Thread: written command line password generator

  1. #1
    noob lepricaun's Avatar
    Join Date
    Jul 2004
    Posts
    26

    written command line password generator

    hi guys, i've written a command line password generator ideal for scripting (works both on linux and windows).

    everything works great, it has the GPL license, and i'm satisfied with it

    BUT, i still would like to know what you guys think of the code, could it have been more efficient?

    here's the source:

    pwgenCL_2

    Code:
    /*
    pwgenCL version 2 (pwgenCL_2)Copyright (C) 2004 Scorpius, password generator, 
    written as a command line scripting utility.
    this program is freesource, which means you may use and/or modify it under the GPL license.
    if you'd like to contact me with comments/bugs/suggestions or just to say hello,
    my email address is: [email protected].
      
    i hope you enjoy using my program and that you find it usefull :)         
      
    to compile it under windows, get a copy of Dev-C++ (it's free), or another C/C++ compiler.
    to compile it under linux, just type "gcc -o pwgenCL_2 pwgenCL_2.c" (without the " quotes)
    */
    
    #include <stdio.h>
    #include <stdlib.h>
    #include <time.h>
    #include <strings.h>
    
    char *generated_password(char*, int,int);
    
    int main(int argc, char** argv)
    {   /*the character sets*/
        char *very_easy_set = "abcdefghijklmnopqrstuvwxyz";
        char *very_easy2_set = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
        char *easy_set = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
        char *medium_set = "abcdefghijklmnopqrstuvwxyz0123456789";
        char *hard_set = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
        char *hard2_set = "\\][^_abcdefghijklmnopqrstuvwxyz0123456789";
        char *very_hard_set = "!\"#$%'(*)+,-./abcdefghijklmnopqrstuvwxyz0123456789";
        char *extreme_set = "!\"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~";
        
        int characterset=0;
        int password_length=0;
        int user_supplied=0;
        if(argc!=4)
        {
    	    printf("\npwgenCL_2,commandline password generator, Copyright (C) 2004 Scorpius");
        	printf("\n\npwgenCL_2 is free software; you can redistribute it and/or modify");
        	printf("\nit under the terms of the GNU General Public License as published by");
        	printf("\nthe Free Software Foundation; either version 2 of the License.");
        	printf("\n\npwgenCL_2 is distributed in the hope that it will be useful,");
        	printf("\nbut WITHOUT ANY WARRANTY; without even the implied warranty of");
        	printf("\nMERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the");
        	printf("\nGNU General Public License for more details.");
        	printf("\n\nYou should have received a copy of the GNU General Public License");
        	printf("\nalong with this program; if not, write to the Free Software");
        	printf("\nFoundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA\n");
        	printf("\n\t   ***Contact Scorpius: [email protected]***");
        	printf("\n\nCharacter sets:");
        	printf("\n1: (a-z)\t\t\t\t\tvery easy password");
            printf("\n2: (A-Z)\t\t\t\t\tvery easy password");
            printf("\n3: (a-z,A-Z)\t\t\t\t\teasy password");
            printf("\n4: (a-z,0-9)\t\t\t\t\tmedium password");
            printf("\n5: (A-Z,a-z,0-9)\t\t\t\thard password");
            printf("\n6: (a-z,0-9, \\ ] [ ^ _ )\t\t\thard password");
            printf("\n7: ( ! \" # $ % ' ( * ) + , - . /  ,a-z,0-9)\tvery hard password");
            printf("\n8: full keyboard characters (except space), almost impossible to crack\n\n");
            printf("The maximum password length is 256 characters\n");
            printf("Usage: %s <characterset> <password length> <user supplied number>\n",argv[0]);
            printf("\n*The <user supplied number> is inserted to create extra randomness*\n");
            printf("\nExample: %s 8 15 5454303\n",argv[0]);
            return 0;
        }
        if(argc==4)/*if all parameters, (characterset,passwordlength,randomization number) run the program*/
        {
        	characterset=atoi(argv[1]);/*create integer from the argument*/
        	password_length=atoi(argv[2]);/*create integer from the argument*/
        	user_supplied=atoi(argv[3]);/*create integer from the argument*/
        	if (password_length<1)
            {
    		printf("Password length: %d is too small.\n",password_length);
    		return -1;
    		}
    		if (password_length>256)
    		{
    		printf("Password length: %d is too large.\n",password_length);
    		return -1;
    		}
        	switch(characterset)
        	{
                    case 1:
                            generated_password(very_easy_set,password_length,user_supplied);
                            break;
                    case 2:
                            generated_password(very_easy2_set,password_length,user_supplied);
                            break;
                    case 3:
                            generated_password(easy_set,password_length,user_supplied);
                            break;
                    case 4:
                            generated_password(medium_set,password_length,user_supplied);
                            break;
                    case 5: 
                            generated_password(hard_set,password_length,user_supplied);
                            break;
                    case 6:
                            generated_password(hard2_set,password_length,user_supplied);
                            break;
                    case 7:
                            generated_password(very_hard_set,password_length,user_supplied);
                            break;
                    case 8:
                            generated_password(extreme_set,password_length,user_supplied);
                            break;
                   default:
                            printf("Invalid character set\n");
    			            return -1;
                            break;
        	}
    	    return 0;
        }   
        else return -1;  
    }
    
