Teacher’s Notes:
=======================================
- Students generally find this assignment to be challenging but fun.
- You can change the passwords, titles, and messages in the MyFrame.java file to suit your own class. I give actual prizes to my students but you don't need to. You could just say, "You have passed level 1", etc.
- To create the vault file, you will need to create a new project in Eclipse and create the MyFrame.java and PasswordBreaker.java files in it. You should create them in Eclipse and then export them as a runnable jar file. You can provide this file to students via github, google drive, etc.
- Student can decompile the runnable jar file to find the passwords. I would acknowledge that this is possible right from the start but tell the students that this is not the point of the assignment.
- I thought of this assignment when I saw the XKCD comic about passwords at: https://xkcd.com/936/
- There is a counter article about this - suggesting the use of password managers instead of creating your own passwords for many sites: https://blog.diogomonica.com/2014/10/11/password-security-why-the-horse-battery-staple-is-not-correct/
- This is a good on-ramp to talk to students about password security and why you shouldn't use the same password for everything. I would encourage them to use a password manager and talk about the nature of good password selection.
- Be careful when using the Robot class in this way. Students MUST put the Thread.sleep(5000); line in to give themselves time to move the mouse focus from Eclipse to the password text entry box. Also, there is a 10ms sleep command between key presses because I found that the program can enter text faster than the vault program can read and process them.
- The three passwords won't be easily solved using one single program but instead should be broken using multiple programs using different approaches.
Assignment:
=======================================
The Vault
Your teacher has created a secure vault which can be located at <insert instructions to download vault here>. Your job is to download the vault file and break the three layers of passwords.
The word list for the password breaker can be found at: https://github.com/TaoOfChow/ClassroomSupportFiles/blob/main/words.txt
MyFrame.java
=======================================
import java.awt.FlowLayout;
import java.awt.event.ActionEvent;
import java.awt.event.ActionListener;
import javax.swing.JFrame;
import javax.swing.JLabel;
import javax.swing.JPanel;
import javax.swing.JTextField;
public class MyFrame extends JFrame implements ActionListener {
JPanel panel;
JLabel title, passwordLabel, q1, q2, q3;
JLabel chips, drink, candy, guessPrompt1, guessPrompt2, guessPrompt3, candyCorrect, chipsCorrect, drinkCorrect;
JTextField passwordBox1, passwordBox2, passwordBox3;
String passwordAttempt = "";
//BufferedImage myPicture;
JLabel dividingLine1;
JLabel dividingLine2;
JLabel dividingLine3;
MyFrame(String st)throws Exception
{
super(st);
setBounds(100, 100, 400, 300);
setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);
setLayout(new FlowLayout());
title = new JLabel(" ~~Chow's Treat Vault~~ ");
guessPrompt1 = new JLabel("Please Enter the First Password: ");
guessPrompt2 = new JLabel("Please Enter the Second Password:");
guessPrompt2.setVisible(false);
guessPrompt3 = new JLabel("Please Enter the Third Password:");
guessPrompt3.setVisible(false);
q1 = new JLabel("This password is a single word from the list");
q2 = new JLabel("This password is a combo of two, 3-letter words from the list");
q2.setVisible(false);
q3 = new JLabel("This password is a made from 1-4 random lower case letters");
q3.setVisible(false);
candy = new JLabel("You did it! Show this to Chow to get a small candy!");
candy.setVisible(false);
candyCorrect = new JLabel(" password: \"cheer\" accepted ");
candyCorrect.setVisible(false);
chips = new JLabel("You did it! Show this to Chow to get a bag of chips!");
chips.setVisible(false);
chipsCorrect = new JLabel(" password: \"drysun\" accepted ");
chipsCorrect.setVisible(false);
drink = new JLabel("You did it! Show this to Chow to get a chocolate bar!");
drink.setVisible(false);
drinkCorrect = new JLabel(" password: \"nah\" accepted ");
drinkCorrect.setVisible(false);
//myPicture = ImageIO.read(new File("dividingLine.jpg"));
// dividingLine1 = new JLabel(new ImageIcon(myPicture));
// dividingLine2 = new JLabel(new ImageIcon(myPicture));
// dividingLine2.setVisible(false);
// dividingLine3 = new JLabel(new ImageIcon(myPicture));
// dividingLine3.setVisible(false);
passwordBox1 = new JTextField(30);
passwordBox1.addActionListener(this);
passwordBox2 = new JTextField(30);
passwordBox2.addActionListener(this);
passwordBox2.setVisible(false);
passwordBox3 = new JTextField(30);
passwordBox3.addActionListener(this);
passwordBox3.setVisible(false);
