diff --git a/Makefile b/Makefile
index 713a2c44f0908058a8721c0511f6d4f21aa4299a..18797b98768e704ec745e06d692e1b43c6de8ffe 100644
--- a/Makefile
+++ b/Makefile
@@ -2,7 +2,7 @@ CC = gcc
CFLAGS = -Wall -std=c99 -g
# modify the flags here ^
EXE = crack
-OBJ = proj-2_sha256.o decrypt.o hashtable.o
+OBJ = proj-2_sha256.o sha256-helper.o passwords.o four_password_strategy.o six_password_strategy.o decrypt.o hashtable.o
# add any new object files here ^
# top (default) target
all: $(EXE)
diff --git a/common_password_frequency.txt b/common_password_frequency.txt
new file mode 100644
index 0000000000000000000000000000000000000000..a802016f3902afc8647b468608957cca1de4e7c5
--- /dev/null
+++ b/common_password_frequency.txt
@@ -0,0 +1,46 @@
+e
+a
+r
+o
+n
+i
+s
+t
+l
+c
+d
+m
+h
+g
+b
+u
+p
+1
+y
+k
+f
+w
+2
+v
+j
+3
+z
+0
+4
+5
+9
+6
+x
+7
+8
+q
+*
+?
+.
+-
++
+&
+\
+'
+;
+!
diff --git a/substitutor.py b/common_password_statistics.py
similarity index 76%
rename from substitutor.py
rename to common_password_statistics.py
index 42e387cfc68f407c225e3ce8e41a1c7be63e46de..a358c2fac5121c0593f40379790f8bf6cf27572d 100644
--- a/substitutor.py
+++ b/common_password_statistics.py
@@ -81,6 +81,23 @@ def create_common_password_substitutions():
replacements.close()
f.close()
+def get_character_frequencies():
+ f = open("proj-2_common_passwords.txt", "r")
+ words = f.readlines()
+ f.close()
+ frequency = {}
+ for x in words:
+ for c in x:
+ if (c != "\n" and c != " "):
+ if (c in frequency.keys()):
+ frequency[c]+=1
+ else:
+ frequency[c] = 1
+ f = open("common_password_frequency.txt", "w")
+ for x in sorted(frequency.items(), key=lambda item: item[1], reverse=True):
+ f.write(x[0])
+ f.write("\n")
+ f.close()
-
-create_common_password_substitutions()
\ No newline at end of file
+# create_common_password_substitutions()
+get_character_frequencies()
\ No newline at end of file
diff --git a/decrypt.c b/decrypt.c
index 9e23ad857c1896399314dbc51f811e47cf1a18a1..91f87d5787372690868cfdfdf55bb8dec70471d3 100644
--- a/decrypt.c
+++ b/decrypt.c
@@ -5,160 +5,21 @@
#include "hashtable.h"
-#include "proj-2_sha256.h"
+#include "four_password_strategy.h"
+#include "six_password_strategy.h"
+#include "passwords.h"
+// adapted from https://github.com/RemyNoulin/sha256
char** store_password_hashes(char* hashes){
char **password_hashes = (char**)malloc((strlen(hashes)/64)*sizeof(char*));
assert(password_hashes);
memset(password_hashes,0,(strlen(hashes)/64));
for(int i=1; i <= strlen(hashes)/64; i++){
- password_hashes[i-1] = malloc(sizeof(char)*(64+1));
+ password_hashes[i-1] = calloc((64+1), sizeof(char));
assert(password_hashes[i-1]);
- memset(password_hashes[i-1],0,strlen(password_hashes[i-1]));
snprintf(password_hashes[i-1], 65, "%s",hashes + (i-1)*64);
}
return password_hashes;
}
-char *sha256_byteToHexString(BYTE data[]) {
- char *hexC = "0123456789abcdef";
- char *hexS = malloc(65);
- if (!hexS) return NULL;
- for(BYTE i; i<32; i++) {
- hexS[i*2] = hexC[data[i]>>4];
- hexS[i*2+1] = hexC[data[i]&0xF];
- }
- hexS[64] = 0;
- return hexS;
-}
-void brute_force_four(HashTable *ht){
- printf("brute force\n");
- char brute_guess[4];
- SHA256_CTX ctx;
- int hash;
- for(int i=65;i < 127; i++){
- brute_guess[0] = (char)i;
- for(int j=33;j < 127; j++){
- brute_guess[1] = (char)j;
- for(int k=33;k < 127; k++){
- brute_guess[2] = (char)k;
- for(int l=33;l < 127; l++){
- brute_guess[3] = (char)l;
- brute_guess[4] = '\0';
- sha256_init(&ctx);
- sha256_update(&ctx, brute_guess, strlen(brute_guess));
- BYTE guess[32];
- sha256_final(&ctx, guess);
- char* hex_guess = sha256_byteToHexString(guess);
- // printf("%s\n", brute_guess);
- if ((hash = hash_table_get(ht, hex_guess))>0){
- printf("%s %d\n", brute_guess, hash);
- printf("remaining passwords are : %d\n", remaining_hashes(ht));
- }
- if (remaining_hashes(ht) == 0){
- break;
- }
- }
- }
- }
- if(i == 127){
- i = 33;
- }
- else if(i == 64){
- break;
- }
- }
-}
-void brute_force_six(HashTable *ht){
- char brute_guess[6];
- SHA256_CTX ctx;
- int hash;
- for(int i=65;i < 127; i++){
- brute_guess[0] = (char)i;
