new pw generator, ideal for scripting
Page 1 of 2 12 LastLast
Results 1 to 10 of 17

Thread: new pw generator, ideal for scripting

  1. #1

    Lightbulb new pw generator, ideal for scripting

    as the title says,
    i've rewritten my previous program to make it more compatible with other OS's and to make it usefull for scripting.
    i've tested it on slackware 10, RH9 and windows.

    pwgenCL
    here's the source (i don't post the executables anymore, if you want one, PM me):
    Code:
    #include <stdio.h>
    #include <stdlib.h>
    #include <time.h>
    
    void very_easy_password(int);
    void very_easy2_password(int);
    void easy_password(int);
    void medium_password(int);
    void hard_password(int);
    void hard2_password(int);
    void very_hard_password(int);
    void extreme_password(int);
    
    int main(int argc, char** argv)
    {
        int characterset=0;
        int password_length=0;
        if((argc<3)|(argc>3))
        {
    	printf("\npwgenCL,commandline password generator, Copyright (C) 2004 Scorpius");
        	printf("\n\npwgenCL is free software; you can redistribute it and/or modify");
        	printf("\nit under the terms of the GNU General Public License as published by");
        	printf("\nthe Free Software Foundation; either version 2 of the License.");
        	printf("\n\npwgenCL is distributed in the hope that it will be useful,");
        	printf("\nbut WITHOUT ANY WARRANTY; without even the implied warranty of");
        	printf("\nMERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the");
        	printf("\nGNU General Public License for more details.");
        	printf("\n\nYou should have received a copy of the GNU General Public License");
        	printf("\nalong with this program; if not, write to the Free Software");
        	printf("\nFoundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA\n\n");
    	printf("\nCharacter sets:");
    	printf("\n1: (a-z)\t\t\t\t\tvery easy password");
            printf("\n2: (A-Z)\t\t\t\t\tvery easy password");
            printf("\n3: (a-z,A-Z)\t\t\t\t\teasy password");
            printf("\n4: (a-z,0-9)\t\t\t\t\tmedium password");
            printf("\n5: (A-Z,a-z,0-9)\t\t\t\thard password");
            printf("\n6: (a-z,0-9, \\ ] [ ^ _ )\t\t\thard password");
            printf("\n7: ( ! \" # $ % ' ( * ) + , - . /  ,a-z,0-9)\tvery hard password");
            printf("\n8: full keyboard characters (except space), almost impossible to crack\n\n");
    	printf("The maximum password length is 256 characters\n");
    	printf("Usage: %s <characterset> <password length>\n",argv[0]);
            return 0;
        }
        if(argc==3)
        {
        	characterset=atoi(argv[1]);
        	password_length=atoi(argv[2]);
    	if (password_length<1)
            {
    		printf("Password length: %d is too small.\n",password_length);
    		return -1;
    	}
    	if (password_length>256)
    	{
    		printf("Password length: %d is too large.\n",password_length);
    		return -1;
    	}
        	switch(characterset)
        	{
                    case 1:
                            very_easy_password(password_length);
                            break;
                    case 2:
                            very_easy2_password(password_length);
                            break;
                    case 3:
                            easy_password(password_length);
                            break;
                    case 4:
                            medium_password(password_length);
                            break;
                    case 5: 
                            hard_password(password_length);
                            break;
                    case 6:
                            hard2_password(password_length);
                            break;
                    case 7:
                            very_hard_password(password_length);
                            break;
                    case 8:
                            extreme_password(password_length);
                            break;
                   default:
    			printf("Invalid character set\n");
    			return -1;
                            break;
        	}
        	    	return 0;
        }   
        else return -1;  
    }
    
    /*(a-z) very easy password*/
    
    void very_easy_password(length)
    {
        srand(time(NULL));
        while (length>0)
        {
            int cha;
            cha=rand()%128;
            if((cha>=97 && cha<=122))
            {
               printf("%c",cha);
               length--;
            }
        }
    }
    
    /* (A-Z) also very easy password */
    void very_easy2_password(length)
    {
        srand(time(NULL));
        while (length>0)
        {
            int cha;
            cha=rand()%128;
            if((cha>=65 && cha<=90))
            {
               printf("%c",cha);
               length--;
            }
        }
    }
    
