Fill This Form To Receive Instant Help

Help in Homework
trustpilot ratings
google ratings


Homework answers / question archive / Week 8 Deliverables Overview: This week, you have studied Web application vulnerabilities, password complexity, logs and cryptographic algorithms

Week 8 Deliverables Overview: This week, you have studied Web application vulnerabilities, password complexity, logs and cryptographic algorithms

Psychology

Week 8 Deliverables Overview: This week, you have studied Web application vulnerabilities, password complexity, logs and cryptographic algorithms. The Lab for this week demonstrates your knowledge of this additional knowledge applied using Python functionality. Submission requirements for this project include 2 files. (Zipping them into one file is acceptable and encouraged): ? ? Python Web Application Code (Python code for all routes, templates, static files and other files) Word or PDF file containing your test, pylint results and Cryptographic results. Python Applications for this lab: (total 100 points): 1. (50 points) In this exercise you will update your web site to include a password update form and provide additional validation on the password check. Specifically you should create: a. Password update Form – This Python form allows a previously registered user to reset their password after they have successfully logged in. b. Authentication functions – These Python functions will check the following NIST SP 800-63B criteria are met upon password update: ? Use the previous criteria for password length and complexity. (This work should already be done.) ? Compare the prospective secrets against a list that contains values known to be commonlyused, expected, or compromised (Provided as CommonPasswords.txt). ? If the chosen secret is found in the list, the application SHALL advise the subscriber that they need to select a different secret. c. Logger – Create a log to log all failed login attempts. The Log should include date, time and IP address. Hints: 1. 2. 3. 4. Start early. This will take you longer than you think. Leverage the File I/O, Flask and Data structures work previously performed in the class. Use functions to enhance code reuse and modularity. Use Python Lists or other data structures to store the Common Passwords and then appropriate search functions to expedite comparisons. 5. Use comments to document your code 6. Test with many combinations. 7. Use pylint to verify the code style – the goal is a 10! 2. (30 points) Using the Decrypting Secret Messages sites found in this week’s readings, decrypt the following messages. a. - .... .. ... / ... -.. . ...- / ...-- ----- ----- / -.-. .-.. .- ... ... / .... .- ... / ... --- -- . / ... - .-. .- -. --. . / .-. . --...- . ... - ... .-.-.- 1 b. c. U28gdGhpcyBpcyBiYXNlNjQuIE5vdyBJIGtub3cu --- Psuwb Ysm ---W oa gc qzsjsf. Bc cbs qcizr dcggwpzm twuifs hvwg cih. --- Sbr Ysm --- Provide the decoded message along with the Cipher and any other parameters you used to solve each puzzle. Hints: 1. Use the rumkin site 2. You will need to experiment some to narrow down the possible algorithms used. Some are more obvious than others. 3. You will know when you have selected the correct Cipher 3. (20 points) Document your results of the application running from your programming environment. You should also include and discuss your pylint results for the application. Provide your test results for each requirement in the Web application, associated functions and provide your resulting log files. Discuss the log file and how it could be used to possibly detect patterns of abuse. Describe the results of your NIST password complexity functions and how you tested each requirement. Include the Cipher tool results and write up in this document as well. Any submissions that do not represent work originating from the student will be submitted to the Dean’s office and evaluated for possible academic integrity violations and sanctions. 2 routes.py from flask import Flask, render_template, redirect, url_for, request, session import re app = Flask(__name__) app.config['SECRET_KEY'] = ' supersecret key 2020' '''@app.before_request def before_request(): if 'visited' not in session: return render_template("login.html") else: pass''' def validate_password(password): reg = "^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*#?&])[A-Za-z\d@$!#%*?