Thread: Why my program isn't working: Crack password using crypt function DES based.

  1. 07-13-2017 #1
    roy_000
    roy_000 is offline
    Registered User
    Join Date
    Jul 2017
    Posts
    5

    Why my program isn't working: Crack password using crypt function DES based.

    Code:
    /* DES Based crypt. Assuming the password is upto 4 letters, alphabets both upper and lower case. I'm new to coding, please help.
example: Hash : 50fkUxYHbnXGw has a key: "rofl" ... where salt: 50*/

#define _XOPEN_SOURCE
#include <unistd.h>
#include <stdio.h>
#include <cs50.h>
#include <stdlib.h>
#include <string.h>
#include <ctype.h>


int main(int argc, string argv[])
{
    
    
    char salt[2];
    
    string k = argv[1];
    
    if( argc != 2 )
    {
        printf("Hash cannot be determined. Terminate Program. \n");
        return 1;
    }
    
    if(strlen(k) != 13)
        {
           printf("Invalid Hash Length. Terminate Program. \n");
           return 1; 
        }    
    
    
    salt[0] = k[0];
    salt[1] = k[1];
    
    
    int m, i, j, h, g;
    // for 1 space
    char c[5]; c[1] = '\0';
    
    for (i=65; i<=90; i++)
    {
           c[0] = i;
         
           if(strcmp(crypt(c,salt),k) == 0)
           {
               printf("Password: %s\n", c);
               return 0;
           }
           
           c[0] = tolower(c[0]);
         
           if(strcmp(crypt(c,salt),k) == 0)
           {
               
               printf("Password: %s\n", c);
               return 0;
           }
           
    }
       
    // for 2 spaces
    c[0] = '\0'; c[2] = '\0';
    
    m=0;
        for(i=65; i<=90; i++)
        {
            
        
            c[m] = i;
            for (j=65; j<=90; j++)
            {
                c[m+1] = j;
             
                if(strcmp(crypt(c,salt),k) == 0)
                {
                    printf("Password: %s\n", c);
                    return 0;
                }
           
                c[m] = tolower(c[m]);
                
                if(strcmp(crypt(c,salt),k) == 0)
                {
               
                    printf("Password: %s\n", c);
                    return 0;
                }
           
                c[m+1] = tolower(c[m+1]);
                if(strcmp(crypt(c,salt),k) == 0)
                {
               
                    printf("Password: %s\n", c);
                    return 0;
                }
           
                c[m] = toupper(c[m]);
                if(strcmp(crypt(c,salt),k) == 0)
                {
               
                    printf("Password: %s\n", c);
                    return 0;
                }
           
           
            }
        
        }
        
    
    
    // for 3 spaces
    
    c[0] = '\0'; c[3] = '\0';
    
    m=0;
        for(i=65; i<=90; i++)
        {
            c[m] = i;
            for(h = 65; h<=90; h++)
            {
                c[m+1] = h;
                for (j=65; j<=90; j++)
                {
                    c[m+2] = j;
                    if(strcmp(crypt(c,salt),k) == 0)
                    {
                        printf("Password: %s\n", c);
                        return 0;
                    }
           
                    c[m+2] = tolower(c[m]);
                    if(strcmp(crypt(c,salt),k) == 0)
                    {
               
                        printf("Password: %s\n", c);
                        return 0;
                    }
           
                    c[m+1] = tolower(c[m+1]);
                    c[m+2] = toupper(c[m+2]);
                    if(strcmp(crypt(c,salt),k) == 0)
                    {
               
                        printf("Password: %s\n", c);
                        return 0;
                    }
           
                    c[m+2] = tolower(c[m+2]);
                    if(strcmp(crypt(c,salt),k) == 0)
                    {
               
                        printf("Password: %s\n", c);
                        return 0;
                    }
                    
                    c[m] = tolower(c[m]);
                    c[m+1] = toupper(c[m+1]);
                    c[m+2] = toupper(c[m+2]);
                    if(strcmp(crypt(c,salt),k) == 0)
                    {
               
                        printf("Password: %s\n", c);
                        return 0;
                    }
           
                    c[m+1] = toupper(c[m+1]);
                    c[m+2] = tolower(c[m+2]);
                    if(strcmp(crypt(c,salt),k) == 0)
                    {
               
