Thursday, February 28, 2008

2008 Scripting Games, Solution 5 

#Advanced Event 5: You Call That a Strong Password?
#http://www.microsoft.com/technet/scriptcenter/funzone/games/games08/aevent5.mspx

param($password)

# Start score
$score=13
# Load wordlist
$wordlist=type c:\scripts\wordlist.txt

# Tests
$len=$password.length

if ($wordlist -contains $password) {"Is a word";$score--}
if ($wordlist -contains $password.substring(0,($len-1))) {"When the last character is removed, it is a word";$score--}
if ($wordlist -contains $password.substring(1)) {"When the first character is removed, it is a word";$score--}
if ($password[0..$len] -contains "0" -and $wordlist -contains ($password -replace "0","o")) {"Is a word, where the letter 'o' is replaced with zero";$score--}
if ($password[0..$len] -contains "1" -and $wordlist -contains ($password -replace "1","l")) {"Is a word, where the letter 'l' is replaced with digit '1'";$score--}
if (!($len -ge 10 -and $len -le 20)) {"Is shorter than 10 or longer than 20";$score--}
# Find regex character classes at http://msdn2.microsoft.com/en-us/library/20bw873z.aspx
# Class d - digit
if ($password -notmatch "\d") {"Does not contain a digit";$score--}
# Class Ll - Letter, Lowercase
if ($password -cnotmatch "\p{Ll}") {"Does not contain a lowercase letter";$score--}
# Class Lu - Letter, Uppercase
if ($password -cnotmatch "\p{Lu}") {"Does not contain an uppercase letter";$score--}
# Class S - symbol, P - punctuation
if ($password -cnotmatch "\p{S}|\p{P}") {"Does not contain any symbols or punctuation";$score--}
if ($password -cmatch "\p{Ll}{4}") {"Contain more than 4 consecutive lowercase letters";$score--}
if ($password -cmatch "\p{Lu}{4}") {"Contain more than 4 consecutive uppercase letters";$score--}
if (($password[0..$len] | % {$c=0} {$c++; $password[$c..$len] -ccontains $_}) -contains $true) {
    "A duplicate letter (case-insensitive) is found"
    $score--
}

""
if ($score -le 6) {
    "A password score of {0} indicates a weak password" -f $score
}
elseif ($score -le 10) {
    "A password score of {0} indicates a moderately-strong password" -f $score
}
else {
    "A password score of {0} indicates a strong password" -f $score
}
Posted by Per Østergaard at 11:13
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)