hamx/PassMetric
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

bruteforce implemented

Browse Source
This commit is contained in:
Andrii Solianyk
2025-11-21 19:57:57 +01:00
parent b5de9852ca
commit 12aad793c6
5 changed files with 205 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@@ -14,7 +14,7 @@ które pomogą mu stworzyć silne i unikalne zabezpieczenie konta.
### Założenia: ### Założenia:
- [ ] Sprawdza ile hasło będzie łamane przy pomocy metody Bruteforce (Andrii Solianyk) - [x] Sprawdza ile hasło będzie łamane przy pomocy metody Bruteforce (Andrii Solianyk)
- [x] Sprawdza czy hasło nie wyciekło (Patryk Kania) - [x] Sprawdza czy hasło nie wyciekło (Patryk Kania)
- [x] Sprawdza jego złożoność (Hubert Salwa) - [x] Sprawdza jego złożoność (Hubert Salwa)
- [x] Proponuje zmiany hasła w celu poprawy jego złożoności (Hubert Salwa) - [x] Proponuje zmiany hasła w celu poprawy jego złożoności (Hubert Salwa)

11
src/main/java/iz/_11a/passmetric/PasswordController.java
View File

@@ -1,6 +1,7 @@
package iz._11a.passmetric; package iz._11a.passmetric;
import iz._11a.passmetric.model.PasswordLeakResult; import iz._11a.passmetric.model.PasswordLeakResult;
import iz._11a.passmetric.service.BruteForceService;
import iz._11a.passmetric.service.PasswordLeakService; import iz._11a.passmetric.service.PasswordLeakService;
import org.springframework.stereotype.Controller; import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.*; import org.springframework.web.bind.annotation.*;
@@ -10,11 +11,12 @@ import java.util.*;
@Controller @Controller
public class PasswordController { public class PasswordController {
private final PasswordLeakService service; private final PasswordLeakService passwordLeakService;
public PasswordController(PasswordLeakService service) { public PasswordController(PasswordLeakService passwordLeakService) {
this.service = service; this.passwordLeakService = passwordLeakService;
} }
@GetMapping("/") @GetMapping("/")
public String home() { public String home() {
return "password"; return "password";
@@ -29,12 +31,13 @@ public class PasswordController {
int score = calculateScore(password); int score = calculateScore(password);
String strengthText = strengthText(score); String strengthText = strengthText(score);
List<String> tips = generateTips(password); List<String> tips = generateTips(password);
PasswordLeakResult leakResult = service.checkLeakWithCount(password); PasswordLeakResult leakResult = passwordLeakService.checkLeakWithCount(password);
response.put("strengthText", strengthText); response.put("strengthText", strengthText);
response.put("progress", score * 20); // pasek postępu 0100% response.put("progress", score * 20); // pasek postępu 0100%
response.put("tips", tips); response.put("tips", tips);
response.put("leaked", leakResult.isLeaked() ? "Hasło wyciekło " + leakResult.getCount() +" razy" : "Hasło nie występuje w wyciekach"); response.put("leaked", leakResult.isLeaked() ? "Hasło wyciekło " + leakResult.getCount() +" razy" : "Hasło nie występuje w wyciekach");
response.put("timetohack", BruteForceService.estimateTimeToHackFormatted(password));
return response; return response;
} }

131
src/main/java/iz/_11a/passmetric/service/BruteForceService.java Normal file
View File