                        printf("Password: %s\n", c);
                        return 0;
                    }
                    
                    c[m+1] = tolower(c[m+1]);
                    c[m+2] = toupper(c[m+2]);
                    if(strcmp(crypt(c,salt),k) == 0)
                    {
               
                        printf("Password: %s\n", c);
                        return 0;
                    }
                    
                    c[m+1] = tolower(c[m+1]);
                    c[m+2] = tolower(c[m+2]);
                    if(strcmp(crypt(c,salt),k) == 0)
                    {
               
                        printf("Password: %s\n", c);
                        return 0;
                    }
           
           
                }
            }
        
        }
        
    // for 4 spaces
    c[0] = '\0'; c[4] = '\0';
    m=0;
    
        for(i=65; i<=90; i++)
        {
            c[m] = i;
            for(h = 65; h<=90; h++)
            {
                c[m+1] = h;
                for (j=65; j<=90; j++)
                {
                    c[m+2] = j;
                    
                    for(g=65; g<=90; g++)
                    {
                        
                        c[m+3] = g;
                        if(strcmp(crypt(c,salt),k) == 0)
                        {
                            printf("Password: %s\n", c);
                            return 0;
                        }
           
                        c[m+3] = tolower(c[m]);
                        if(strcmp(crypt(c,salt),k) == 0)
                        {
               
                            printf("Password: %s\n", c);
                            return 0;
                        }
           
                        c[m+2] = tolower(c[m+2]);
                        c[m+3] = toupper(c[m+3]);
                        if(strcmp(crypt(c,salt),k) == 0)
                        {
               
                            printf("Password: %s\n", c);
                            return 0;
                        }
           
                        c[m+3] = tolower(c[m+3]);
                        if(strcmp(crypt(c,salt),k) == 0)
                        {
               
                            printf("Password: %s\n", c);
                            return 0;
                        }
                    
                        c[m+1] = tolower(c[m+1]);
                        c[m+2] = toupper(c[m+2]);
                        c[m+3] = toupper(c[m+3]);
                        if(strcmp(crypt(c,salt),k) == 0)
                        {
               
                            printf("Password: %s\n", c);
                            return 0;
                        }
           
                        c[m+2] = toupper(c[m+2]);
                        c[m+3] = tolower(c[m+3]);
                        if(strcmp(crypt(c,salt),k) == 0)
                        {
               
                            printf("Password: %s\n", c);
                            return 0;
                        }
                    
                        c[m+2] = tolower(c[m+2]);
                        c[m+3] = toupper(c[m+3]);
                        if(strcmp(crypt(c,salt),k) == 0)
                        {
               
                            printf("Password: %s\n", c);
                            return 0;
                        }
                    
                        c[m+2] = tolower(c[m+2]);
                        if(strcmp(crypt(c,salt),k) == 0)
                        {
               
                            printf("Password: %s\n", c);
                            return 0;
                        }
                        
                        c[m] = tolower(c[m]);  
                        c[m+1] = toupper(c[m+1]);
                        c[m+2] = toupper(c[m+2]);
                        c[m+3] = toupper(c[m+3]);
                        if(strcmp(crypt(c,salt),k) == 0)
                        {
               
                            printf("Password: %s\n", c);
                            return 0;
                        }
           
                        c[m] = tolower(c[m]);  
                        c[m+1] = toupper(c[m+1]);
                        c[m+2] = toupper(c[m+2]);
                        c[m+3] = tolower(c[m+3]);
                        if(strcmp(crypt(c,salt),k) == 0)
                        {
               
                            printf("Password: %s\n", c);
                            return 0;
                        }
                    
                        c[m] = tolower(c[m]);  
                        c[m+1] = toupper(c[m+1]);
                        c[m+2] = tolower(c[m+2]);
                        c[m+3] = toupper(c[m+3]);
                        if(strcmp(crypt(c,salt),k) == 0)
                        {
               
                            printf("Password: %s\n", c);
                            return 0;
                        }
                    
                        c[m] = tolower(c[m]);  
                        c[m+1] = toupper(c[m+1]);
                        c[m+2] = tolower(c[m+2]);
                        c[m+3] = tolower(c[m+3]);
                        if(strcmp(crypt(c,salt),k) == 0)
                        {
               
