them as a runnable jar file.  You can provide this file to students via github, google drive, etc.
  • Student can decompile the runnable jar file to find the passwords. I would acknowledge that this is possible right from the start but tell the students that this is not the point of the assignment.
  • I thought of this assignment when I saw the XKCD comic about passwords at: https://xkcd.com/936/
  • There is a counter article about this - suggesting the use of password managers instead of creating your own passwords for many sites: https://blog.diogomonica.com/2014/10/11/password-security-why-the-horse-battery-staple-is-not-correct/
  • This is a good on-ramp to talk to students about password security and why you shouldn't use the same password for everything.  I would encourage them to use a password manager and talk about the nature of good password selection.
  • Be careful when using the Robot class in this way.  Students MUST put the Thread.sleep(5000); line in to give themselves time to move the mouse focus from Eclipse to the password text entry box.  Also, there is a 10ms sleep command between key presses because I found that the program can enter text faster than the vault program can read and process them.
  • The three passwords won't be easily solved using one single program but instead should be broken using multiple programs using different approaches.
 

Assignment:

=======================================

The Vault

Password Strength

 

Your teacher has created a secure vault which can be located at <insert instructions to download vault here>.  Your job is to download the vault file and break the three layers of passwords.

The word list for the password breaker can be found at: https://github.com/TaoOfChow/ClassroomSupportFiles/blob/main/words.txt

 

  

MyFrame.java

=======================================

 
import java.awt.FlowLayout;
import java.awt.event.ActionEvent;
import java.awt.event.ActionListener;
import javax.swing.JFrame;
import javax.swing.JLabel;
import javax.swing.JPanel;
import javax.swing.JTextField;

public class MyFrame extends JFrame implements ActionListener  {
    JPanel panel;
    JLabel title, passwordLabel, q1, q2, q3;
    JLabel chips, drink, candy, guessPrompt1, guessPrompt2, guessPrompt3, candyCorrect, chipsCorrect, drinkCorrect;
    JTextField passwordBox1, passwordBox2, passwordBox3;
    String passwordAttempt = "";
    //BufferedImage myPicture;
    JLabel dividingLine1;
    JLabel dividingLine2; 
    JLabel dividingLine3;
    
    MyFrame(String st)throws Exception 
    {
        super(st);
        setBounds(100, 100, 400, 300);
        setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);
        setLayout(new FlowLayout());
        title = new JLabel("            ~~Chow's Treat Vault~~              ");
        guessPrompt1 = new JLabel("Please Enter the First Password:     ");
        guessPrompt2 = new JLabel("Please Enter the Second Password:");
        guessPrompt2.setVisible(false);
        guessPrompt3 = new JLabel("Please Enter the Third Password:");
        guessPrompt3.setVisible(false);
        
        q1 = new JLabel("This password is a single word from the list");
        q2 = new JLabel("This password is a combo of two, 3-letter words from the list");
        q2.setVisible(false);
        q3 = new JLabel("This password is a made from 1-4 random lower case letters");
        q3.setVisible(false);
        candy = new JLabel("You did it!  Show this to Chow to get a small candy!");
        candy.setVisible(false);
        candyCorrect = new JLabel("            password: \"cheer\" accepted            ");
        candyCorrect.setVisible(false);
        chips = new JLabel("You did it!  Show this to Chow to get a bag of chips!"); 
        chips.setVisible(false);
        chipsCorrect = new JLabel("            password: \"drysun\" accepted            ");
        chipsCorrect.setVisible(false);
        drink = new JLabel("You did it!  Show this to Chow to get a chocolate bar!");
        drink.setVisible(false);
        drinkCorrect = new JLabel("            password: \"nah\" accepted            ");
        drinkCorrect.setVisible(false);
        //myPicture = ImageIO.read(new File("dividingLine.jpg"));
//        dividingLine1 = new JLabel(new ImageIcon(myPicture));
//        dividingLine2 = new JLabel(new ImageIcon(myPicture));
//        dividingLine2.setVisible(false);
//        dividingLine3 = new JLabel(new ImageIcon(myPicture));
//        dividingLine3.setVisible(false);
        
        passwordBox1 = new JTextField(30);
        passwordBox1.addActionListener(this);
        passwordBox2 = new JTextField(30);
        passwordBox2.addActionListener(this);
        passwordBox2.setVisible(false);
        passwordBox3 = new JTextField(30);
        passwordBox3.addActionListener(this);
        passwordBox3.setVisible(false);
        
        
        add(title);
        //add(dividingLine1);
        add(guessPrompt1);
        add(q1);
        add(passwordBox1);
        
        add(candy);
        add(candyCorrect);
        add(guessPrompt2);
        add(q2);
        add(passwordBox2);
        add(chips);
        add(chipsCorrect);
        add(guessPrompt3);
        add(q3);
        add(passwordBox3);
        add(drink);
        add(drinkCorrect);
        
