|
Brute Force Cracking of Passwords
Brute force technique is very simple and efficient,
basically it try out all possible combination of password by
given character set. The developer of such program admitted
that the software includes artificial delays to make the
cracking appear to take longer than it really does. because
some commercial application have restricted by numbers of attempt
for password guising and automatically lock the system for
preventing hack.
Brute force cracking works by trying all possible values for
the key until the right one is found. Once it succeeds, the
attacker can read the message that was encrypted with that
key. along with other messages encrypted with that key. the
principle defense against brute force cracking is to produce
as long a list of legal keys as possible, As the list gets
longer, so does the amount of work it could take to guess the
right key.
How to make key combination for find right password?
If your password length very small say 3 and numbers of different
character used to make the password are very few say 4 and fortunately
you the characters then you may try the password for 24
times and definitely at one time you get the right password.
However real time scenario is very different normally we don't
know the password length and key combination, for better
performance always try with less character long passwords
like start with 1,2,3,4..10 and key combination like
start with digits, characters upper, characters lower, then
combination of upper, lower, combination of characters and
digits and lastly combination of digits, mixed case characters
and special characters.
I know now you want some practical things, so first thing
first now we first create key combination,
Following code create unique key combination of equal
length.
'>>>
create unique key with equal length combination
Dim
NoChar As Integer
NoChar = 26 '>>>No
of charcaters
Dim
KeyLen As Integer
KeyLen = 22 '>>>password
lengths
'>>>
store password characters
Dim
StrPChar() As String
ReDim
StrPChar(NoChar)
'>>>
store for orginal value
Dim
TempChar() As String
ReDim
TempChar(NoChar)
Dim
i, j, k, c, p As Integer
'>>>store
alaphabet A-Z
For
i = 65 To 91
StrPChar(i
- 65) = Chr(i)
Next
'>>>copy
original value to temp
Array.Copy(StrPChar,
TempChar, NoChar)
'>>>
store each uniqe password
Dim
StrPass As String
StrPass = ""
'>>>
store all passwords
Dim
TPass As String
TPass = ""
For
i = 0 To NoChar - 1
c
= 1
p
= 1
While
c < NoChar * 2 - 1
For k = 1 To
KeyLen - 1
StrPass = StrPass & StrPChar(k)
Next
StrPass
= StrPChar(0) & StrPass
'>>> add new
password to list box
TPass = TPass & StrPass & vbCrLf
StrPass = ""
'>>> increment
pointer
c = c + 1
p = p + 1
Dim t As
String
If p < NoChar Then
t = StrPChar(0)
Array.Clear(StrPChar, 0, NoChar)
Array.Copy(TempChar, StrPChar, NoChar)
'>>> change first
value
StrPChar(0) = t
StrPChar(1) = TempChar(p - 1)
StrPChar(p - 1) = TempChar(1)
Else
p = 2
t = StrPChar(0)
Array.Clear(StrPChar, 0, NoChar)
Array.Copy(TempChar, StrPChar, NoChar)
'>>> change first
value
StrPChar(0) = t
StrPChar(1) = TempChar(p - 1)
StrPChar(p - 1) = TempChar(1)
End If
End
While
'>>>
increase initial value
If
j < NoChar Then
j = j + 1
'>>> copy from
temp
Array.Clear(StrPChar, 0, NoChar)
Array.Copy(TempChar, StrPChar, NoChar)
'>>> change first
value
StrPChar(0) = TempChar(j)
StrPChar(j) = TempChar(0)
End
If
Next
It will create Password Combination of equal length with
unique character, you may create separate program to create reputing
character password and varying length password combination.
Output of above code something like.
| |
SUCDEFGHIJKLMNOPQRSTBV
SVCDEFGHIJKLMNOPQRSTUB
SWCDEFGHIJKLMNOPQRSTUV
TQCDEFGHIJKLMNOPBRSTUV
UECDBFGHIJKLMNOPQRSTUV
UFCDEBGHIJKLMNOPQRSTUV
AICDEFGHBJKLMNOPQRSTUV
AJCDEFGHIBKLMNOPQRSTUV
BJCDEFGHIBKLMNOPQRSTUV
BQCDEFGHIJKLMNOPBRSTUV |
Now you understand the first step of cracking password,
it may become complicated if you want to use multithreading
means to run password finder program in threading, you can
divide your password directory list in separate location and
point them while running your actual finding utility. by threading
you can dictate your compute do more thing in a single
time, you may run 10 loops in same time.
How to Try each password automatically?