                            printf("Password: %s\n", c);
                            return 0;
                        }
                        
                        c[m] = tolower(c[m]);  
                        c[m+1] = tolower(c[m+1]);
                        c[m+2] = toupper(c[m+2]);
                        c[m+3] = toupper(c[m+3]);
                        if(strcmp(crypt(c,salt),k) == 0)
                        {
               
                            printf("Password: %s\n", c);
                            return 0;
                        }
                        
                        c[m] = tolower(c[m]);  
                        c[m+1] = tolower(c[m+1]);
                        c[m+2] = toupper(c[m+2]);
                        c[m+3] = tolower(c[m+3]);
                        if(strcmp(crypt(c,salt),k) == 0)
                        {
               
                            printf("Password: %s\n", c);
                            return 0;
                        }
                        
                        c[m] = tolower(c[m]);  
                        c[m+1] = tolower(c[m+1]);
                        c[m+2] = tolower(c[m+2]);
                        c[m+3] = toupper(c[m+3]);
                        if(strcmp(crypt(c,salt),k) == 0)
                        {
               
                            printf("Password: %s\n", c);
                            return 0;
                        }
                        
                        c[m] = tolower(c[m]);  
                        c[m+1] = tolower(c[m+1]);
                        c[m+2] = tolower(c[m+2]);
                        c[m+3] = tolower(c[m+3]);
                        
                        
                        if(strcmp(crypt(c,salt),k) == 0)
                        {
               
                            printf("Password: %s\n", c);
                            return 0;
                        }
                        
                        
                        
                    }
           
           
                }
            }
        
        }
        
    
    
    
}
    Last edited by roy_000; 07-13-2017 at 10:42 AM.
  2. 07-13-2017 #2
    Salem
    Salem is offline
    and the hat of int overfl Salem's Avatar
    Join Date
    Aug 2001
    Location
    The edge of the known universe
    Posts
    39,666
    Well this seems odd - it isn't what you posted (missing last w)
    Code:
      char *p = crypt("rofl","50");
  printf("Hash=%s\n",p);

...
$ gcc -g foo.c -lcrypt
$ ./a.out 
Hash=50fkUxYHbnXGw
    Another more basic problem is so much copy/paste code which is going to be error prone (and simply not extendible to more characters).
    If you dance barefoot on the broken glass of undefined behaviour, you've got to expect the occasional cut.
    If at first you don't succeed, try writing your phone number on the exam paper.
  3. 07-13-2017 #3
    Salem
    Salem is offline
    and the hat of int overfl Salem's Avatar
    Join Date
    Aug 2001
    Location
    The edge of the known universe
    Posts
    39,666
    Following on from that, error prone.

    Use this to debug your key generation code to make sure it's working.
    Code:
    char *crypt ( char *c, char *salt ) {
  printf("%s\n",c);
  return ">";
}
    It isn't by the way,
    Code:
    $ ./a.out | grep -i rofl
rofL
    If you dance barefoot on the broken glass of undefined behaviour, you've got to expect the occasional cut.
    If at first you don't succeed, try writing your phone number on the exam paper.
  4. 07-13-2017 #4
    roy_000
    roy_000 is offline
    Registered User
    Join Date
    Jul 2017
    Posts
    5
    Thank you for your reply. I tried checking the function and the logic of my posted program by running the code stated below. I'm sorry maybe I am too much of a beginner but it would be great if you could help me.
    Code:
    #define _XOPEN_SOURCE
#include <unistd.h>
#include <cs50.h>
#include <stdio.h>
#include <string.h>
#include <ctype.h>  


int main (void)
{ 
  printf("Hash: \n");
  string hash = get_string();
  char salt[2];
  salt[0] = hash[0];
  salt[1] = hash[1];
  
  string key = "rofl" ;
  
  
  if(strcmp(crypt(key,salt),hash) == 0)
 
     printf("Working\n");
     
  else
  
     printf("NO\n");
  
}
  5. 07-13-2017 #5
    Salem
    Salem is offline
    and the hat of int overfl Salem's Avatar
    Join Date
    Aug 2001
    Location
    The edge of the known universe
    Posts
    39,666
    Works for me.
    Code:
    #define _XOPEN_SOURCE
#include <unistd.h>
#include <stdio.h>
#include <string.h>
#include <ctype.h>


int main (void)
{
  printf("Hash: \n");
  char *hash = "50fkUxYHbnXGw";
  char salt[2];
  salt[0] = hash[0];
  salt[1] = hash[1];

  char * key = "rofl" ;


  if(strcmp(crypt(key,salt),hash) == 0)

     printf("Working\n");

  else

     printf("NO\n");

