PaulCara

Pw_crack_CS_pcarabas

Oct 27th, 2020 (edited)
997
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #include <iostream>
  2. #include <list>
  3. #include <cstring>
  4. #include <crypt.h>
  5. #define MAX_LEN 5
  6.  
  7. using namespace std;
  8.  
  9. char null[] = {'\0'};
  10. string SALT = "$6$XPmWkpus$";
  11. string ENCRYPTED_PASS = "$6$XPmWkpus$jZiSDOKdMMRZQhaCLULUO9baoau4D3Vot7tKNFqJQkStExZp9afA9rHnZ6iih8khjfkZLUbgKWIvIKQUKr7dL1";
  12.  
  13. list<char*> pwlist;
  14. list<char*> correct_pwlist;
  15.  
  16. char* available_chars = "abcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*()";
  17. char* prefix = ">>>:::sec20f:::<<<";
  18. char* suffix = "@x(h";
  19. int LEN_PREFIX = 18;
  20. int LEN_SUFFIX = 4;
  21.  
  22. // check if the pw and salt are matching the hash
  23. int check_password(char* pw, char* salt, char* hash)
  24. {
  25.     char* new_pw = new char[MAX_LEN + LEN_SUFFIX + LEN_PREFIX + 1];
  26.     memcpy(new_pw, prefix, LEN_PREFIX);
  27.     strcat(new_pw, pw);
  28.     strcat(new_pw, suffix);
  29.     printf("%s\n", new_pw);
  30.     char* res = crypt(new_pw, salt);
  31.     for (unsigned i = 0; i<strlen(hash); i++)
  32.         if (res[i]!=hash[i])
  33.             return 0;
  34.     cout << "match !!!" << "\n";
  35.     return 1;
  36. }
  37.  
  38. // builds passwords from the given character set
  39. // and verifies if they match the target
  40. char* exhaustive_search(char* salt, char* target)
  41. {
  42.     char* current_password;
  43.     char* new_password;
  44.     char* pw;
  45.     int current_len;
  46.    
  47.     // set first 3 chars of pw
  48.     pw = new char[6];
  49.     pwlist.push_back(pw);
  50.     correct_pwlist.push_back(pw);
  51.  
  52.     while(true){
  53.        
  54.         // test if queue is not empty and return null if so
  55.         if (correct_pwlist.empty())
  56.             return null;
  57.        
  58.         // get the current current_password from queue
  59.         current_password = correct_pwlist.front();
  60.         current_len = strlen(current_password);
  61.        
  62.         //  check  if  current  password  is  the  target  password,  if  yes  return  the current_password
  63.         if(current_len == MAX_LEN && check_password(current_password, salt, target))
  64.             return current_password;
  65.                 //  else  generates  new  passwords  from  the  current  one  by  appending each possible ASCII char
  66.         current_len = strlen(pwlist.front());
  67.         while(current_len < MAX_LEN){
  68.             current_password = pwlist.front();
  69.             current_len = strlen(current_password);
  70.            for (int ch = 0; ch < strlen(available_chars); ch++){
  71.                 new_password = new char[current_len + 2];
  72.                 memcpy(new_password, current_password, current_len);
  73.                 new_password[current_len] = char(available_chars[ch]);
  74.                 new_password[current_len+1] = '\0';
  75.                 pwlist.push_back(new_password);
  76.                 if (strlen(new_password) == MAX_LEN){
  77.                     correct_pwlist.push_back(new_password);
  78.                 }
  79.             }
  80.             pwlist.pop_front();
  81.             if(current_len == MAX_LEN - 1){
  82.                 break;
  83.             }
  84.         }
  85.         // now remove the front element as it didn't match the password
  86.         correct_pwlist.pop_front();
  87.     }
  88. }
  89.  
  90. int main()
  91. {
  92.     char* salt;
  93.     char* target;
  94.     char* password;
  95.    
  96.     //convert the salt from string to char*
  97.     salt = new char[SALT.length()+1];
  98.     copy(SALT.begin(), SALT.end(), salt);
  99.  
  100.     //convert the hash from string to char*
  101.     target = new char[ENCRYPTED_PASS.length()+1];
  102.     copy(ENCRYPTED_PASS.begin(), ENCRYPTED_PASS.end(), target);
  103.  
  104.     //start the search
  105.     password = exhaustive_search(salt, target);
  106.     if  (strlen(password)!= 0)
  107.         cout << "Password  successfuly  cracked: "  << password << "  \n";
  108.     else
  109.         cout << "Failure to find password \n";
  110. }
  111.  
RAW Paste Data