Sign in to follow this  
ErUs

password cracker algorithm

Recommended Posts

ErUs    136
i have tried and failed at making one ( a brute forcer ) :( can someone give me some pointers please? ( i have made an array with possible characters ) BTW brute force. ( every possible password/combination )

Share this post


Link to post
Share on other sites
Vanke    100
I believe you have a few ways you can go about doing this.

1) Brute force. Try every combination till one works.
2) Dictonary Hacking. Try every word till something works
3) Break the encryption on the file that stores the password (Good luck)

Share this post


Link to post
Share on other sites
ErUs    136
i dont plan on using it i just want to earn how to go about making all possible combinations. like:

"" - "0" - "1" ... "z" - "00" - "10" - "20" - "zzzz"

Share this post


Link to post
Share on other sites
omgomghilol    198
It's not necessarily illegal to use it. Security auditing companies and consultants do it all the time. It is of course illegal to use this to break into someone else's computer but ot audit your own, not so much.

Share this post


Link to post
Share on other sites
ErUs    136
can what stop posting about whats legal and whats not that has nothing todo with what i asked for.

can we stay ontopic and post something helpful :) plz?

Share this post


Link to post
Share on other sites
KSops    111
Use ACII values. Chars are essentially ints right? use loops and a few condition statements to increment through the alphabet and all other characters in terms of an int. Typecast that int into a char.

for a one char password:

char[] temp;
for(int i = 32; i < 137; i++){
temp[0] = (char)(i);
//check if it's the password; if true, break, else continue
}

for two characters:

for(){
char[0] = (char)(i)
for{
char[1] = (char)(j)
// Check password
{
}

it's not complete code. I'm assuming you can fill in the blanks.
I haven't made any kinda password cracking code either but I'm assuming this is the same idea.

Share this post


Link to post
Share on other sites
ErUs    136
thanks KSops, but i have trouble trying to make this kind of code scaleable, so i can assign a number of characters.

Share this post


Link to post
Share on other sites
BeanDog    1065
I'm going to code this right into the GameDev post textbox, so we'll see how it turns out...



void InitCombo(char **buf, int len)
{
//We'll store the null-terminated string
//followed by an array of indices into
//the list of legal characters.
*buf = new char[len+1+len];

//Zero out the string
memset(*buf, 0, len+1);

//And set all indices to -1 (==255)
memset((*buf)+len+1, -1, len);
}
bool NextCombo(char *buf, int len, char *legal)
{
//number of legal characters.
int legal_len = strlen(legal);

//beginning of our index array.
char *idx = buf+len+1;

while(true)
{
(*idx)++;//increment the current digit's index.

if((*idx) >= legal_len)
{
//We've rolled over this digit. Reset it to 0
//and go to the next digit.
*idx = 0;
idx++;
//If we've rolled over the last digit, return
//false (no more combos).
if(idx-buf >= len+1+len)
return(false);
}
else //This digit didn't roll over, so exit this loop.
break;
}

//Now that the indices are correctly updated,
//update actual string to represent the indices.
idx = buf+len+1;
for(int i = 0; i < len; i++)
if(idx[i] != -1)
buf[i] = legal[idx[i]];

return(true);
}
void ReleaseCombo(char *buf)
{
delete [] buf;
}

//Then in your code:
int main()
{
char *buf;
char *legal="abcdefghijklmnopqrstuvwxyz0123456789";

//Get every possible combination up to 15 characters long.
InitCombo(&buf, 15);
while(NextCombo(buf, 15, legal))
{
cout << buf << '\n';
}
ReleaseCombo(buf);
return(0);
}


Does that work? It turned out to be a little more code than I'd expected... Okay, I tested in in Visual C++. I should get a medal--it worked on the first compile :-)

A warning: This is VERY SLOW. This is a very fast implementation (it could be optimized in a few spots still), but it still takes a good long while (minutes to hours) to get up to 15 characters. Hopefully the target password is short. This algorithm checks the short ones first.

Hope you're using C++ :-) This isn't very easy code to port to VB or something.



~BenDilts( void );

Share this post


Link to post
Share on other sites
BeanDog    1065
If you're interested (because I was), here's a more optimized version of the above code:


#include <iostream>
using namespace std;

void InitCombo(char **buf, int len)
{
//We'll store the null-terminated string
//followed by an array of indices into
//the list of legal characters.
*buf = new char[len+1+len];

//Zero out the string
memset(*buf, 0, len+1);

//And set all indices to -1 (==255)
memset((*buf)+len+1, -1, len);
}
bool NextCombo(char *buf, int len, char *legal, int legal_len)
{
char *pOut = buf;

//beginning of our index array.
char *idx = buf+len+1;

while(true)
{
(*idx)++;//increment the current digit's index.

if((*idx) == legal_len)
{
//We've rolled over this digit. Reset it to 0
//and go to the next digit.
*idx = 0;
idx++;

*pOut = *legal;
pOut++;

//If we've rolled over the last digit, return
//false (no more combos).
if(idx-buf == len+1+len)
return(false);
}
else //This digit didn't roll over, so exit this loop.
{
*pOut = legal[(*idx)];
return(true);
}
}
}
void ReleaseCombo(char *buf)
{
delete [] buf;
}


//Then in your code:

int main(int argc, char* argv[])
{
char *buf;
char *legal="abcdefghijklmnopqrstuvwxyz0123456789";
int legal_len = strlen(legal);

//Get every possible combination up to 15 characters long.
InitCombo(&buf, 15);
while(NextCombo(buf, 15, legal, legal_len))
{
cout << buf << '\n';
}
ReleaseCombo(buf);
return(0);
}


The optimization is somewhat of a moot point, though, since the cout statement takes hundreds of times longer than the NextCombo() function.



~BenDilts( void );

Share this post


Link to post
Share on other sites
Nice Coder    366
ok, for a more efficient algorithm, i need some more info...

Is this a hash? or are you loking for a key for decription? how do you determine if the key is correct?

From,
Nice coder

Share this post


Link to post
Share on other sites
grhodes_at_work    1385
Well I'm closing this thread. I agree that there are some legal uses of password crackers, but, frankly, I do not feel comfortable having the details of such algorithms discussed here. Read the forum rules at the link below:

The Rules

You will find the following specific rules, which are my justification for closing the post:

- "Topics that you post should be relevant to the forum in which you are posting."

This post doesn't appear to be about game development, and therefore isn't relevant to this forum. If you disagree, so be it. My answer to you is in the following rule.

- "The moderator of each forum is ultimately responsible for determining what is and isn't appropriate material for that forum"

I be the moderator, and I've decided this thread isn't appropriate.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this