    }
    public void actionPerformed(ActionEvent evt)
    {
        if (evt.getSource() == passwordBox1)
        {
            passwordAttempt = passwordBox1.getText();
            //System.out.println(passwordAttempt);
            passwordBox1.setText(null);
            if (passwordAttempt.equals("cheer"))
            {
                //System.out.println("Success");
                guessPrompt1.setVisible(false);
                candyCorrect.setVisible(true);
                candy.setVisible(true);
                passwordBox1.setVisible(false);
                passwordBox2.setVisible(true);
                q1.setVisible(false);
                q2.setVisible(true);
                guessPrompt2.setVisible(true);
            }
        }
        else if (evt.getSource() == passwordBox2)
        {
            passwordAttempt = passwordBox2.getText();
            System.out.println(passwordAttempt);
            passwordBox2.setText(null);
            if (passwordAttempt.equals("drysun"))
            {
                candy.setVisible(false);
                candyCorrect.setVisible(false);
                //System.out.println("Success");
                guessPrompt2.setVisible(false);
                chipsCorrect.setVisible(true);
                chips.setVisible(true);
                passwordBox2.setVisible(false);
                passwordBox3.setVisible(true);
                q2.setVisible(false);
                q3.setVisible(true);
                guessPrompt3.setVisible(true);
                
                
            }
        }
        else if (evt.getSource() == passwordBox3)
        {
            passwordAttempt = passwordBox3.getText();
            System.out.println(passwordAttempt);
            passwordBox3.setText(null);
            if (passwordAttempt.equals("nah"))
            {
                chips.setVisible(false);
                chipsCorrect.setVisible(false);
                passwordBox3.setEditable(false);
                passwordBox3.setText("nah");
                //System.out.println("Success");
                guessPrompt2.setVisible(false);
                drinkCorrect.setVisible(true);
                drink.setVisible(true);
                passwordBox2.setVisible(false);
                q3.setVisible(false);

            }
        }

        repaint();
    }
}
 

PasswordBreaker.java

=======================================

 
import javax.swing.JFrame;
public class PasswordBreaker {
    public static void main(String[] args) throws Exception
    {
        MyFrame controlPanel = new MyFrame("Bank of Chow");
        controlPanel.setSize(400,800);
        controlPanel.setVisible( true );
        controlPanel.setDefaultCloseOperation( JFrame.EXIT_ON_CLOSE );
    }
}
 

Stage 1 Password Breaker:

=======================================

import java.awt.Robot;
import java.awt.event.KeyEvent;
import java.io.File;
import java.util.Scanner;
public class Breaker {
    public static void typeWord(Robot typer, String st)throws Exception {
        for(int x = 0; x < st.length(); x++) {
            typer.keyPress(KeyEvent.VK_A + st.charAt(x) - 'a');
            Thread.sleep(10);
        }
        typer.keyPress(KeyEvent.VK_ENTER);
    }
    
    public static void main(String[] args)throws Exception {
        
        File infile = new File("words.txt");
        Scanner input = new Scanner(infile);
        String guess = "";
        Robot typer = new Robot();
        Thread.sleep(5000);
        
        while(input.hasNext()) {
            guess = input.next();
            typeWord(typer,guess);
        }
    }
}
 

Stage 2 Password Breaker:

=======================================

import java.awt.Robot;
import java.awt.event.KeyEvent;
import java.io.File;
import java.util.Scanner;
public class Breaker2 {
    public static void typeWord(Robot typer, String st)throws Exception {
        for(int x = 0; x < st.length(); x++) {
            typer.keyPress(KeyEvent.VK_A + st.charAt(x) - 'a');
            Thread.sleep(10);
        }
        typer.keyPress(KeyEvent.VK_ENTER);
    }
    
    
    public static void main(String[] args)throws Exception {
        
        File infile = new File("words.txt");
        Scanner input = new Scanner(infile);
        String potentialWord = "";;
        Robot typer = new Robot();
        
        String[] validWords = new String[1000];
        int wordCount = 0;
        
        while(input.hasNext()) {
            potentialWord = input.next(); 
            if(potentialWord.length() == 3) 
                validWords[wordCount++] = potentialWord;
        }
        
        System.out.println(wordCount);
        Thread.sleep(5000);
        for(int x = 0; x < wordCount; x++)
            for(int y = 0; y < wordCount; y++) 
                typeWord(typer,validWords[x]+validWords[y]);
            
        
    //    
        
        
    }
    
}
 

 

Stage 3 Password Breaker:

=======================================

import java.awt.Robot;
import java.awt.event.KeyEvent;
import java.util.Scanner;
public class Breaker3 {
    
    public static void typeWord(Robot typer, String st)throws Exception {
        for(int x = 0; x < st.length(); x++) {
            typer.keyPress(KeyEvent.VK_A + st.charAt(x) - 'a');
            Thread.sleep(10);
        }
        typer.keyPress(KeyEvent.VK_ENTER);
        
    }
    
    public static String increment(String st) {
        
        char[] array = st.toCharArray();
        
        int spot = array.length-1;
        array[spot]++;
        
        while(spot >= 0 && array[spot] > 'z') {
            array[spot] = 'a';
            
            if(spot != 0)
                array[spot-1]++;
            else {
                char[] biggerArray = new char[array.length+1];
                biggerArray[0] = 'a';
                for(int x = 1; x < biggerArray.length; x++)
                    biggerArray[x] = array[x-1];
                array = biggerArray;
                //new Scanner(System.in).next();
                
            }
            spot--;
            
        }
        
        return String.valueOf(array);
        
    }
    
    public static void main(String[] args) throws Exception{
        Robot typer = new Robot();
        String guess = "`";
        
        Thread.sleep(5000);
        
        do
        {
            guess = increment(guess);
            typeWord(typer,guess);
            
            //System.out.println(guess);
            
            
        }while(!guess.equals("zzzz"));
        
    }
}