add(title);
//add(dividingLine1);
add(guessPrompt1);
add(q1);
add(passwordBox1);
add(candy);
add(candyCorrect);
add(guessPrompt2);
add(q2);
add(passwordBox2);
add(chips);
add(chipsCorrect);
add(guessPrompt3);
add(q3);
add(passwordBox3);
add(drink);
add(drinkCorrect);
}
public void actionPerformed(ActionEvent evt)
{
if (evt.getSource() == passwordBox1)
{
passwordAttempt = passwordBox1.getText();
//System.out.println(passwordAttempt);
passwordBox1.setText(null);
if (passwordAttempt.equals("cheer"))
{
//System.out.println("Success");
guessPrompt1.setVisible(false);
candyCorrect.setVisible(true);
candy.setVisible(true);
passwordBox1.setVisible(false);
passwordBox2.setVisible(true);
q1.setVisible(false);
q2.setVisible(true);
guessPrompt2.setVisible(true);
}
}
else if (evt.getSource() == passwordBox2)
{
passwordAttempt = passwordBox2.getText();
System.out.println(passwordAttempt);
passwordBox2.setText(null);
if (passwordAttempt.equals("drysun"))
{
candy.setVisible(false);
candyCorrect.setVisible(false);
//System.out.println("Success");
guessPrompt2.setVisible(false);
chipsCorrect.setVisible(true);
chips.setVisible(true);
passwordBox2.setVisible(false);
passwordBox3.setVisible(true);
q2.setVisible(false);
q3.setVisible(true);
guessPrompt3.setVisible(true);
}
}
else if (evt.getSource() == passwordBox3)
{
passwordAttempt = passwordBox3.getText();
System.out.println(passwordAttempt);
passwordBox3.setText(null);
if (passwordAttempt.equals("nah"))
{
chips.setVisible(false);
chipsCorrect.setVisible(false);
passwordBox3.setEditable(false);
passwordBox3.setText("nah");
//System.out.println("Success");
guessPrompt2.setVisible(false);
drinkCorrect.setVisible(true);
drink.setVisible(true);
passwordBox2.setVisible(false);
q3.setVisible(false);
}
}
repaint();
}
}
PasswordBreaker.java
=======================================
import javax.swing.JFrame;
public class PasswordBreaker {
public static void main(String[] args) throws Exception
{
MyFrame controlPanel = new MyFrame("Bank of Chow");
controlPanel.setSize(400,800);
controlPanel.setVisible( true );
controlPanel.setDefaultCloseOperation( JFrame.EXIT_ON_CLOSE );
}
}
Stage 1 Password Breaker:
=======================================
import java.awt.Robot;
import java.awt.event.KeyEvent;
import java.io.File;
import java.util.Scanner;
public class Breaker {
public static void typeWord(Robot typer, String st)throws Exception {
for(int x = 0; x < st.length(); x++) {
typer.keyPress(KeyEvent.VK_A + st.charAt(x) - 'a');
Thread.sleep(10);
}
typer.keyPress(KeyEvent.VK_ENTER);
}
public static void main(String[] args)throws Exception {
File infile = new File("words.txt");
Scanner input = new Scanner(infile);
String guess = "";
Robot typer = new Robot();
Thread.sleep(5000);
while(input.hasNext()) {
guess = input.next();
typeWord(typer,guess);
}
}
}
Stage 2 Password Breaker:
=======================================
import java.awt.Robot;
import java.awt.event.KeyEvent;
import java.io.File;
import java.util.Scanner;
public class Breaker2 {
public static void typeWord(Robot typer, String st)throws Exception {
for(int x = 0; x < st.length(); x++) {
typer.keyPress(KeyEvent.VK_A + st.charAt(x) - 'a');
Thread.sleep(10);
}
typer.keyPress(KeyEvent.VK_ENTER);
}
public static void main(String[] args)throws Exception {
File infile = new File("words.txt");
Scanner input = new Scanner(infile);
String potentialWord = "";;
Robot typer = new Robot();
String[] validWords = new String[1000];
int wordCount = 0;
while(input.hasNext()) {
potentialWord = input.next();
if(potentialWord.length() == 3)
validWords[wordCount++] = potentialWord;
}
System.out.println(wordCount);
Thread.sleep(5000);
for(int x = 0; x < wordCount; x++)
for(int y = 0; y < wordCount; y++)
typeWord(typer,validWords[x]+validWords[y]);
//
}
}
Stage 3 Password Breaker:
=======================================
import java.awt.Robot;
import java.awt.event.KeyEvent;
import java.util.Scanner;
public class Breaker3 {
public static void typeWord(Robot typer, String st)throws Exception {
for(int x = 0; x < st.length(); x++) {
typer.keyPress(KeyEvent.VK_A + st.charAt(x) - 'a');
Thread.sleep(10);
}
typer.keyPress(KeyEvent.VK_ENTER);
}
public static String increment(String st) {
char[] array = st.toCharArray();
int spot = array.length-1;
array[spot]++;
while(spot >= 0 && array[spot] > 'z') {
array[spot] = 'a';
if(spot != 0)
array[spot-1]++;
else {
char[] biggerArray = new char[array.length+1];
biggerArray[0] = 'a';
for(int x = 1; x < biggerArray.length; x++)
biggerArray[x] = array[x-1];
array = biggerArray;
//new Scanner(System.in).next();
}
spot--;
}
return String.valueOf(array);
}
public static void main(String[] args) throws Exception{
Robot typer = new Robot();
String guess = "`";
Thread.sleep(5000);
do
{
guess = increment(guess);
typeWord(typer,guess);
//System.out.println(guess);
}while(!guess.equals("zzzz"));
}
}