d2jsp
Log InRegister
d2jsp Forums > Off-Topic > Computers & IT > Programming & Development > Ok > Another
12Next
Add Reply New Topic New Poll
Member
Posts: 25,563
Joined: Mar 10 2007
Gold: 0.71
Jun 5 2013 02:09pm
Question

So im making a password brute forcer in visual basic 6.0

I currently have it working with numbers.

This is my current code.

Code
Dim password As Integer
Dim crackpass As Integer

Private Sub Command1_Click()
   Text2.Visible = True
   Timer1.Enabled = False
   Text1.Text = ""
End Sub

Private Sub cmdStart_Click()
   password = Text2.Text
   Text2.Visible = False
   Timer1.Enabled = True
End Sub

Private Sub Command2_Click()
   End
End Sub

Private Sub Form_Load()

End Sub

Private Sub Timer1_Timer()
   Randomize Timer
   crackpass = 500 * Rnd() + 1
   If crackpass = password Then
   Timer1.Enabled = False
   Text1.Text = crackpass
   Label1.Visible = True
   Label1.Caption = "Password Was Cracked! Retrieving Data..."
   
   Else
   Text1.Text = crackpass
   Label1.Visible = True
   Label1.Caption = "Please wait..."
   End If
End Sub


What im looking to do is make it so it doesn't repeat the same number while randomizing.

And also add letters into the password brute forcing thing.

Just incase, this is for a school project not for other uses if people get any ideas.




this is kind of what im going for.

Any help would be appreciated.

This post was edited by Denzel on Jun 5 2013 02:09pm
Member
Posts: 10,812
Joined: Oct 15 2009
Gold: Locked
Warn: 20%
Jun 5 2013 02:18pm
wouldn't it be easier to just try ascii32, then ascii33, then ascii34, ... , ascii126
ascii32 ascii32, ascii32 ascii 33, ... , ascii 32 ascii126
ascii33 ascii32, ascii33 ascii 33, ... , ascii33 ascii126
and so on.
Otherwise you need to keep track of every random guess; plus creating a random number generally takes longer than just adding 1. And since your probably going to be running this loop a bunch of time, these little delays add up.

This post was edited by Azrad on Jun 5 2013 02:20pm
Member
Posts: 25,563
Joined: Mar 10 2007
Gold: 0.71
Jun 5 2013 02:22pm
Quote (Azrad @ Jun 5 2013 03:18pm)
wouldn't it be easier to just try ascii32, then ascii33, then ascii34, ... , ascii126
ascii32 ascii32, ascii32 ascii 33,  ... , ascii 32 ascii126
ascii33 ascii32, ascii33 ascii 33, ... , ascii33 ascii126
and so on.
Otherwise you need to keep track of every random guess; plus creating a random number generally takes longer than just adding 1. And since your probably going to be running this loop a bunch of time, these little delays add up.


What are ascii32 etc?

Im sorry im not at a very advanced level with this.

It doens't have to really be the most efficient as long as it can do the job.
Member
Posts: 2,757
Joined: Nov 26 2007
Gold: 1,214.81
Jun 5 2013 02:49pm
Quote (Denzel @ Jun 5 2013 04:22pm)
What are ascii32 etc?

Im sorry im not at a very advanced level with this.

It doens't have to really be the most efficient as long as it can do the job.


Start at ascii decimal value 32 and increment through to 126.

These are all the values you can type on a keyboard.

Convert the decimal value to it's character representation.

I think you convert it like this...
Dim characterValue As Char = ChrW(assciDecimalValue)
Member
Posts: 10,812
Joined: Oct 15 2009
Gold: Locked
Warn: 20%
Jun 5 2013 03:15pm
ascii32 is the "spacebar character"
ascii33 is !
ascii65 is A
ascii97 is a
ascii122 is z
ascii126 is ~

this covers the character set almost all passwords will be constructed from

google "ascii table" for a table listing these

you want to use ascii instead of normal letters, because adding 1 to 'a' is not possible, but adding 1 to 97 is just 98
Member
Posts: 10,812
Joined: Oct 15 2009
Gold: Locked
Warn: 20%
Jun 5 2013 04:22pm
from abduct:

create an algro to find the next password to test. do this by incrementing one end of your string and then if it is greater than your charset, reset it to the bottom and increment the next charater to the right or left and break from the funciton.

