Search Members Help

» Welcome Guest
[ Log In :: Register ]

Mini-ITX Boards Sale, Fanless BareBones Mini-ITX, Bootable 1G DSL USBs, 533MHz Fanless PC <-- SALE $200 each!
Get The Official Damn Small Linux Book. DSL Market , Great VPS hosting provided by Tektonic
Pages: (13) </ 1 2 3 4 5 [6] 7 8 9 10 11 ... >/

[ Track this topic :: Email this topic :: Print this topic ]

reply to topic new topic new poll
Topic: C question, loops< Next Oldest | Next Newest >
curaga Offline





Group: Members
Posts: 2163
Joined: Feb. 2007
Posted: Jan. 13 2008,17:28 QUOTE

I'm not sure, but I did go through about 15mb of wordlists without a single false positive.

--------------
There's no such thing as life. Those mean little jocks invented it ;)
-
Windows is not a virus. A virus does something!
Back to top
Profile PM 
WDef Offline





Group: Members
Posts: 798
Joined: Sep. 2005
Posted: Jan. 13 2008,17:36 QUOTE

OK.

One workaround for my blowfish example, assuming the unencrypted source/key was ASCII text, is to use the file command and only let through decrypted results that are plain ascii.  [Editing that into the post anyway.]

Re SIGINT - it should print the successful password before exiting.  Or, did you mean you want to know how far we got through the perms before quitting without success? (ie what subset is not the passphrase?).

For these tests I'm encrypting a text file with:

openssl bf -in plaintext.txt -out encryptedfile
Back to top
Profile PM 
curaga Offline





Group: Members
Posts: 2163
Joined: Feb. 2007
Posted: Jan. 13 2008,17:52 QUOTE

Here's my current one, I know nothing of perl, but still edited it :^)
Quote
#!/usr/bin/perl
# curagacrack.pl

my $n = 30; # max len of passphrase

my @set = ( "ä", "ö", "y", "a" .. "p", "r" .. "v" ); # ranges and lists to permute
my $result;

sub create_perm($$){

  my($cur,$max)=@_;

  if($cur>=$max){
      print "$result\n";
     setpgrp (0,0);
     system("echo $result | 2>/dev/null openssl rsa -noout -text -passin stdin -in mykey && echo -n 'Found passphrase: ' && echo $result && kill 0");
      return;
  }

  for(@set){
      substr($result,$cur,1)=$_;
      create_perm($cur+1,$max);
  }
}

for ($j=8;$j<=$n;$j++){
create_perm(0,$j);
}
If I got this right, the substr function replaces the position where we are going with the next one in the set. I limited the set, but before going to wait a lifetime, I'd like to implement the filtering.

Oh, with the SIGnalling I meant that since it goes faster if it doesn't print every tried option, if I wanted to know where it's going before it has finished, I'd send it a SIGUSR1 and it would print the current $result and continue guessing.

Is perl really this light? Top shows only 1% cpu usage with this, and my system feels faster than using compiled C variants.

Well, back to the filtering.
  for(@set){
      substr($result,$cur,1)=$_;
      create_perm($cur+1,$max);
  }

I assume this part should be changed to something like this:
  for(@set){
      substr($result,$cur,1)=$_;
if $result=*aaa* then continue
..
      create_perm($cur+1,$max);
  }


--------------
There's no such thing as life. Those mean little jocks invented it ;)
-
Windows is not a virus. A virus does something!
Back to top
Profile PM 
^thehatsrule^ Offline





Group: Members
Posts: 3275
Joined: July 2006
Posted: Jan. 13 2008,18:00 QUOTE

About strcmp:
The reason for this is that some compilers give -1 for a < string comparison, and a 1 for a > string comparison, and so a 0 is an exact match.
IMO it's better to explicitly specify the comparison to 0 though to show it (as returning 0 can mean success as well like exit status)

Interesting use of different languages...
Back to top
Profile PM 
WDef Offline





Group: Members
Posts: 798
Joined: Sep. 2005
Posted: Jan. 13 2008,18:47 QUOTE

I'm eating again ;(0), then a movie, I'll post later.

What it looks like is you want a regex that detects 3 or more repeated adjacent chars as a substring?  Or do you only want to filter out passphrases that are just one repeated char for the whole string?

Hacking away by yourself is a good way to get curious about Perl.  It's very fault tolerant compared with many languages - it's possible to just guess syntax and get it right sometimes.
Back to top
Profile PM 
64 replies since Jan. 12 2008,13:35 < Next Oldest | Next Newest >

[ Track this topic :: Email this topic :: Print this topic ]

Pages: (13) </ 1 2 3 4 5 [6] 7 8 9 10 11 ... >/
reply to topic new topic new poll
Quick Reply: C question

Do you wish to enable your signature for this post?
Do you wish to enable emoticons for this post?
Track this topic
View All Emoticons
View iB Code