#include <string>#include <map>#include <fstream>#include <iostream>#inc

1. #include <string>
2. #include <map>
3. #include <fstream>
4. #include <iostream>
5. #include <sstream>
6. using namespace std;
7.  
8. //Text file called pwlist.txt
9. //Duncan,WANIS
10. //James,OOIWDFV
11.  
12. void main(){
13.     map<string,string> pws;
14.  
15.     ifstream pf("pwlist.txt");
16.     for(string pw, user, line; pf.good() && getline(pf,line);pws.insert(pair<string,string>(user,pw)))
17.     {
18.         stringstream strm(line);
19.         getline(strm,user,',');
20.         getline(strm,pw,',');
21.     };
22.     pf.close();
23.  
24.     string username, password;
25.     cout<<"Please enter username:\n";
26.     cin>>username;
27.     cout<<"Please enter password:\n";
28.     cin>>password;
29.  
30.     for( unsigned int i = 0; i < password.size(); ++i )
31.     {
32.         //A little bit encrpyted just to spice things up
33.         password[i] = 'A'+(password[i]^username[i%username.size()])%26;
34.     }
35.    
36.     if ( pws.find(username) != pws.end() && pws.find(username)->second == password )
37.     {
38.         cout<<"Correct Login Well Done!\n";
39.     }
40.     else
41.         cout<<"Incorrect please do not try again!\n";
42.  
43.     //Now to see if we can create a cracker.
44.     //The encrypted password is what needs to be modified we want another password that will colide
45.     //Assume we know the first pw char is W and real pw is R and the username is Duncan
46.     //R^D = 82^68 = 22
47.     //22%26 = 22
48.     //22+'A' = 'W'
49.     //So we need something else that creates W
50.     //So we need something so that x%26 = 22
51.     //x could be 22+26*anything lets try 48
52.     //So what ^ with 'D' = 48 well 116 does
53.     //116 = 't' therefore t would work instead of 'R'
54.     //And sure enough that came out correct so we have a collision.
55.    
56.     //We can work out all possible passwords from the password list as follows.
57.     //Remember max char is 128 128/26 = ~4.9
58.     //Assume passwords are in the range 32-126 ie special chars, chars, numerical
59.    
60.     username = "James";
61.     string encryptedpw = pws.find(username)->second;
62.  
63.     for( unsigned int i = 0; i < encryptedpw.size(); ++i )
64.     {
65.         int beforemod = encryptedpw[i]-'A';
66.         cout<<"Character "<<i<<" is one of: ";
67.         for( ; beforemod < 128; beforemod+=26 )
68.         {
69.             char possible = (char)beforemod^username[i%username.size()];
70.             if ( possible > 31 && possible < 127 ){
71.                 cout<<possible<<", ";
72.             }
73.         }
74.         cout<<endl;
75.     }
76.     //From this response it is clear that it would still take a small amount of work to
77.     //calculate the original. Although ultimatly it doesn't matter as we have now a list
78.     //of valid passwords.
79.  
80.     //Pause until we are done
81.     cin>>username;
82. }