#include <iostream> #include <list> #include <cstring> #include <crypt.h>

1. #include <iostream>
2. #include <list>
3. #include <cstring>
4. #include <crypt.h>
5.  
6. using namespace std;
7.  
8.  
9. string target_salt = "$6$SQaRdxYU$";
10. string target_pw_hash   = "$6$SQaRdxYU$5aZhtfRTrel3MsHoOek5ZZYZfY6/wiw4lPf3iw2yTXVQJEmwPMnadlQPh09RCkH/cMSnAbGhdH3.GvqjG.6w0.";
11.  
12. #define MAX_LEN 30
13.  
14. list<char*> pwlist;
15.  
16. int check_password(char* pw, char* salt, char* hash)
17. {
18. char* res = crypt(pw, salt);
19. cout << "password " << pw << "\n";
20.  //cout << "hashes to " << res << "\n";
21.  for (int i = 0; i<strlen(hash); i++)  
22.     if (res[i]!=hash[i])
23.     return 0;
24.  cout << "match !!!" << "\n";
25.  return 1;
26. }
27.  
28. char* exhaustive_search(char* charset, char* salt, char* target)
29. {
30. char* current_password;
31. char* new_password;
32. char* cst_pass;
33. int i, current_len;
34. int cnta=0,cnts=0,cntr=0,k;
35.  
36. cst_pass=new char[9];
37. strcpy(cst_pass,"Luni16:00");
38. cst_pass[9]='\0';
39. current_len=strlen(cst_pass);
40. for(i = 0; i<strlen(charset); i++)
41.     {
42.     new_password = new char[current_len+2];  
43.     strcpy(new_password,cst_pass);
44.     new_password[current_len] = charset[i];
45.     new_password[current_len+1] = '\0';
46.     pwlist.push_back(new_password);  
47.     }
48.  
49. while(true){    
50.  
51. if (pwlist.empty())
52.     return NULL;
53. current_password = pwlist.front();
54. current_len = strlen(current_password);
55.  
56.  
57.  k=1;
58.  cnta=0;
59.  cnts=0;
60.  cntr=0;
61.  for(int j=0;j<current_len;j++)
62.  {
63.     if(current_password[j]=='a')
64.         cnta++;
65.     if(current_password[j]=='s')
66.         cnts++;
67.     if(current_password[j]=='r')
68.         cntr++;
69.     if(cnta>1 or cntr>1 or cnts >1)
70.     {
71.         k=0;
72.         break;
73.     }
74. }
75. if(k==1)
76.     if (check_password(current_password,    salt,   target))    
77.         return current_password;
78.  
79. if(current_len < MAX_LEN)
80. {
81.     for (i = 0; i < strlen(charset); i++)
82.     {
83.     new_password = new char[current_len + 2];
84.     memcpy(new_password, current_password, current_len);
85.     new_password[current_len] = charset[i];
86.     new_password[current_len+1] = '\0';  
87.     current_len=strlen(new_password);
88.     pwlist.push_back(new_password);
89.     }
90. }
91. pwlist.pop_front();
92. }
93. }
94.  
95. int main()
96. {
97.  char* salt;  char* target;  char* password;  
98.  char charset[] = {'a', 'e', 'r', 't', 's', '\0'};
99.  salt = new char[target_salt.length()+1];
100.  copy(target_salt.begin(), target_salt.end(), salt);
101.  target = new char[target_pw_hash.length()+1];
102.  copy(target_pw_hash.begin(), target_pw_hash.end(), target);
103.  
104.  password = exhaustive_search(charset, salt, target);
105.  if (strlen(password)!= 0) cout << "Password successfuly recovered: " << password << "  \n";
106.  else cout << "Failure to find password, try distinct character set of size \n";
107. }