    /*(A-Z,a-z), easy password*/
    
    void easy_password(length)
    {
        srand(time(NULL));
        while (length>0)
        {
            int cha;
            cha=rand()%128;
            if((cha>=65 && cha<=90) || (cha>=97 && cha<=122))
            {
               printf("%c",cha);
               length--;
            }
        }
    }
    
    /*(a-z,0-9) medium password*/
    
    void medium_password(length)
    {
        srand(time(NULL));
        while (length>0)
        {
            int cha;
            cha=rand()%128;
            if((cha>=48 && cha<=57) ||(cha>=97 && cha<=122))
            {
               printf("%c",cha);
               length--;
            }
        }
    }
    
    
    /*(A-Z,a-z,0-9) hard password*/
    
    void hard_password(length)
    {
        srand(time(NULL));
        while (length>0)
        {
            int cha;
            cha=rand()%128;
            if((cha>=48 && cha<=57) || (cha>=65 && cha<=90) || (cha>=97 && cha<=122))
            {
               printf("%c",cha);
               length--;
            }
        }
    }
    
    /*(a-z,0-9, \ ] [ ^ _ ) hard password*/
    
    void hard2_password(length)
    {
        srand(time(NULL));
        while (length>0)
        {
            int cha;
            cha=rand()%128;
            if((cha>=48 && cha<=57) || (cha>=91 && cha<=95) || (cha>=97 && cha<=122))
            {
               printf("%c",cha);
               length--;
            }
        }
    }
    
    /*( ! " # $ % ' ( * ) + , - . /  ,a-z,0-9) very hard password*/
    
    void very_hard_password(length)
    {
        srand(time(NULL));
        while (length>0)
        {
            int cha;
            cha=rand()%128;
            if((cha>=33 && cha<=57)|| (cha>=97 && cha<=122))
            {
               printf("%c",cha);
               length--;
            }
        }
    }
    
    /*full keyboard characters (except space), almost impossible to crack */
    
    void extreme_password(length)
    {
        srand(time(NULL));
        while (length>0)
        {
            int cha;
            cha=rand()%128;
            if((cha>=33 && cha<=126))
            {
               printf("%c",cha);
               length--;
            }
        }
    }
    let me know what you think of it..

    grtz


    Scorpius

  2. #2
    0_o Mastermind keezel's Avatar
    Join Date
    Jun 2003
    Location
    Atlanta
    Posts
    1,024
    If I'm reading this right, then this is now a pw cracker, but something to create a password for someone to use? I'm not a programmer of any sort, but how would this be better than coming up with one that is easier to remember? Like the Rm#362¿ type of pw. (Yes, I just made that up in like 2 seconds and no I've never used that one).

  3. #3
    Senior Member
    Join Date
    Apr 2004
    Posts
    1,130
    I like it (better than i can do in C, lol)

    Suggest:

    To use it as a subroutine too, add a "salt" as a parameter (integer, 32 bits). it will be provided by caller. And use it on randomization.

    So your routine can be called at command-line or as subroutine of other process.
    Meu sítio

    FORMAT C: Yes ...Yes??? ...Nooooo!!! ^C ^C ^C ^C ^C
    If I die before I sleep, I pray the Lord my soul to encrypt.
    If I die before I wake, I pray the Lord my soul to brake.

  4. #4
    Suggest:

    To use it as a subroutine too, add a "salt" as a parameter (integer, 32 bits). it will be provided by caller. And use it on randomization.

    So your routine can be called at command-line or as subroutine of other process.
    i don't really understand what you mean i'm afraid, you mean a hash as parameter for the random number? does this mean that when twice the same hash is inserted, the same password would come out?

