Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- /* 4brute -- brute-force the plaintext out of a list of collected
- * crypt'd tripcodes, as used by the futallaby-based image boards
- * (i.e: 4chan.org, wakachan.net)
- * --
- * Compile:
- * gcc -O3 -o 4brute 4brute.c -lssl # Most Linuxen
- * gcc -O3 -o 4brute 4brute.c -ldes # NetBSD
- * gcc -O3 -o 4brute 4brute.c ../mumble/libdes.a # Mine
- * gcc -O3 -fast -mcpu=7450 -o 4tripper 4tripper.c -lcrypto -lssl # OSX on a G4
- * --
- * Usage:
- * ./4brute tripcodelist |tee >cracked.
- * Where "channerlist" looks like:
- * Lain:dBqnRui06E
- * Thock:a5sXscBP32
- * WAHa:WAHa.06x36
- * [etc..]
- * --
- * Hints:
- * The default searchspace is rather large; however 95% of people will
- * be using a single lowercase word as a tripcode, or some other such
- * shortcut. Try these at first:
- * ./4brute -k 0123456789. -p 10000 <tripcode file>
- * ./4brute -k 0123456789abcdef -p 10000 <tripcode file> - the Lain special!
- * ./4brute -k -r abcdefghijklmnopqrstuvwxyz -p 10000 <tripcode file>
- * Of course, people will now look at the above and immediately try to use
- * letters that would maximise your search time, in which case, you can do
- * things like this:
- * ./4brute -r -k ABCDEFGHIJKLMNOPQRSTUVWXYZ <tripcode file>
- * ./4brute -r -k \?\>\<\/\.\,\"\:\'\;\}\{\]\[ ...etc... <tripcode file>
- * --
- * TODO:
- * Provide something for partitioning up the search across N machines.
- * --
- * COMING SOON (maybe): the quick dictionary cracker. It needs a rewrite
- * though..
- * --
- * Copyright 2004 Chris Baird,, <cjb@brushtail.apana.org.au>
- * Licenced as per the GNU Public Licence Version 2.
- * Released: 2004/12/22. Your CPU heatsink /is/ working, right?
- */
- #include <stdio.h>
- #include <stdlib.h>
- #include <string.h> /* strncpy(3) */
- #include <stdlib.h> /* srandom(3) */
- #include <time.h> /* time(3) */
- #include <signal.h> /* signal(3) */
- /* not quite the fastest DES library around, but still reasonable, and
- * most free Unixen should have it available. (Works for at least NetBSD
- * and Debian GNU/Linux (after "apt-get install libssl-dev")
- */
- #include <openssl/des.h>
- /* gotta ask for a robust way to tell the difference between the two..
- */
- #if !NEW_OPENSSL
- # define our_fcrypt des_fcrypt /* NetBSD, Linux... */
- #else
- # define our_fcrypt DES_fcrypt /* Gentoo, OSX... */
- #endif
- extern char *our_fcrypt(const char *buf,const char *salt, char *ret);
- /*
- * lol internet
- */
- void usage(void)
- {
- fprintf (stderr, "usage: 4brute [-s string] [-e string] [-t string] "
- "[-p num] [-r] tripcodefile\n"
- "\t-s string : initial key for search\n"
- "\t-e string : final key for search\n"
- "\t-k string : characters to use in the keys\n"
- "\t-p num : show progress every <num> keys checked\n"
- "\t-r : randomize the order of the keytable\n"
- " \"tripcodefile\" has the format \"username:tripcode\", "
- "one per line\n");
- exit (1);
- }
- void indexify (int *counts, char *word, char *table)
- {
- int i, j;
- for (i = 0; (word[i] != 0) && (i < 9); i++)
- {
- for (j = 0; table[j] != 0 && table[j] != word[i]; j++)
- ;
- counts[i] = j;
- }
- }
- void scramble (char *table)
- {
- int i, l, r;
- char t;
- srandom ((unsigned int)time(NULL));
- l = strlen (table);
- for (i = 0; table[i] != 0; i++)
- {
- r = random () % l;
- t = table[i];
- table[i] = table[r];
- table[r] = t;
- }
- }
- char wordchecked[9] = "4chan";
- void interrupted (int value)
- {
- printf ("\n\"%s\" \n", wordchecked);
- exit(-1);
- }
- int main(int argc, char *argv[])
- {
- FILE *fpass;
- char c, *p, salt0, salt1, salt[3], word[9], result[14], line[96];
