May 27th, 2004, 07:06 AM
Brute force programming
I was wondering if anybody knows where to find information on programming a bruteforcer, i just wanted to experiment and try to program my own for cracking passwords on my xp box. I know about Cain and Able and Advanced password recovery and all that other stuff. The goal is not to crack the passwords, just to gain understandings of how these tools work.
May 27th, 2004, 07:12 AM
the best way to learn about them is to learn how to program ... from there you can pull programs apart and learn about how they work and learn to alter them .. it all stems from your knowledge of programming
May 27th, 2004, 07:22 AM
I'm already learning how to program, it would be stupid of me to ask this question about programming if i didnt atleast have the knowledge of how to use what people would tell me. This topic is just interesting to me
May 27th, 2004, 08:11 AM
try finding something like bruteforcer.c .. maybe do a search on google .. form there you could have a look at the source code and see how it is written etc.
May 27th, 2004, 08:18 AM
A bruteforcer works onthe Principle of Trying out all Possible Combinations of letters, numbers and Special Characters to determine the target Password... Hey but Trying out all possible combinations makes brute Forse a very time consuming........
You got to have Knowledge of cryptography as well because well most of the Passwords will be Crypted.....You will have to try out Hundreds of of passwords per minute So speed will be a key here......
Hey i would like to suggest you first Try out Bulding a Dictionary Password Craker... The alternative to brute force is a dictionary attack. At its simplest this means treating each word in a dictionary as a password and encrypting it and then comparing the resulting hashes to the hashes in the password file being cracked......It Should Contain two Components one is the program and other worl List File...The Program Should take One Word at a time encrypt the word with the same Algorith which was used to encrypt the original Password File. Then compare the two Passwods and give you the result......In Unix it would be a bit harder you would have to know the Salt too....So try off with something easy Like windows 98
Do you have a Windows 98 box Try Cracking The password File Of that box it will give you a idea about Encryption and decription....W indows 98 used a very weak encriptionn algrothim..It shouldnt be that hard
Which language you are thinking of deveoping it in ..........
May 27th, 2004, 09:15 AM
Really good post Swordfish_13,covered everything I had in mind..and mad_fox9007,it'd also depend on which language you were coding in..try starting of with C or C++
May 27th, 2004, 10:23 AM
I agree that a dictionary cracker would probably be the easiest to build, but if you do want to build a brute force password cracker you probably should have at least a basic knowledge of typecasting. If you don't know what this is already, typecasting is the ability to convert one datatype into another.
If you consider that a character is just really a number that is shown as an image on the screen by the computer, you can print every possible character (not all printable) in "C++" (as in only C++ because I want to use cout :P) with the following code:
If you look at the code above, the "char" in brackets tells the compiler to change the following variable (x) to a character.
using namespace std; // I think this is right...I'm still used to the .h header files
for(int x=0; x<255; x++)
cout << (char)x << endl;
If you want to limit it to certain characters (i.e. printable characters), you just need to look up an ascii list on the internet to find out what numbers to go to/from.
Hope that helped,
May 27th, 2004, 10:44 AM
Re: Brute force programming
Originally posted here by mad_fox9007
i just wanted to experiment and try to program my own for cracking passwords on my xp box. I know about Cain and Able and Advanced password recovery and all that other stuff. The goal is not to crack the passwords, just to gain understandings of how these tools work.
Just my input, you state that you are interested in cracking passwords, then not interested in cracking passwords.
Well worded though, I think fyrewall made an excellent statement in this case, (Learn To Program). If you are in for the quick fix. Set up 2 Boxes and use a Skiddie Prog., you can still gain info on how they work that way.......I guess.
Try a lamer proggie like Brutus. Hoobiethenoobie.net
Get some good religion from Bad Religion.
May 27th, 2004, 05:57 PM
thanks for the imput gothic_type, i understand what ur saying, and i've seen things on creating dictionary files also, but i'm not sure how to creat a program that would let me use that on windows passwords. A little help? does anyone have any information or know a website that would help me research these topics further?
May 27th, 2004, 06:03 PM
[stupid_question]Speaking of which, where are these password files kept (Win2k)?[/stupid_question] I'm trying to learn enough about cracking to do some useful security auditing (see my other thread) and am trying to learn Cain, Rainbow Hack, etc. in the process. Problem right now is, I have no clue what I'm doing. My thinking is, however, if I can crack our passwords around here during my assessment, then that means we need more complex passwords.