&]{12,25}$" pattern = re.compile(reg) match = re.search(pattern, password) if match: return True else: return False @app.route('/') @app.route('/index.html') def index(): if 'visited' not in session: return redirect(url_for('login')) return render_template('index.html', the_title='Console Wars: Xbox vs Playstation') @app.route('/xbox.html') def xbox(): if 'visited' not in session: return redirect(url_for('login')) return render_template('xbox.html', the_title='Console Wars: Xbox Specs') @app.route('/playstation.html') def playstation(): if 'visited' not in session: return redirect(url_for('login')) return render_template('playstation.html', the_title='Console Wars: Playstation Specs') @app.route('/register', methods=['GET', 'POST']) def register(): if request.method == 'POST': username = request.form['username'] email = request.form['email'] password = request.form['password'] f = open("database.txt", "a") tname = "" for sub in username.split(" "): tname = tname + "_" + sub if not validate_password(password): message = "Password does not match requirements" return render_template("register.html", error=message) else: f.write("%s %s %s\n" % (tname, email, password)) f.close() return render_template("register.html", error="successfully registered") else: return render_template("register.html") @app.route('/login', methods=['GET', 'POST']) def login(): if request.method == 'POST': f = open("database.txt", "r") data = f.readlines() f.close() data = [x.split() for x in data] for item in data: if request.form['email'] == item[1].strip() and request.form['password'] == item[2].strip(): session['visited'] = True return redirect(url_for('index')) else: error = "wrong credentials" return render_template("login.html", error=error) else: return render_template("login.html") if __name__ == '__main__': app.run(host='0.0.0.0', port=5055) index.html {{ the_title }} Xbox Specs Playstation Specs Specs Xbox Series X Playstation 5 GPU 12 TFLOPS 10.28 TFLOPS Memory 16 GB 16 GB Storage 1 TB 825GB login.html body{ background: black; } Login {% if error %} * {{ error }} {% endif %} Don't Have an Account?Register! register.html body{ background: black; } Register {% if error %} * {{ error }} {% endif %} Have an Account?Login! 2) Explanation: a. It is clear that it is morse code. So we can decrypt it using morse code decryption. b. As the characters are only alphabets and numbers, my guess was base 64 encoding scheme and it is indeed base64 encoding scheme. c. This is the modified version of caesar cipher, where the key is 14. Code for a: import base64 # This function converts decrypts the given morse code text def morse_code_decrypt(encrypted_string): # This dictionary consists the morse code character as the key and it's character equivalent as value morse_code_dictionary = {'..-': 'U', '--..--': ', ', '....-': '4', '.....': '5', '-...': 'B', '-..-': 'X', '.-.': 'R', '--.-': 'Q', '--..': 'Z', '.--': 'W', '-..-.': '/', '..---': '2', '.-': 'A', '..': 'I', '-.-.': 'C', '..-.': 'F', '---': 'O', '-.--': 'Y', '-': 'T', '.': 'E', '.-..': 'L', '...': 'S', '-.--.-': ')', '..--..': '?', '.----': '1', '-----': '0', '-.-': 'K', '-..': 'D', '----.': '9', '-....': '6', '.---': 'J', '.--.': 'P', '.-.-.-': '.', '-.--.': '(', '--': 'M', '-.': 'N', '....': 'H', '---..': '8', '...-': 'V', '--...': '7', '--.': 'G', '...--': '3', '-....-': '-'} # This list stores the decrypted morse code words decrypted_string = [] # Iterating over the morse code by splitting it using / as the separator for word in encrypted_string.split('/'): # This string stores the decrypted word decrypted_word = '' # Iterating over word by splitting it using space as the separator for char in word.split(): # Getting the character of morse code equivalent from the dictionary and adding it to decrypted_word string decrypted_word += morse_code_dictionary[char] # Adding the string to the decrypted_string list decrypted_string.append(decrypted_word) # Joining the list using space as separator and returning it return ' '.join(decrypted_string) Code Screenshot: Code for b: # This function decrypts the encoded base64 text def base64_decrypt(encrypted_string): # Decoding the base64 text decrypted_string = str(base64.urlsafe_b64decode(encrypted_string.encode("utf-8"))) # Returning the decoded text return decrypted_string Code Screenshot: Code for c: # this function decrypts the text encrypted using casear cipher def caesar_cipher(encrypted_string,shift): # This string stores the decrypted text decrypted_string = [] # Iterating over encrypted_string for word in encrypted_string.upper().split(): # This string stores the decrypted string decrypted_word = "" # Iterating over words for char in word: if char.isalpha(): # Decrypting the character decrypted_char = chr((ord(char) - shift - 65) % 26 + 65) else: decrypted_char = char # Adding the decrypted character to the decrypted string decrypted_word += decrypted_char # Adding the decrypted word to the decrypted string decrypted_string.append(decrypted_word) # Returning the decrypted string return ' '.join(decrypted_string) Code Screenshot: Testing the code: # Main function def main(): # This string stores the morse code text morse_code_encrypted_string = "- .... .. ... / ... -.. . ...- / ...-- ----- ----- / -.-. .-.. .- ... ... / .... .- ... / ... --- -. / ... - .-. .- -. --. . / .-. . --.- ..- . ... - ... .-.-.