    /*the password generator function*/
    
    char *generated_password(char* char_set, int length,int user_number)
    {
            
            srand(user_number*time(NULL));
            int loop;
            int set_length=strlen(char_set);
        
            for(loop=0;loop<length;loop++)
            {
                 putchar(char_set[rand()%set_length]);
            }
            printf("\n");
    }
    (b.t.w., it is opensource, feel free to use the program/alter the code under the GPL license)


    grtz

    Scorpius
    The path of access leads to the tower of wisdom...
    __________________________________________________ ___________________

    Code:
    
    #include <stdio.h>
    
    int main(void)
    {
            const char buf[17]="Hello everybody!";
    	printf("%s\n",buf);
            return 0;
    }
    

  2. #2
    Gawking at stupidity
    Join Date
    Jul 2004
    Location
    Oregon, USA
    Posts
    3,218
    Special thanks to itsme86 from linuxquestions.org for helping me make password generation faster and more modular.
    If you understand what you're doing, you're not learning anything.

  3. #3
    Registered User hk_mp5kpdw's Avatar
    Join Date
    Jan 2002
    Location
    Northern Virginia/Washington DC Metropolitan Area
    Posts
    3,817
    You make no checks that the arguments provided on the command line are integers. You simply call atoi on arguments that could potentially be non-numeric text data.
    "Owners of dogs will have noticed that, if you provide them with food and water and shelter and affection, they will think you are god. Whereas owners of cats are compelled to realize that, if you provide them with food and water and shelter and affection, they draw the conclusion that they are gods."
    -Christopher Hitchens

  4. #4
    End Of Line Hammer's Avatar
    Join Date
    Apr 2002
    Posts
    6,231
    The code doesn't compile for me.

    Error here (variables declared after the code has started):
    Code:
     		srand(user_number*time(NULL));
     		int loop;
     		int set_length=strlen(char_set);
    Function generated_password() should return a value, but doesn't.
    When all else fails, read the instructions.
    If you're posting code, use code tags: [code] /* insert code here */ [/code]

  5. #5
    and the hat of int overfl Salem's Avatar
    Join Date
    Aug 2001
    Location
    The edge of the known universe
    Posts
    39,656
    > else return -1;
    1. returning negative values from main is highly implementation specific. I don't know of anything which will return that successfully.
    2. It never happens, since you have if(argc!=4) and if(argc==4) covering all the bases.

    Use an array of strings, and eliminate the switch/case
    Code:
        char *sets[] = {
            "abcdefghijklmnopqrstuvwxyz",
            "ABCDEFGHIJKLMNOPQRSTUVWXYZ",
        };
    
        // now do it
        generated_password( sets[characterset-1], password_length, user_supplied );
    3. Your help blurb should be in a separate function.
    It just makes main() a lot neater, and allows you to really see what the major tasks of the program are.
    If you dance barefoot on the broken glass of undefined behaviour, you've got to expect the occasional cut.
    If at first you don't succeed, try writing your phone number on the exam paper.

  6. #6
    noob lepricaun's Avatar
    Join Date
    Jul 2004
    Posts
    26
    Special thanks to itsme86 from linuxquestions.org for helping me make password generation faster and more modular
    well, actually someone else (can't remember his nick at the moment, also helped advised me to do the same(www.security-forums.com)) but special thanks to everyone that helped me, from the first problem i encountered, to the final adjustments.

    i think you can see why i didn't mention you, the list would be too long, where would i stop? i could thank the authors of the books i've read, the authors of the tutorials, and everyone else that made a suggestion to improve it.

    no offense, but it would take a long text summing all those people. i think you should be proud for yourself that you could have helped me, do you really need credit for it? then thanks ITSME86!

    You make no checks that the arguments provided on the command line are integers. You simply call atoi on arguments that could potentially be non-numeric text data.
    i've tested this, and it would return the message "password is too small" or ilegal characterset" i think this covers it, correct me if i'm wrong.

    The code doesn't compile for me.

    Error here (variables declared after the code has started):
    Code:

    srand(user_number*time(NULL));
    int loop;
    int set_length=strlen(char_set);


    Function generated_password() should return a value, but doesn't.
    strange, it works for me, i just compiled it again on slackware 10, with gcc -o pwgenCL_2 pwgenCL_2.c
    no problems..

    and i've tried making the function of type void, but it would not compile at all

    i'll have to look into this....

