Programming and Scripting :: C question



I'm not sure, but I did go through about 15mb of wordlists without a single false positive.
OK.

One workaround for my blowfish example, assuming the unencrypted source/key was ASCII text, is to use the file command and only let through decrypted results that are plain ascii.  [Editing that into the post anyway.]

Re SIGINT - it should print the successful password before exiting.  Or, did you mean you want to know how far we got through the perms before quitting without success? (ie what subset is not the passphrase?).

For these tests I'm encrypting a text file with:

openssl bf -in plaintext.txt -out encryptedfile

Here's my current one, I know nothing of perl, but still edited it :^)
Quote
#!/usr/bin/perl
# curagacrack.pl

my $n = 30; # max len of passphrase

my @set = ( "ä", "ö", "y", "a" .. "p", "r" .. "v" ); # ranges and lists to permute
my $result;

sub create_perm($$){

  my($cur,$max)=@_;

  if($cur>=$max){
      print "$result\n";
     setpgrp (0,0);
     system("echo $result | 2>/dev/null openssl rsa -noout -text -passin stdin -in mykey && echo -n 'Found passphrase: ' && echo $result && kill 0");
      return;
  }

  for(@set){
      substr($result,$cur,1)=$_;
      create_perm($cur+1,$max);
  }
}

for ($j=8;$j<=$n;$j++){
create_perm(0,$j);
}
If I got this right, the substr function replaces the position where we are going with the next one in the set. I limited the set, but before going to wait a lifetime, I'd like to implement the filtering.

Oh, with the SIGnalling I meant that since it goes faster if it doesn't print every tried option, if I wanted to know where it's going before it has finished, I'd send it a SIGUSR1 and it would print the current $result and continue guessing.

Is perl really this light? Top shows only 1% cpu usage with this, and my system feels faster than using compiled C variants.

Well, back to the filtering.
  for(@set){
      substr($result,$cur,1)=$_;
      create_perm($cur+1,$max);
  }

I assume this part should be changed to something like this:
  for(@set){
      substr($result,$cur,1)=$_;
if $result=*aaa* then continue
..
      create_perm($cur+1,$max);
  }

About strcmp:
The reason for this is that some compilers give -1 for a < string comparison, and a 1 for a > string comparison, and so a 0 is an exact match.
IMO it's better to explicitly specify the comparison to 0 though to show it (as returning 0 can mean success as well like exit status)

Interesting use of different languages...

I'm eating again ;(0), then a movie, I'll post later.

What it looks like is you want a regex that detects 3 or more repeated adjacent chars as a substring?  Or do you only want to filter out passphrases that are just one repeated char for the whole string?

Hacking away by yourself is a good way to get curious about Perl.  It's very fault tolerant compared with many languages - it's possible to just guess syntax and get it right sometimes.

Next Page...
original here.