-" # Decrypting the morse code and storing it morse_code_decrypted_string = morse_code_decrypt(morse_code_encrypted_string) # Printing the morse code print("Original Morse code: {}".format(morse_code_encrypted_string)) # Printing the decrypted text from the morse code print("Message after decrypting morse code: {}".format(morse_code_decrypted_string)) # This is the base64 encoded message base64_encrypted_string = "U28gdGhpcyBpcyBiYXNlNjQuIE5vdyBJIGtub3cu" # Decrypting the base64 message and storing it base64_decrypted_string = base64_decrypt(base64_encrypted_string) # Printing the base64 encrypted text print("\nBase 64 encrypted text: {}".format(base64_encrypted_string)) # Printing the base64 decrypted text print("Base 64 decrypted text: {}".format(base64_decrypted_string)) # This is the caesar cipher encoded message caesar_cipher_encrypted_string = "--- Psuwb Ysm ---- W oa gc qzsjsf. Bc cbs qcizr dcggwpzm twuifs hvwg cih. --- Sbr Ysm ---" # Decrypting the caesar cipher text caesar_cipher_decrypted_string = caesar_cipher(caesar_cipher_encrypted_string,14) # Printing the caesar cipher encrypted text print("\nBase 64 encrypted text: {}".format(caesar_cipher_encrypted_string)) # Printing the caesar cipher decrypted text print("Base 64 decrypted text: {}".format(caesar_cipher_decrypted_string)) # Calling the main function main() Code Screenshot: Total Code: import base64 # This function converts decrypts the given morse code text def morse_code_decrypt(encrypted_string): # This dictionary consists the morse code character as the key and it's character equivalent as value morse_code_dictionary = {'..-': 'U', '--..--': ', ', '....-': '4', '.....': '5', '-...': 'B', '-..-': 'X', '.-.': 'R', '--.-': 'Q', '--..': 'Z', '.--': 'W', '-..-.': '/', '..---': '2', '.-': 'A', '..': 'I', '-.-.': 'C', '..-.': 'F', '---': 'O', '-.--': 'Y', '-': 'T', '.': 'E', '.-..': 'L', '...': 'S', '-.--.-': ')', '..--..': '?', '.----': '1', '-----': '0', '-.-': 'K', '-..': 'D', '----.': '9', '-....': '6', '.---': 'J', '.--.': 'P', '.-.-.-': '.', '-.--.': '(', '--': 'M', '-.': 'N', '....': 'H', '---..': '8', '...-': 'V', '--...': '7', '--.': 'G', '...--': '3', '-....-': '-'} # This list stores the decrypted morse code words decrypted_string = [] # Iterating over the morse code by splitting it using / as the separator for word in encrypted_string.split('/'): # This string stores the decrypted word decrypted_word = '' # Iterating over word by splitting it using space as the separator for char in word.split(): # Getting the character of morse code equivalent from the dictionary and adding it to decrypted_word string decrypted_word += morse_code_dictionary[char] # Adding the string to the decrypted_string list decrypted_string.append(decrypted_word) # Joining the list using space as separator and returning it return ' '.join(decrypted_string) # This function decrypts the encoded base64 text def base64_decrypt(encrypted_string): # Decoding the base64 text decrypted_string = str(base64.urlsafe_b64decode(encrypted_string.encode("utf-8"))) # Returning the decoded text return decrypted_string # this function decrypts the text encrypted using casear cipher def caesar_cipher(encrypted_string,shift): # This string stores the decrypted text decrypted_string = [] # Iterating over encrypted_string for word in encrypted_string.upper().split(): # This string stores the decrypted string decrypted_word = "" # Iterating over words for char in word: if char.isalpha(): # Decrypting the character decrypted_char = chr((ord(char) - shift - 65) % 26 + 65) else: decrypted_char = char # Adding the decrypted character to the decrypted string decrypted_word += decrypted_char # Adding the decrypted word to the decrypted string decrypted_string.append(decrypted_word) # Returning the decrypted string return ' '.join(decrypted_string) # Main function def main(): # This string stores the morse code text morse_code_encrypted_string = "- .... .. ... / ... -.. . ...- / ...-- ----- ----- / -.-. .-.. .- ... ... / .... .- ... / ... --- -. / ... - .-. .- -. --. . / .-. . --.- ..- . ... - ... .-.-.-" # Decrypting the morse code and storing it morse_code_decrypted_string = morse_code_decrypt(morse_code_encrypted_string) # Printing the morse code print("Original Morse code: {}".format(morse_code_encrypted_string)) # Printing the decrypted text from the morse code print("Message after decrypting morse code: {}".format(morse_code_decrypted_string)) # This is the base64 encoded message base64_encrypted_string = "U28gdGhpcyBpcyBiYXNlNjQuIE5vdyBJIGtub3cu" # Decrypting the base64 message and storing it base64_decrypted_string = base64_decrypt(base64_encrypted_string) # Printing the base64 encrypted text print("\nBase 64 encrypted text: {}".format(base64_encrypted_string)) # Printing the base64 decrypted text print("Base 64 decrypted text: {}".format(base64_decrypted_string)) # This is the caesar cipher encoded message caesar_cipher_encrypted_string = "--- Psuwb Ysm ---- W oa gc qzsjsf. Bc cbs qcizr dcggwpzm twuifs hvwg cih. --- Sbr Ysm ---" # Decrypting the caesar cipher text caesar_cipher_decrypted_string = caesar_cipher(caesar_cipher_encrypted_string,14) # Printing the caesar cipher encrypted text print("\nBase 64 encrypted text: {}".format(caesar_cipher_encrypted_string)) # Printing the caesar cipher decrypted text print("Base 64 decrypted text: {}".format(caesar_cipher_decrypted_string)) # Calling the main function main() Code Output:

Option 1

Low Cost Option
Download this past answer in few clicks

16.89 USD

PURCHASE SOLUTION

Already member?


Option 2

Custom new solution created by our subject matter experts

GET A QUOTE

Related Questions