    > else return -1;
    1. returning negative values from main is highly implementation specific. I don't know of anything which will return that successfully.
    2. It never happens, since you have if(argc!=4) and if(argc==4) covering all the bases.
    point 1> what do you think i should have done then?
    point 2> yes i know, but at www.programmingforums.org (another forum ) they've made it clear, with another program, that main should always return a value at the end of the code, even when it's sure the code would never get there ( or was it at this site?), never mind, but that's the reason i did this...

    as for the the switch statement, i liked the code more like this, but i think that's just my opinion, but the program works, and i'm glad with that...

    i could also rewrite the if statements to (a>b)?do this: do that;
    it is just a choice i made, but i did thought about it...

    as for the help function, yes i agree, it would been more nicer if i have done this... i will keep this in mind for future reference..


    thanks for the replies
    The path of access leads to the tower of wisdom...
    __________________________________________________ ___________________

    Code:
    
    #include <stdio.h>
    
    int main(void)
    {
            const char buf[17]="Hello everybody!";
    	printf("%s\n",buf);
            return 0;
    }
    

  7. #7
    Registered User
    Join Date
    Aug 2004
    Posts
    34
    point 1> what do you think i should have done then?
    exit(EXIT_FAILURE);

    it's more portable anyway.

  8. #8
    noob lepricaun's Avatar
    Join Date
    Jul 2004
    Posts
    26
    do i need a special library for it? how about exit 1?
    The path of access leads to the tower of wisdom...
    __________________________________________________ ___________________

    Code:
    
    #include <stdio.h>
    
    int main(void)
    {
            const char buf[17]="Hello everybody!";
    	printf("%s\n",buf);
            return 0;
    }
    

  9. #9
    Registered User
    Join Date
    Aug 2004
    Posts
    34
    do i need a special library for it? how about exit 1?
    #include <stdlib.h>

    exit(1); works too but I'm not sure if thats as portable as exit(EXIT_FAILURE);

    also some people might use exit(1) for the first failure, exit(2) for the next, ect.

  10. #10
    Registered User Draco's Avatar
    Join Date
    Apr 2002
    Posts
    463
    I've never see exit before, what's the difference between it and return?

  11. #11
    Quote Originally Posted by Draco
    I've never see exit before, what's the difference between it and return?
    exit() ends the execution anywhere. It acts like return from main().

    Actually, on most implementation, the init code calls main() like this:
    Code:
       exit (main(argc, argv));
    This is how the function registred by atexit() (if any) is called in both cases.
    Emmanuel Delahaye

    "C is a sharp tool"

  12. #12
    Registered User linuxdude's Avatar
    Join Date
    Mar 2003
    Location
    Louisiana
    Posts
    926
    I don't usually like to use atexit(), but I do see a need for it. SDL will want you to use it. It just looks clumsy, I don't know why.

  13. #13
    noob lepricaun's Avatar
    Join Date
    Jul 2004
    Posts
    26
    that clears things up! i'll keep it in mind for future reference

    thanks for the reply :P
    The path of access leads to the tower of wisdom...
    __________________________________________________ ___________________

    Code:
    
    #include <stdio.h>
    
    int main(void)
    {
            const char buf[17]="Hello everybody!";
    	printf("%s\n",buf);
            return 0;
    }
    

  14. #14
    Registered User
    Join Date
    Aug 2004
    Posts
    1
    lots of good replies and tips, but you're not always going write a perfect program first shot... there's a lot to remember if you follow eve4rything everyone said.. so just get the major parts worked out... like the compiling error, and the input checks and you should be good to go

  15. #15
    Registered User
    Join Date
    Sep 2001
    Posts
    4,912
    atexit is like a destructor for your whole program. It just adds a certain function to a list of functions that need to be executed at shut down. EXIT_FAILURE I believe is just the same as 1. It appears to be nothing more than a #define'd MACRO.

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. help with password list generator
    By casper29 in forum C Programming
    Replies: 4
    Last Post: 02-12-2009, 02:23 AM
  2. [Q]Hide Password
    By Yuri in forum C++ Programming
    Replies: 14
    Last Post: 03-02-2006, 03:42 AM
  3. NAQ: Everything you never wanted to know about CPP
    By evildave in forum C Programming
    Replies: 21
    Last Post: 12-12-2005, 10:56 AM
  4. Random Password Generator v1.0 - download it
    By GaPe in forum A Brief History of Cprogramming.com
    Replies: 3
    Last Post: 08-18-2002, 01:27 AM
  5. Password generator
    By MrJake in forum C++ Programming
    Replies: 9
    Last Post: 02-24-2002, 11:44 PM