- char users[4096][64], crypts[4096][16], salttable[256], table[256];
- int i, j, usercount=0, count=1, quit=0, counts[8], ending[8], counttick=0;
- int opt_e=0, opt_r=0, opt_k=0;
- extern char *optarg;
- extern int optind;
- /* setup */
- strcpy (table, "etaonrishdlfcmugpywbvkxjqz"
- "ETAONRISHDLFCMUGPYWBVKXJQZ0123456789"
- " .!:#/`()_$[]+*{}-");
- salt[2] = 0;
- for (i = 0; i < 8; i++)
- {
- counts[i] = -1;
- word[i] = 0;
- }
- for (i = 0; i <= 255; i++)
- salttable[i] = '.';
- for (i = '/'; i <= 'z'; i++)
- salttable[i] = i;
- for (i = ':'; i <= '@'; i++)
- salttable[i] = i + 7;
- for (i = '['; i <= '`'; i++)
- salttable[i] = i + 6;
- /* arg parsing */
- while ((c = getopt(argc, argv, "p:k:s:e:r")) != -1)
- switch (c)
- {
- case 'p':
- counttick = atoi (optarg);
- break;
- case 's':
- strncpy (word, optarg, 8);
- word[8] = 0;
- indexify (counts, word, table);
- printf ("Starting search from \"%s\"\n", word);
- break;
- case 'e':
- opt_e = 1;
- indexify (ending, optarg, table);
- printf ("Ending search at \"%s\"\n", optarg);
- break;
- case 'k':
- opt_k = 0;
- strncpy (table, optarg, 256);
- printf ("Searching through: %s\n", table);
- break;
- case 'r':
- opt_r = 1;
- break;
- default: usage();
- }
- argc -= optind;
- argv += optind;
- if (opt_r)
- {
- scramble (table);
- printf ("Searching through (randomised): %s\n", table);
- }
- counts[0] = 0;
- word[0] = table[0];
- /* tripcode file reading */
- if ((fpass = fopen (argv[0], "r")) == 0)
- usage();
- while (fgets (line, 96, fpass) != 0)
- {
- for (i = 0, p = line; *p != ':';)
- users[usercount][i++] = *p++;
- users[usercount][i] = 0;
- for (i = 0, p++; *p != '\n';)
- crypts[usercount][i++] = *p++;
- crypts[usercount][i] = 0;
- if (i != 10)
- {
- printf ("Bad input at line %d\n", usercount);
- exit(1);
- }
- usercount++;
- }
- fclose (fpass);
- printf ("Number of users scanned: %d\n\n", usercount); fflush(stdout);
- /* SIGINT catching */
- signal (SIGINT, interrupted);
- /* mainloop */
- while (!quit)
- {
- if (opt_e && (counts[0] == ending[0] && counts[1] == ending[1] &&
- counts[2] == ending[2] && counts[3] == ending[3] &&
- counts[4] == ending[4] && counts[5] == ending[5] &&
- counts[6] == ending[6] && counts[7] == ending[7]))
- quit = 1;
- /* find the right salt .. $salt=substr($cap."H.",1,2); */
- salt0 = word[1];
- salt1 = word[2];
- if (!salt0)
- {
- salt0 = 'H';
- salt1 = '.';
- }
- else if (!salt1)
- {
- salt1 = 'H';
- }
- salt[0] = salttable[salt0];
- salt[1] = salttable[salt1];
- /* blah */
- if (counttick && (count++ == counttick))
- {
- printf ("%s\r", word); fflush(stdout);
- count = 1;
- }
- /* crunch */
- our_fcrypt (word, salt, result);
- for (i = 0; i < usercount; i++)
- {
- if (result[3] != crypts[i][0]) continue;
- if (result[4] != crypts[i][1]) continue;
- if (result[5] != crypts[i][2]) continue;
- if (result[6] != crypts[i][3]) continue;
- if (result[7] != crypts[i][4]) continue;
- if (result[8] != crypts[i][5]) continue;
- if (result[9] != crypts[i][6]) continue;
- if (result[10] != crypts[i][7]) continue;
- if (result[11] != crypts[i][8]) continue;
- if (result[12] != crypts[i][9]) continue;
- printf ("Username \"%s\"\r\t\t\t\t\tCrypt \"%s\"\tTripcode \"%s\"\n",
- users[i], crypts[i], word);
- fflush(stdout);
- for (j = 0; j < 10; j++)
- crypts[i][j] = 0;
- }
- strcpy (wordchecked, word);
- /* bump */
- i = 0;
- check:
- counts[i]++;
- c = table[counts[i]];
- word[i] = c;
- if (c == 0)
- {
- counts[i] = 0;
- word[i] = table[0];
- i++;
- if (i < 8)
- goto check;
- quit = 1;
- }
- }
- return 0;
- }
Add Comment
Please, Sign In to add comment