You can use send keys to open non database or non ISM
type application, and for ISM type document it is very much
easy to create a connection string and passing the password
with parameter and check the connection state if state is
open then you got password. otherwise you loop for each and
every possible password.
For finding password of Access or Excel you need to know the
connection string with password, I give you sample coding
for finding password of access database,
'>>>
store access filename to crack
Dim
FileName As String
FileName = "C:\db1.mdb"
Dim
TPass As String
Dim
i As Integer
'>>>
password combination
'>>>
here we are create 3 character password
'>>>
with "A","B" and "C"
Dim
NoPass As Integer
NoPass = 30
'>>>
store password in array
'>>>
you can use already created password combination
'>>>
or you can create it in runtime
'>>>
it is better you create password key combination
'>>>
sepeartly and use it when needed
Dim
A() As String
ReDim
A(NoPass)
A(0) = "A"
A(1) = "B"
A(2) = "C"
A(3) = "AA"
A(4) = "AB"
A(5) = "AC"
A(6) = "BB"
A(7) = "BA"
A(8) = "BC"
A(9) = "CC"
A(10) = "CA"
A(11) = "CB"
A(12) = "AAB"
A(13) = "AAC"
A(14) = "BAA"
A(15) = "CAA"
A(16) = "BBA"
A(17) = "BBC"
A(18) = "ABB"
A(19) = "ACC"
A(20) = "CCA"
A(21) = "CCB"
A(22) = "ACC"
A(23) = "BCC"
A(24) = "ABC"
A(25) = "CBA"
A(26) = "BAC"
A(27) = "BCA"
A(28) = "ACB"
A(29) = "CAB"
'>>>
it is not complete listed you may find
'>>>
many more passwords by using 3 characters
'>>>
intialiaze array pointer
i = 0
'>>>
we will try if any error occures
'>>>
here error will come when we supply wrong password
On
Error Resume
Next
For
i = 0 To NoPass - 1
'>>>
password
TPass
= A(i)
Dim
Db As Database
'>>>
build connection string
Db
= OpenDatabase(FileName, False,
False, "MS
Access;PWD=" &
TPass)
Dim
c As Integer
c
= 0
c
= Db.TableDefs.Count
'>>>
if password is coorect
'>>>
you get the table counts
If
c > 0 Then
'>>> congrats!!!!
you find the password
MsgBox("Password
Found, Password is without braces [" & TPass
& "]",
vbInformation)
Exit For
End
If
Next
This is not very robust code for finding password ,
it finds password depends on key combination you supply, you
may create random pause mechanism after a random numbers of
time. Otherwise it may corrupt the file, always take a
backup copy of original file before try. it may locked or
corrupt. Above password finder program very much efficient
to find a 10 bytes password with single case character
password within 5 minutes. If everything goes right you will
find the password.
You can download this sample source code and Visual Basic 6
(VB6) and Visual Basic .NET (VB.Net) project, source code
contains key combination program and password find program
for access file.
Click here for DOWNLOAD Password
Recovery Project source files.
So now you know how to create password key combination and
how to try each password to crack the file, but for very
large password length say more than 10 and different character
combinations (characters with case, digits, special characters)
it requires a huge amount of time for processor to crack. In
brute force cracking we don't have any other option other
than try each possible key combination.
Brute force analysis on shorter key
|
Type of
Key |
Bits |
Nos of
Keys |
Test
Time/Key |
No of
Threading |
Avg
Search Time |
|
3 digit language key |
10 |
1,000 |
2 sec |
1 |
17 min |
|
4 digit cash card pin |
14 |
10,000 |
60 sec |
1 |
3.5 days |
|
Short text password |
28 |
81,450,625 |
50 micro sec |
1 |
34 min |
|
Long text password |
40 |
1,099,511,627,776 |
50 micro sec |
50 |
6 days |
|
DES Key |
56 |
72,057,594,037,927,900 |
50 micro sec |
1 |
5,274 yrs |
There is another way to find password
it is tough but very much accurate and less time consuming
for non ISM type of documents, If you know the byte location
of the stored encrypted password, then you just decrypt the
encrypted password to get the secret keys. However it
requires very good knowledge of byte manipulation. Any way i
am not a hacker or cracker, i just want to give you a
knowledge of how it works and make your application very
much robust and secured.
Tips to Follow make Secret Key and Secured Application
-
Always use
alphanumeric password.
-
Use different
case mixed with upper and lower case combination
-
Use Special
Characters
-
Lock the
application if more than 3 times guess for secret key.
Next
Password
Recovery Source Code
|