}

$ ./a.out 
Hash: 
Working

    I don't have cs50.h, and don't know what get_string() does either.
    Maybe it's got a \n on the end.
    If you dance barefoot on the broken glass of undefined behaviour, you've got to expect the occasional cut.
    If at first you don't succeed, try writing your phone number on the exam paper.
  6. 07-13-2017 #6
    roy_000
    roy_000 is offline
    Registered User
    Join Date
    Jul 2017
    Posts
    5
    Thank you again!

    Yah get_string() function is in the cs50.h library that I'm using, It just accepts an input from the user.

    That is the problem. the logic is correct, the code ( i've checked soo many times) is correct and is running. Only not showing any output, also I've checked the program is running smooth till the end, except the key(password) isn't being printed.
  7. 07-13-2017 #7
    Salem
    Salem is offline
    and the hat of int overfl Salem's Avatar
    Join Date
    Aug 2001
    Location
    The edge of the known universe
    Posts
    39,666
    But I showed you in post #3 that your massive code only produces "rofL" and not "rofl" as a possible key.

    You never test the real key with your brute-force loops.
    If you dance barefoot on the broken glass of undefined behaviour, you've got to expect the occasional cut.
    If at first you don't succeed, try writing your phone number on the exam paper.
  8. 07-13-2017 #8
    roy_000
    roy_000 is offline
    Registered User
    Join Date
    Jul 2017
    Posts
    5
    Oh Okay.
    Thank you so much!
  9. 07-13-2017 #9
    rstanley
    rstanley is offline
    Registered User rstanley's Avatar
    Join Date
    Jun 2014
    Location
    New York, NY
    Posts
    1,127
    Quote Originally Posted by Salem View Post
    I don't have cs50.h, and don't know what get_string() does either.
    Maybe it's got a \n on the end.
    I located the library here. It does appear NOT to input a newline into the string.
  10. 07-13-2017 #10
    algorism
    algorism is offline
    Registered User
    Join Date
    Jun 2015
    Posts
    1,640
    When you find yourself repeating code like that, look for pattern and exploit it with a loop and/or function.

    It's also important to note that even using only upper- and lower-case letters, the number of combinations grows like crazy:
    Code:
    up to
n chars    # of combos
1                   52
2                2,756
3              143,364
4            7,454,980
5          387,659,012
6       20,158,268,676
7    1,048,229,971,204
8   54,507,958,502,660
    Code:
    #include <stdio.h>

// Using only upper- and lower-case letters
int next(char *s, int size) {
    for (int i = 0; i < size; i++) {
        if (s[i] == '\0') {
            s[i] = 'A';
            break;
        }
        if (s[i] == 'Z') {
            s[i] = 'a';
            break;
        }
        if (s[i] == 'z') {
            if (i == size - 1)
                return 0;
            s[i] = 'A';
        }
        else {
            s[i]++;
            break;
        }
    }
    return 1;
}

int main() {
    char s[5] = {0};

    while (next(s, 2))
        printf("%s ", s);

    putchar('\n');
    return 0;
}
  11. 07-13-2017 #11
    roy_000
    roy_000 is offline
    Registered User
    Join Date
    Jul 2017
    Posts
    5
    Thank you so much everyone!
« Previous Thread | Next Thread »
Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Integrity Checking for Password-based Archive Encryption
    By Abyssion in forum Tech Board
    Replies: 8
    Last Post: 03-14-2016, 05:39 PM
  2. c program to crack windows password..
    By Arjun Malhotra in forum Windows Programming
    Replies: 2
    Last Post: 07-08-2014, 07:51 AM
  3. c rpogram to crack windows password
    By Arjun Malhotra in forum C++ Programming
    Replies: 1
    Last Post: 07-08-2014, 03:51 AM
  4. The crypt function in crypt.h
    By guraknugen in forum C Programming
    Replies: 11
    Last Post: 07-15-2013, 02:24 PM

Tags for this Thread