    If I'm reading this right, then this is now a pw cracker, but something to create a password for someone to use? I'm not a programmer of any sort, but how would this be better than coming up with one that is easier to remember? Like the Rm#362¿ type of pw. (Yes, I just made that up in like 2 seconds and no I've never used that one).
    it is not a password cracker, it's just a generator, and some people might use the password as a password, others might plan to use such a thing in a script to generate passwords for new useraccounts or something like that, it's just what you make of it yourself...

    as for the easier to remember passwords, they are also easier to crack if an attacker would have the password hash, e.g.:
    p4ssw0rd might seem like a strong password, but it will take a 3ghz system about 2 hours to crack it max,
    B+-&4J3& also 8 characters, but uncrackable with the default settings of most password crackers, and it has 93^8 possibilities, that is a lot more then the 36^8 of the p4ssw0rd password.

    that's why

  5. #5
    0_o Mastermind keezel's Avatar
    Join Date
    Jun 2003
    Location
    Atlanta
    Posts
    1,024
    Ah. But what about Rm#362¿! ?

  6. #6
    what about it, do you call that an easy to remember password?
    if so, why wouldn't the ones generated by this program be easy to remember?
    what's the difference?

  7. #7
    Senior Member
    Join Date
    Oct 2001
    Posts
    786
    Hey, you posted the one with the prebuilt binary a while back, right?

    Well, for some reason Option 7 only made alpha-numeric passwords with mixed case. But no symbols. Maybe look into the code that makes sure the random character fits the "rule".
    I haven't compiled this to see if it is fixed in this version...

    Other than that, just handy for some fun with websites that ask for a security question. "Name of school" - "Your password is: s%>rbq"dNr,\xKJ2zeF2'IO-1{H;7zfwxGa}4N#gBfK]Y}9<~HvY/i^(=t]':;@?rx
    {_Z$p5;;p`VT*h\'=LT?W=pX\5[mX!^KB$N8NZ~-~^u$Y|A-v^S.W?r{Eibv,e#ajW
    tvQGBlvGj+/|V5<l~i\nMnA/ZErjLG+)dq<0G\~&q|*of<?($6^>FTgi_yg[qN
    C~,sen%8JcnyLtf42nD@Su+'HmcY8G97n$!>Z601R6"E.=+{mdK83"?1nPL=Kc"

  8. #8
    yes, i'm the same guy :P
    and yes the problem with characterset 7 is solved, i've forgot to adjust the function to that specific characterset, now it is working fine

  9. #9
    Senior Member
    Join Date
    Apr 2004
    Posts
    1,130
    I was ask for a salt just to avoid same password output.
    I really like this and i will use it on a website to generate passwords for forum users.
    Since you are using time for randomize, i was afraid that 2 threads will get same pwd if they run your routine at same time.
    So adding a user-supplied number PLUS time, it will make more "pseudo-random" generated pwd. In my case, i will use process number.

    Anyway, great job. You spare me a lot of work. Sure you will be there with apropriate copyright!
    Meu sítio

    FORMAT C: Yes ...Yes??? ...Nooooo!!! ^C ^C ^C ^C ^C
    If I die before I sleep, I pray the Lord my soul to encrypt.
    If I die before I wake, I pray the Lord my soul to brake.

  10. #10
    ok, it took me a couple of hours, but i've rewritten it again, now with a user-supplied number and made the code more readable/shorter.
    pwgenCL_2
    Code:
    /*
    pwgenCL version 2 (pwgenCL_2)Copyright (C) 2004 Scorpius, password generator, 
    written as a command line scripting utility.
    this program is freesource, which means you may use and/or modify it under the GPL license.
    if you'd like to contact me with comments/bugs/suggestions or just to say hello,
    my email address is: scorpius_unknown@yahoo.com.
      
    i hope you enjoy using my program and that you find it usefull :)         
      
    to compile it under windows, get a copy of Dev-C++ (it's free), or another C/C++ compiler.
    to compile it under linux, just type "gcc -o pwgenCL_2 pwgenCL_2.c" (without the " quotes)
    */
    