@@ -0,0 +1,131 @@
package iz._11a.passmetric.service;
import java.math.BigDecimal;
import java.math.RoundingMode;
public class BruteForceService {
private static final long ATTEMPTS_PER_SECOND = 1_000_000_000L;
private static final int LOWERCASE_SIZE = 26; // a-z
private static final int UPPERCASE_SIZE = 26; // A-Z
private static final int DIGITS_SIZE = 10; // 0-9
private static final int SPECIAL_CHARS_SIZE = 32; // !@#$%^&*() и т.д.
private static final BigDecimal SECONDS_IN_MINUTE = BigDecimal.valueOf(60);
private static final BigDecimal SECONDS_IN_HOUR = SECONDS_IN_MINUTE.multiply(BigDecimal.valueOf(60));
private static final BigDecimal SECONDS_IN_DAY = SECONDS_IN_HOUR.multiply(BigDecimal.valueOf(24));
private static final BigDecimal SECONDS_IN_YEAR = SECONDS_IN_DAY.multiply(new BigDecimal("365.25"));
public static String estimateTimeToHackFormatted(String password) {
int charsetSize = calculateCharsetSize(password);
if (charsetSize == 0) {
return "nie można oszacować czasu dla pustego hasła";
}
int passwordLength = password.length();
BigDecimal totalCombinations = BigDecimal.valueOf(charsetSize).pow(passwordLength);
BigDecimal averageAttempts = totalCombinations.divide(BigDecimal.valueOf(2.0), RoundingMode.HALF_UP);
return formatTime(averageAttempts.divide(BigDecimal.valueOf(ATTEMPTS_PER_SECOND), 10, RoundingMode.HALF_UP).doubleValue());
}
public static String formatTime(double seconds) {
if (seconds < 1.0) {
return "mniej niż sekundę";
}
BigDecimal totalSeconds = BigDecimal.valueOf(seconds);
BigDecimal[] yearsAndRemainder = totalSeconds.divideAndRemainder(SECONDS_IN_YEAR);
long years = yearsAndRemainder[0].longValue();
if (years > 1_000_000_000L) {
return "∞ (nieskończenie długo)";
}
StringBuilder result = new StringBuilder();
if (years > 0) {
result.append(years).append(" ").append(getYearsForm(years)).append(" ");
}
BigDecimal[] daysAndRemainder = yearsAndRemainder[1].divideAndRemainder(SECONDS_IN_DAY);
long days = daysAndRemainder[0].longValue();
if (days > 0) {
result.append(days).append(" ").append(getDaysForm(days)).append(" ");
}
BigDecimal[] hoursAndRemainder = daysAndRemainder[1].divideAndRemainder(SECONDS_IN_HOUR);
long hours = hoursAndRemainder[0].longValue();
if (hours > 0) {
result.append(hours).append(" ").append(getHoursForm(hours)).append(" ");
}
BigDecimal[] minutesAndRemainder = hoursAndRemainder[1].divideAndRemainder(SECONDS_IN_MINUTE);
long minutes = minutesAndRemainder[0].longValue();
if (minutes > 0) {
result.append(minutes).append(" ").append(getMinutesForm(minutes)).append(" ");
}
long remainingSeconds = minutesAndRemainder[1].setScale(0, RoundingMode.HALF_UP).longValue();
if (remainingSeconds > 0) {
result.append(remainingSeconds).append(" ").append(getSecondsForm(remainingSeconds));
}
return result.toString().trim();
}
private static String getYearsForm(long years) {
if (years == 1) return "rok";
if (years % 10 >= 2 && years % 10 <= 4 && (years % 100 < 10 || years % 100 >= 20)) return "lata";
return "lat";
}
private static String getDaysForm(long days) {
if (days == 1) return "dzień";
return "dni";
}
private static String getHoursForm(long hours) {
if (hours == 1) return "godzina";
if (hours % 10 >= 2 && hours % 10 <= 4 && (hours % 100 < 10 || hours % 100 >= 20)) return "godziny";
return "godzin";
}
private static String getMinutesForm(long minutes) {
if (minutes == 1) return "minuta";
if (minutes % 10 >= 2 && minutes % 10 <= 4 && (minutes % 100 < 10 || minutes % 100 >= 20)) return "minuty";
return "minut";
}
private static String getSecondsForm(long seconds) {
if (seconds == 1) return "sekunda";
if (seconds % 10 >= 2 && seconds % 10 <= 4 && (seconds % 100 < 10 || seconds % 100 >= 20)) return "sekundy";
return "sekund";
}
private static int calculateCharsetSize(String password) {
int charsetSize = 0;
boolean hasLowercase = false;
boolean hasUppercase = false;
boolean hasDigits = false;
boolean hasSpecial = false;
for (char c : password.toCharArray()) {
if (Character.isLowerCase(c)) hasLowercase = true;
else if (Character.isUpperCase(c)) hasUppercase = true;
else if (Character.isDigit(c)) hasDigits = true;
else hasSpecial = true;
}
if (hasLowercase) charsetSize += LOWERCASE_SIZE;
if (hasUppercase) charsetSize += UPPERCASE_SIZE;
if (hasDigits) charsetSize += DIGITS_SIZE;
if (hasSpecial) charsetSize += SPECIAL_CHARS_SIZE;
return charsetSize;
}
}

21
src/main/resources/static/css/password.css
View File

@@ -47,6 +47,7 @@ body {
display: grid; display: grid;
place-items: center; place-items: center;
padding: 24px; padding: 24px;
align-content: space-evenly;
} }
h1 { h1 {
@@ -59,7 +60,7 @@ h1 {
} }
form { form {
width: min(92vw, 480px); width: min(92vw, 540px);
background: var(--panel); background: var(--panel);
border: 1px solid var(--border); border: 1px solid var(--border);
padding: 20px 18px; padding: 20px 18px;
@@ -118,7 +119,7 @@ input[type="password"]:focus {
} }
.message { .message {
width: min(92vw, 480px); width: min(92vw, 540px);
margin: 12px auto 0; margin: 12px auto 0;
padding: 12px 14px; padding: 12px 14px;
border-radius: 12px; border-radius: 12px;
@@ -184,7 +185,7 @@ input[type="password"]:focus {
} }
#strengthBarContainer { #strengthBarContainer {
width: min(92vw, 480px); width: min(92vw, 540px);
margin: 10px auto 0; margin: 10px auto 0;
height: 10px; height: 10px;
background: #e2e8f0; background: #e2e8f0;
@@ -200,9 +201,21 @@ input[type="password"]:focus {
} }
ul#tipsList { ul#tipsList {
width: min(92vw, 480px); width: min(92vw, 540px);
margin: 10px auto 0; margin: 10px auto 0;
padding-left: 20px; padding-left: 20px;
font-size: 14px; font-size: 14px;
color: var(--text); color: var(--text);
list-style: disc;
} }
ul#tipsList.ok {
padding-left: 14px;
list-style: none;
color: #86efac;
}
ul#tipsList li {
margin: 0.3rem 0.5rem;
}

