Skip to content

RohitPatidar123-hub/cryptanalysis-hash-cracking-diffie-hellman-attacks

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
Part_1
Part_1
 
 
Part_2
Part_2
 
 
Assignment_2_report_SIL_765_Network_And_System_Security.pdf
Assignment_2_report_SIL_765_Network_And_System_Security.pdf
 
 
README.md
README.md
 
 

Repository files navigation

cryptanalysis-hash-cracking-diffie-hellman-attacks

Exploration of cryptographic vulnerabilities with Python: cracking MD5, SHA1, and SHA256 (salted vs. unsalted), brute-force & dictionary attacks, and exploiting weaknesses in Diffie-Hellman through brute-force and MITM simulations. Includes practical experiments with ARP & DNS spoofing.

Cryptanalysis of Hashes & Diffie-Hellman Vulnerabilities

📌 Overview

This repository contains my Networks & System Security (SIL765) assignment focused on exploring vulnerabilities in modern cryptographic systems.
It demonstrates hash cracking (MD5, SHA1, SHA256) and attacks on Diffie-Hellman key exchange, along with practical simulations of Man-in-the-Middle (MITM), ARP spoofing, and DNS spoofing.
All implementations are in Python with detailed experiments and results.

🚀 Features Implemented

  • Hash Cracking (MD5, SHA1, SHA256)

    • Brute-force and dictionary-based password cracking
    • Comparison of salted vs unsalted hashes
    • Performance evaluation with timing analysis

  • Diffie-Hellman Vulnerabilities

    • Private key recovery using brute-force
    • Man-in-the-Middle (MITM) attack simulation
    • Client–server communication with vulnerable DH protocol

  • Network Attacks

    • Attempted ARP spoofing using Ettercap (client isolation prevented success)
    • Attempted DNS spoofing on hotspot (DNS relay blocked local poisoning)

🛠️ Implementation Details

  • Languages & Tools: Python, Ettercap, dsniff
  • Key Scripts:
    • attack1.py – Hash cracking (unsalted)
    • attack2.py – Salted hash cracking
    • client.py, victum.py, attacker.py – Diffie-Hellman client/server/MITM setup
    • part2.1.py – Brute force on DH private key
  • Techniques Used:
    • Frequency & dictionary attacks for hash cracking
    • Modular arithmetic for Diffie-Hellman brute force
    • Socket programming for MITM interception

📊 Results

  • Unsalted hashes: Successfully cracked using dictionary attack.
  • Salted hashes: Significantly more resistant; required more computation.
  • Diffie-Hellman: Private keys recovered (small primes), MITM successfully intercepted shared secrets.
  • ARP/DNS Spoofing: Failed on mobile hotspot due to client isolation and DNS relay configuration.

▶️ How to Run

  1. Clone the repository: 
    git clone https://github.com/<your-username>/cryptanalysis-hash-cracking-diffie-hellman-attacks.git
cd cryptanalysis-hash-cracking-diffie-hellman-attacks

Install dependencies:

bash

pip install -r requirements.txt Run Hash Cracking:

bash

python attack1.py # Unsalted python attack2.py # Salted Run Diffie-Hellman Brute Force:

bash

python part2.1.py

About

Exploration of cryptographic vulnerabilities with Python: cracking MD5, SHA1, and SHA256 (salted vs. unsalted), brute-force & dictionary attacks, and exploiting weaknesses in Diffie-Hellman through brute-force and MITM simulations. Includes practical experiments with ARP & DNS spoofing.

Topics

cryptography cryptanalysis mitm md5 cybersecurity brute-force sha1 sha256 arp-spoofing diffie-hellman hash-cracking dns-spoofing security-attacks dictionary-attack-

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages