Hesse99

SSS

Mar 9th, 2021
418
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #include <iostream>
  2.  
  3. #include <list>
  4.  
  5. #include <cstring>
  6.  
  7. #include <crypt.h>
  8.  
  9.  
  10.  
  11. using namespace std;
  12.  
  13.  
  14.  
  15.  
  16.  
  17. string target_salt = "$6$SQaRdxYU$";
  18.  
  19. string target_pw_hash = "$6$SQaRdxYU$5aZhtfRTreI3MsHoOek5ZZYZfY6/wiw4IPf3iw2yTXVQJEmwPMnadlQPh09RCkH/cMSnAbGhdH3.GvqjG.6w0.";
  20.  
  21.  
  22.  
  23. // define a null string which is returned in case of failure to find the password
  24.  
  25. char null[] = { '\0' };
  26.  
  27.  
  28.  
  29. // define the maximum length for the password to be searched
  30.  
  31. #define MAX_LEN 16
  32.  
  33.  
  34.  
  35. list<char*> pwlist;
  36.  
  37.  
  38.  
  39. // check if the pw and salt are matching the hash
  40.  
  41. int check_password(char* pw, char* salt, char* hash)
  42.  
  43. {
  44.  
  45.     char* res = crypt(pw, salt);
  46.  
  47.     for (int i = 0; i<strlen(hash); i++)
  48.  
  49.         if (res[i]!=hash[i])
  50.  
  51.             return 0;
  52.  
  53.     cout << "match !!!" << "\n";
  54.  
  55.     return 1;
  56.  
  57. }
  58.  
  59.  
  60.  
  61. // builds passwords from the given character set
  62.  
  63. // and verifies if they match the target
  64.  
  65. char* exhaustive_search(char* charset, char* salt, char* target)
  66.  
  67. {
  68.  
  69.     char* current_password;
  70.  
  71.     char* new_password;
  72.  
  73.     int i, current_len;
  74.  
  75.  
  76.  
  77.     // begin by adding each character as a potential 1 character password
  78.  
  79.     //for (i = 0; i < strlen(charset); i++)
  80.  
  81.     //{
  82.  
  83.     new_password = new char[9];
  84.  
  85.     strcpy(new_password, "Luni16:00");
  86.  
  87.     new_password[9] = '\0';
  88.  
  89.     pwlist.push_back(new_password);
  90.  
  91.     //}
  92.  
  93.  
  94.  
  95.     while (true) {
  96.  
  97.  
  98.  
  99.         // test if queue is not empty and return null if so
  100.  
  101.         if (pwlist.empty())
  102.  
  103.             return null;
  104.  
  105.  
  106.  
  107.         // get the current current_password from queue
  108.  
  109.         current_password = pwlist.front();
  110.  
  111.         current_len = strlen(current_password);
  112.  
  113.  
  114.  
  115.         //  check  if  current  password  is  the  target  password,  if  yes  return  the current_password
  116.  
  117.             if (check_password(current_password, salt, target))
  118.  
  119.                 return current_password;
  120.  
  121.         //  else  generates  new  passwords  from  the  current  one  by  appending each character from the charlist
  122.  
  123.         // only if the current length is less than the maxlength
  124.  
  125.         if (current_len < MAX_LEN)
  126.  
  127.         {
  128.  
  129.             for (i = 0; i < strlen(charset); i++)
  130.  
  131.             {
  132.  
  133.                 if (strchr(current_password, 'a') && charset[i] == 'a')
  134.  
  135.                 {
  136.  
  137.                     i++;
  138.  
  139.                     new_password = new char[current_len + 2];
  140.  
  141.                     memcpy(new_password, current_password, current_len);
  142.  
  143.                     new_password[current_len] = charset[i];
  144.  
  145.                     new_password[current_len + 1] = '\0';
  146.  
  147.                     pwlist.push_back(new_password);
  148.  
  149.                 }
  150.  
  151.                 else if (strchr(current_password, 'r') && charset[i] == 'r')
  152.  
  153.                 {
  154.  
  155.                     i++;
  156.  
  157.                     new_password = new char[current_len + 2];
  158.  
  159.                     memcpy(new_password, current_password, current_len);
  160.  
  161.                     new_password[current_len] = charset[i];
  162.  
  163.                     new_password[current_len + 1] = '\0';
  164.  
  165.                     pwlist.push_back(new_password);
  166.  
  167.                 }
  168.  
  169.                 else if (strchr(current_password, 's') && charset[i] == 's')
  170.  
  171.                 {
  172.  
  173.                     i++;
  174.  
  175.                     new_password = new char[current_len + 2];
  176.  
  177.                     memcpy(new_password, current_password, current_len);
  178.  
  179.                     new_password[current_len] = charset[i];
  180.  
  181.                     new_password[current_len + 1] = '\0';
  182.  
  183.                     pwlist.push_back(new_password);
  184.  
  185.                 }
  186.  
  187.                 else
  188.  
  189.                 {
  190.  
  191.                     new_password = new char[current_len + 2];
  192.  
  193.                     memcpy(new_password, current_password, current_len);
  194.  
  195.                     new_password[current_len] = charset[i];
  196.  
  197.                     new_password[current_len + 1] = '\0';
  198.  
  199.                     pwlist.push_back(new_password);
  200.  
  201.                 }
  202.  
  203.             }
  204.  
  205.         }
  206.  
  207.         // now remove the front element as it didn't match the password
  208.  
  209.         pwlist.pop_front();
  210.  
  211.     }
  212.  
  213. }
  214.  
  215.  
  216.  
  217. main()
  218.  
  219. {
  220.  
  221.     char* salt;
  222.  
  223.     char* target;
  224.  
  225.     char* password;
  226.  
  227.  
  228.  
  229.     // define the character set from which the password will be built
  230.  
  231.     char charset[] = { 'a', 'e', 'r', 's', 't', '\0' };
  232.  
  233.     //convert the salt from string to char*
  234.  
  235.     salt = new char[target_salt.length() + 1];
  236.  
  237.     copy(target_salt.begin(), target_salt.end(), salt);
  238.  
  239.     //convert the hash from string to char*
  240.  
  241.     target = new char[target_pw_hash.length() + 1];
  242.  
  243.     copy(target_pw_hash.begin(), target_pw_hash.end(), target);
  244.  
  245.     //start the search
  246.  
  247.     password = exhaustive_search(charset, salt, target);
  248.  
  249.     if (strlen(password) != 0)
  250.  
  251.         cout << "Password  successfuly  recovered:  " << password << "  \n";
  252.  
  253.     else
  254.  
  255.         cout << "Failure to find password, try distinct character set of size \n";
  256.  
  257. }
RAW Paste Data

Adblocker detected! Please consider disabling it...

We've detected AdBlock Plus or some other adblocking software preventing Pastebin.com from fully loading.

We don't have any obnoxious sound, or popup ads, we actively block these annoying types of ads!

Please add Pastebin.com to your ad blocker whitelist or disable your adblocking software.

×