Code

ruby passwordcracker.rb
Process started >>>
took 89.932144 seconds to crack the password
<<< Process finished. (Exit code 0)


Code

require 'benchmark'

class PasswordCracker
 def initialize( password )
   @password_to_crack = password
 end
 
 def getnextpassword( current_password )
   password_array = current_password.split(//)
   
   password_array.each_index do |index|
     if( password_array[index].ord >= 126 )
       password_array[index] = 33.chr
     else
       break if( password_array[index].ord == 126 )
       temp = password_array[index].ord
       password_array[index] = (temp += 1).chr
       break
     end
   end
     password_array.join
 end
 
 def crackpassword
   starting_password = ''
   @password_to_crack.each_char { starting_password += '!' }
   time = Benchmark.realtime do
     while starting_password != @password_to_crack do
       starting_password = getnextpassword starting_password
     end
   end
   time
 end
end


test = PasswordCracker.new "1337"
puts "took #{test.crackpassword} seconds to crack the password"
Member
Posts: 10,812
Joined: Oct 15 2009
Gold: Locked
Warn: 20%
Jun 5 2013 05:56pm
or my version (about the same runtime)

Code
def BruteForce(input_list):
   input_list[0] = input_list[0]+1
   #while any digit has exceed the character set we are trying
   while 127 in input_list:
       for i in range (len(input_list)):
           #if we don't need to add a new character to the length of the password
           if (input_list[i] == 127) and i != len(input_list)-1:
               input_list[i] = 32
               input_list[i+1] += 1
           #if we do need to add a new character to the length of the password
           elif input_list[i] == 127:
               input_list[i] = 32
               input_list.append(32)
   password=''
   #convert from ascii to regular letters
   for letter in input_list:
       password += chr(letter)
   return password
 
starting_password = ' '
ascii_password=[]

#convert from regular letters to ascii
for letter in starting_password:
   ascii_password.append(ord(letter))
next_password_to_try = ascii_password
while next_password_to_try != '~~~~':
   next_password_to_try = BruteForce(ascii_password)
Member
Posts: 25,563
Joined: Mar 10 2007
Gold: 0.71
Jun 6 2013 06:52am
Code
If answer = vbYes Then
highVal = Asc("z")
lowVal = Asc("a")
lblGameType = 'Letters'
Else
highVal = 10
lowVal = 1
lblGameType = 'Numbers'
End If
rndNum = Int((highval - lowVal + 1) * Rnd + lowVal)

chr(rndNum)


my teacher gave me this, has no relation to what I named the actual stuff in the project, but im wondering what does this do or where do i put this or incorporate it into my current code?
Member
Posts: 50,343
Joined: Apr 3 2008
Gold: 0.00
Jun 6 2013 11:15am
from abduct:

that code snippet your teacher gave you does not help your problem in any way. it is simply generating random characters in either the a-z or 1-9 keyspace. it will still generate the same numbers over and over again.

you have two detailed posts that offer two solutions to this problem. the first although less efficient is easier to read than the latter. the two functions you need to look at are `getnextpassword` and `bruteforce` respectivly.

the essential parts of the function you need to make are

Code

break the current password to increment into an array
loop through the array until the end
if the current character in the current index of the arrays ordinal/ascii value is larger or equal to 126 '~'
  reset the current index to the bottom of your keyspace, the character reprisation of 33 '!'
else
  exit the loop if the current indexes ordinal/ascii value is equal to 126, meaning that this is the last character and should not try to incrment it
  store the current ordinal/ascii value to a temperary value
  increment the temperary value by 1 and assign it to the current index we are working with
  break from the loop so that we dont modify other values
return the array as a joined string


this is not the only way to stop your application from generating duplicate guesses but it is the simplest, and other ways require mathamatics to go through one line of linear guesses, then you have to adjust it to go through another linear line of guesses that doesnt duplicate already made guesses.

i suggest you take a break from this project to learn the language some more before attempting this. it seems you have a limited knowledge of your syntax and any psudo code/logic we post will be to much for you to translate into working code.



Create a new paste based on this one

Member
Posts: 2,757
Joined: Nov 26 2007
Gold: 1,214.81
Jun 6 2013 12:15pm
here's an example in java. I only used lowercase letters and numbers cus it would take like an hour to check every combination.

Code
String password = "fucker";

   String alpha = " qwertyuiopasdfghjklzxcvbnm1234567890";
   char[] seq = alpha.toCharArray( );

   StringBuilder builder = new StringBuilder( "      " );
   int length = builder.length( );

   int[] pos = new int[builder.length( )];
   int total = (int) Math.pow( alpha.length( ), length );
   long startTm = System.currentTimeMillis( );
   breakpoint: for ( int i = 0; i < total; i++ ) {
     for ( int x = 0; x < length; x++ ) {
       if ( pos[x] == seq.length ) {
         pos[x] = 0;
         if ( x + 1 < length ) {
           pos[x + 1]++;
         }
       }
       builder.setCharAt( x, seq[pos[x]] );
     }
     pos[0]++;
//      System.out.println( builder.toString( ) );

     if ( builder.toString( ).equals( password ) ) {
       long stopTm = System.currentTimeMillis( );
       System.out.println( "Password Found in " + ((stopTm - startTm)/1000) + " seconds" );
       break breakpoint;
     }
   }
Go Back To Programming & Development Topic List
12Next
Add Reply New Topic New Poll