    #include <stdio.h>
    #include <stdlib.h>
    #include <time.h>
    #include <strings.h>
    
    char *generated_password(char*, int,int);
    
    int main(int argc, char** argv)
    {   /*the character sets*/
        char *very_easy_set = "abcdefghijklmnopqrstuvwxyz";
        char *very_easy2_set = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
        char *easy_set = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
        char *medium_set = "abcdefghijklmnopqrstuvwxyz0123456789";
        char *hard_set = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
        char *hard2_set = "\\][^_abcdefghijklmnopqrstuvwxyz0123456789";
        char *very_hard_set = "!\"#$%'(*)+,-./abcdefghijklmnopqrstuvwxyz0123456789";
        char *extreme_set = "!\"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~";
        
        int characterset=0;
        int password_length=0;
        int user_supplied=0;
        if(argc!=4)
        {
    	    printf("\npwgenCL_2,commandline password generator, Copyright (C) 2004 Scorpius");
        	printf("\n\npwgenCL_2 is free software; you can redistribute it and/or modify");
        	printf("\nit under the terms of the GNU General Public License as published by");
        	printf("\nthe Free Software Foundation; either version 2 of the License.");
        	printf("\n\npwgenCL_2 is distributed in the hope that it will be useful,");
        	printf("\nbut WITHOUT ANY WARRANTY; without even the implied warranty of");
        	printf("\nMERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the");
        	printf("\nGNU General Public License for more details.");
        	printf("\n\nYou should have received a copy of the GNU General Public License");
        	printf("\nalong with this program; if not, write to the Free Software");
        	printf("\nFoundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA\n");
        	printf("\n\t   ***Contact Scorpius: scorpius_unknown@yahoo.com***");
        	printf("\n\nCharacter sets:");
        	printf("\n1: (a-z)\t\t\t\t\tvery easy password");
            printf("\n2: (A-Z)\t\t\t\t\tvery easy password");
            printf("\n3: (a-z,A-Z)\t\t\t\t\teasy password");
            printf("\n4: (a-z,0-9)\t\t\t\t\tmedium password");
            printf("\n5: (A-Z,a-z,0-9)\t\t\t\thard password");
            printf("\n6: (a-z,0-9, \\ ] [ ^ _ )\t\t\thard password");
            printf("\n7: ( ! \" # $ % ' ( * ) + , - . /  ,a-z,0-9)\tvery hard password");
            printf("\n8: full keyboard characters (except space), almost impossible to crack\n\n");
            printf("The maximum password length is 256 characters\n");
            printf("Usage: %s <characterset> <password length> <user supplied number>\n",argv[0]);
            printf("\n*The <user supplied number> is inserted to create extra randomness*\n");
            printf("\nExample: %s 8 15 5454303\n",argv[0]);
            return 0;
        }
        if(argc==4)/*if all parameters, (characterset,passwordlength,randomization number) run the program*/
        {
        	characterset=atoi(argv[1]);/*create integer from the argument*/
        	password_length=atoi(argv[2]);/*create integer from the argument*/
        	user_supplied=atoi(argv[3]);/*create integer from the argument*/
        	if (password_length<1)
            {
    		printf("Password length: %d is too small.\n",password_length);
    		return -1;
    		}
    		if (password_length>256)
    		{
    		printf("Password length: %d is too large.\n",password_length);
    		return -1;
    		}
        	switch(characterset)
        	{
                    case 1:
                            generated_password(very_easy_set,password_length,user_supplied);
                            break;
                    case 2:
                            generated_password(very_easy2_set,password_length,user_supplied);
                            break;
                    case 3:
                            generated_password(easy_set,password_length,user_supplied);
                            break;
                    case 4:
                            generated_password(medium_set,password_length,user_supplied);
                            break;
                    case 5: 
                            generated_password(hard_set,password_length,user_supplied);
                            break;
                    case 6:
                            generated_password(hard2_set,password_length,user_supplied);
                            break;
                    case 7:
                            generated_password(very_hard_set,password_length,user_supplied);
                            break;
                    case 8:
                            generated_password(extreme_set,password_length,user_supplied);
                            break;
                   default:
                            printf("Invalid character set\n");
    			            return -1;
                            break;
        	}
    	    return 0;
        }   
        else return -1;  
    }
    
    /*the password generator function*/
    
    char *generated_password(char* char_set, int length,int user_number)
    {
            
            srand(user_number*time(NULL));
            int loop;
            int set_length=strlen(char_set);
        
            for(loop=0;loop<length;loop++)
            {
                 putchar(char_set[rand()%set_length]);
            }
            printf("\n");
    }
    >> cascosapo, i think this is what you meant, hope you like it

    (phew, rewritten the program about 5 times the last two days, now it is time for a break )

    grtz

    Scorpius

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides