Jump to content


Photo

C generate all possible combination of strings - for brute force


7 replies to this topic

#1 CodeExplorer

CodeExplorer

    .NET/JAVA reverser

  • B@S Team
  • PipPipPipPipPip
  • 897 posts
  • Gender:Male
  • Location:Romania
  • Interests:girls, RE/coding
  • Team:BlackStorm

Posted 31 January 2019 - 04:42 PM

C generate all possible combination of strings - for brute force:

char* ValidChars = "0123456789ABCDEF";
int MinimLen = 1;
int MaximLen = 2;
char SpecialChars[255] = {0};
char GeneratedString[50] = {0};
int Valid_Chars_len = strlen(ValidChars);

SpecialChars[0] = ValidChars[0];  // the first char will be first allowed char

// SpecialChars[i] will point to next char like this:
// SpecialChars['a'] = 'b';
// SpecialChars['b'] = 'c';
// SpecialChars['c'] = 00;  // the end of a loop
for (int i=0;i<Valid_Chars_len-1;i++)
SpecialChars[ValidChars[i]] = ValidChars[i+1];

memset(GeneratedString, ValidChars[0], MinimLen);  // we start with 'aaa' string

char NextChar;
int Pos = 0;
while (1)
{
Pos = 0;
printf("gen = %s\r\n", GeneratedString);

LoopStart:
NextChar = SpecialChars[GeneratedString[Pos]];
if (NextChar!=0)
{
GeneratedString[Pos] = NextChar;
}
else
{

GeneratedString[Pos] = SpecialChars[0];  // we start again
Pos++;

if (Pos>=MaximLen)
break;

goto LoopStart;
}
		

}


The code works 100% ok but it is a bit ugly especially the "goto LoopStart;"
Any other optimizations I could make to the above code or other generation of all combinations possibility?
Obviously should be optimized to the maximum!

 


  • 0

#2 Kurapica

Kurapica

    Experience Member

  • B@S Team
  • PipPipPipPipPipPip
  • 2,599 posts
  • Gender:Male
  • Location:Archives
  • Team:Black Storm

Posted 31 January 2019 - 04:55 PM

Using goto is not that bad ! I know some people say don't use it but it shouldn't be a deal breaker

 

regarding the while(1)

 

you can use the condition "(Pos>=MaximLen)" to break it instead of "while(1)"

 

Just an other tip, always add Unicode support in your code if possible.


  • 0

#3 CodeExplorer

CodeExplorer

    .NET/JAVA reverser

  • B@S Team
  • PipPipPipPipPip
  • 897 posts
  • Gender:Male
  • Location:Romania
  • Interests:girls, RE/coding
  • Team:BlackStorm

Posted 31 January 2019 - 07:04 PM

Thanks for help.

 

char* ValidChars = "0123456789ABCDEF";
int MinimLen = 1;
int MaximLen = 3;

And I changed a bit the source for testing purposes:
int Count1 = 0;
int Count2 = 0;

while (1)
{
Count1++;
Pos = 0;
printf("gen = %s\r\n", GeneratedString);

...
else
{
Count2++;
GeneratedString[Pos] = SpecialChars[0];  // we start again
Pos++;

And I get:
Count1 = 4368
Count2 = 291

 

So checking lots of time (Count1) for break condition if (Pos>=MaximLen) should be much slower then checking only few times (Count2) for break condition. Maybe I am missing something (I may be wrong)!

Seems the only thing I could do seems to be implementing the program in MASM.
 


  • 0

#4 Kurapica

Kurapica

    Experience Member

  • B@S Team
  • PipPipPipPipPipPip
  • 2,599 posts
  • Gender:Male
  • Location:Archives
  • Team:Black Storm

Posted 31 January 2019 - 07:51 PM

Unless you are using a 386 CPU then don't bother over-optimizing it, or maybe you are doing this for an educational purpose ?

Compilers can do a great work optimizing your C code


  • 1

#5 CodeExplorer

CodeExplorer

    .NET/JAVA reverser

  • B@S Team
  • PipPipPipPipPip
  • 897 posts
  • Gender:Male
  • Location:Romania
  • Interests:girls, RE/coding
  • Team:BlackStorm

Posted 01 February 2019 - 10:05 AM

I was able to optimize it using pointers:
 

char* ValidChars = "0123456789ABCDEF";
int MinimLen = 8;
int MaximLen = 8;
char SpecialChars[255] = {0};
char GeneratedString[50] = {0};
int Valid_Chars_len = strlen(ValidChars);

SpecialChars[0] = ValidChars[0];  // the first char will be first allowed char

// SpecialChars[i] will point to next char like this:
// SpecialChars['a'] = 'b';
// SpecialChars['b'] = 'c';
// SpecialChars['c'] = 00;  // the end of a loop
for (int i=0;i<Valid_Chars_len-1;i++)
SpecialChars[ValidChars[i]] = ValidChars[i+1];

memset(GeneratedString, ValidChars[0], MinimLen);  // we start with 'aaa' string

char *Pointer = &GeneratedString[0];  // the gen string start
char *PointerEnd = &GeneratedString[0]+MaximLen;  // the gen string end
char NextChar = 0;
while (1)
{
Pointer = &GeneratedString[0];  // place in Pointer address of GeneratedString
printf("gen = %s\r\n", GeneratedString);

LoopStart:
NextChar = SpecialChars[*Pointer];
if (NextChar!=0)
{
*Pointer = NextChar;  // set generated with next char
}
else
{
*Pointer = SpecialChars[0];  // we start again
Pointer++;

if (Pointer>=PointerEnd)  // if we reached the end
break;

goto LoopStart;
}

}


  • 1

#6 DARKER

DARKER

    Member

  • Members
  • PipPip
  • 37 posts
  • Gender:Male
  • Team:SCF

Posted 25 February 2019 - 07:40 AM

You can inspire also with this:

https://github.com/h...t/maskprocessor

 

it's BF algo + Mask attack (used also in hashcat)


  • 1

#7 CodeExplorer

CodeExplorer

    .NET/JAVA reverser

  • B@S Team
  • PipPipPipPipPip
  • 897 posts
  • Gender:Male
  • Location:Romania
  • Interests:girls, RE/coding
  • Team:BlackStorm

Posted 25 February 2019 - 07:02 PM

https://github.com/h...t/maskprocessor
How to use maskprocessor:

https://forum.hashki...ew.aspx?t=19245

 

The fastest is PasswordsPro InsidePro:
which if free and without limitations:
http://www.insidepro...asswordspro.zip
I don't have any idea on how it is that fast: 5 billions password/second for MD5
I've tried to understand what it does for being that fast but I've failed!
A simple algorithm I try to brute force which has only 5 rounds (not 64 rounds as MD5)
takes me 16/18 seconds to complete.

 

 


  • 0

#8 DARKER

DARKER

    Member

  • Members
  • PipPip
  • 37 posts
  • Gender:Male
  • Team:SCF

Posted 26 February 2019 - 07:00 AM

As i remember some parts of InsidePro was written in ASM  for better speed.


  • 0



Reply to this topic



  


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users