63
src/main/resources/templates/password.html
View File

@@ -20,19 +20,26 @@
</div> </div>
<div class="message-wrapper"> <div class="message-wrapper">
<p id="liveMessage" class="message" aria-live="polite"></p> <p id="liveMessage" class="message" aria-live="polite"></p>
<p id="leakMessage" class="message" aria-live="polite"></p> <p id="leakMessage" class="message" aria-live="polite"></p>
</div> <p id="timeToHackMessage" class="message" aria-live="polite"></p>
<ul id="tipsList" class="message" aria-live="polite">
<!-- Podpowiedzi krok po kroku --> </ul>
<ul id="tipsList"></ul> </div>
<script> <script>
const input = document.getElementById('password'); const input = document.getElementById('password');
const out = document.getElementById('liveMessage'); const out = document.getElementById('liveMessage');
const bar = document.getElementById('strengthBarFill'); const bar = document.getElementById('strengthBarFill');
const barContainer = document.getElementById('strengthBarContainer');
const tipsList = document.getElementById('tipsList'); const tipsList = document.getElementById('tipsList');
const leakOut = document.getElementById('leakMessage'); const leakOut = document.getElementById('leakMessage');
const timeToHackOut = document.getElementById('timeToHackMessage');
// ukryj przy pierwszym załadowaniu strony
tipsList.style.display = 'none';
barContainer.style.display = 'none';
let t; let t;
input.addEventListener('input', () => { input.addEventListener('input', () => {
@@ -45,7 +52,10 @@
leakOut.textContent = ''; leakOut.textContent = '';
leakOut.className = 'message'; leakOut.className = 'message';
bar.style.width = "0%"; bar.style.width = "0%";
tipsList.innerHTML = ''; barContainer.style.display = 'none';
tipsList.innerHTML = "";
tipsList.style.display = 'none';
timeToHackOut.textContent = '';
return; return;
} }
@@ -53,8 +63,8 @@
try { try {
const resp = await fetch('/api/password/strength', { const resp = await fetch('/api/password/strength', {
method: 'POST', method: 'POST',
headers: { 'Content-Type': 'application/x-www-form-urlencoded' }, headers: {'Content-Type': 'application/x-www-form-urlencoded'},
body: new URLSearchParams({ password: val }) body: new URLSearchParams({password: val})
}); });
if (!resp.ok) { if (!resp.ok) {
out.textContent = 'Błąd sprawdzania'; out.textContent = 'Błąd sprawdzania';
@@ -95,16 +105,40 @@
} }
} }
// Pasek postępu (0100%)
bar.style.width = (data.progress || 0) + "%"; bar.style.width = (data.progress || 0) + "%";
barContainer.style.display = 'block';
// Podpowiedzi // Podpowiedzi
tipsList.innerHTML = ""; tipsList.innerHTML = "";
(data.tips || []).forEach(tip => { if (data.tips && data.tips.length > 0) {
const li = document.createElement("li"); if (data.tips.length === 1 && data.tips[0] === "Świetnie! Twoje hasło jest bardzo silne.") {
li.textContent = tip; tipsList.textContent = data.tips[0];
tipsList.appendChild(li); tipsList.classList.add("ok");
}); tipsList.style.display = 'block';
} else {
tipsList.classList.remove("ok");
data.tips.forEach(tip => {
const li = document.createElement("li");
li.textContent = tip;
tipsList.appendChild(li);
});
tipsList.style.display = 'block';
}
} else {
tipsList.style.display = 'none';
}
// TimeToHack
timeToHackOut.textContent = "Zostanie złamane w: " + (data.timetohack || '');
timeToHackOut.className = 'message';
if (data.timetohack && data.timetohack.includes("nieskończenie długo")) {
timeToHackOut.classList.add("ok");
} else if (data.timetohack && data.timetohack.includes("mniej")) {
timeToHackOut.classList.add("bad")
} else {
timeToHackOut.classList.remove("ok");
}
} catch { } catch {
out.textContent = 'Błąd sieci'; out.textContent = 'Błąd sieci';
@@ -112,6 +146,7 @@
} }
}, 150); }, 150);
}); });
</script> </script>
</body> </body>
</html> </html>