- for(int j=65;j < 127; j++){
- brute_guess[1] = (char)j;
- for(int k=33;k < 127; k++){
- brute_guess[2] = (char)k;
- for(int l=33;l < 127; l++){
- brute_guess[3] = (char)l;
- for(int m=33;m < 127; m++){
- brute_guess[4] = (char)m;
- for(int n=33;n < 127; n++){
- brute_guess[5] = (char)n;
- brute_guess[6] = '\0';
- sha256_init(&ctx);
- sha256_update(&ctx, brute_guess, strlen(brute_guess));
- BYTE guess[32];
- sha256_final(&ctx, guess);
- char* hex_guess = sha256_byteToHexString(guess);
- if ((hash = hash_table_get(ht, hex_guess))>0){
- printf("%s %d\n", brute_guess, hash);
- printf("remaining passwords are : %d\n", remaining_hashes(ht));
- }
- if (remaining_hashes(ht) == 0){
- break;
- }
- }
- }
- }
- }
- if(j== 127){
- j= 33;
- }
- else if(j== 64){
- break;
- }
- }
- if(i == 127){
- i = 33;
- }
- else if(i == 64){
- break;
- }
- }
-}
-void generate_guesses_four(int n_guesses, HashTable *ht){
- FILE* file = fopen("proj-2_common_passwords.txt", "r");
- char line[20];
- SHA256_CTX ctx;
- int hash;
- while (fgets(line, sizeof(line), file) && remaining_hashes(ht) > 0){
- line[4] = '\0';
- // printf("%s\n", line);
- sha256_init(&ctx);
- sha256_update(&ctx, line, strlen(line));
- BYTE guess[32];
- sha256_final(&ctx, guess);
- char* hex_guess = sha256_byteToHexString(guess);
- if ((hash = hash_table_get(ht, hex_guess))>0){
- printf("%s %d\n", line, hash);
- printf("remaining passwords are : %d\n", remaining_hashes(ht));
- }
- }
- printf("finished file");
- fclose(file);
-}
-void generate_guesses_six(int n_guesses, HashTable *ht){
- FILE* file = fopen("proj-2_common_passwords.txt", "r");
- char line[20];
- SHA256_CTX ctx;
- int hash;
- printf("start generate");
- while (fgets(line, sizeof(line), file) && remaining_hashes(ht) > 0){
- line[6] = '\0';
- // printf("%s\n", line);
- sha256_init(&ctx);
- sha256_update(&ctx, line, strlen(line));
- BYTE guess[32];
- sha256_final(&ctx, guess);
- char* hex_guess = sha256_byteToHexString(guess);
- if ((hash = hash_table_get(ht, hex_guess))>0){
- printf("%s %d\n", line, hash);
- printf("remaining passwords are : %d\n", remaining_hashes(ht));
- }
- }
- printf("finished file");
- fclose(file);
-}
-
void read_hash_file_four(FILE *file){
if (file){
@@ -176,14 +37,18 @@ void read_hash_file_four(FILE *file){
printf("%d: %s\n", i, words[i]);
hash_table_put(password_hashes, words[i], (i+1));
};
- generate_guesses_four(10, password_hashes);
- brute_force_four(password_hashes);
+ Passwords *cracked_passwords = create_passwords(10);
+ generate_guesses_four(10, password_hashes, cracked_passwords);
+ popular_character_guess_four(password_hashes, cracked_passwords);
+ brute_force_four(password_hashes, cracked_passwords);
+ print_passwords(cracked_passwords);
for(int i=0; i < strlen(hashes)/64; i++){
printf("%d: %s\n", i, words[i]);
free(words[i]);
};
free(words);
free_hash_table(password_hashes);
+ free_passwords(cracked_passwords);
fclose(file);
}
}
@@ -206,6 +71,7 @@ void read_hash_file_six(FILE *file){
hash_table_put(password_hashes, words[i], (i+1));
};
generate_guesses_six(20, password_hashes);
+ popular_character_guess_six(password_hashes);
brute_force_six(password_hashes);
for(int i=0; i < strlen(hashes)/64; i++){
printf("%d: %s\n", i, words[i]);
@@ -219,10 +85,10 @@ void read_hash_file_six(FILE *file){
int main(int argc, char *argv[]){
FILE *file;
- // file = fopen("pwd4sha256", "r");
- // read_hash_file_four(file);
- file = fopen("pwd6sha256", "r");
- read_hash_file_six(file);
+ file = fopen("pwd4sha256", "r");
+ read_hash_file_four(file);
+ // file = fopen("pwd6sha256", "r");
+ // read_hash_file_six(file);
if (argc == 1){
//generate guesses and test against SHA256 hashes
}
diff --git a/four_password_strategy.c b/four_password_strategy.c
new file mode 100644
index 0000000000000000000000000000000000000000..bb63978d702d1ae25f07968593bfe7b75f806fc4
--- /dev/null
+++ b/four_password_strategy.c
@@ -0,0 +1,120 @@
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <assert.h>
+
+#include "hashtable.h"
+#include "proj-2_sha256.h"
+#include "four_password_strategy.h"
+#include "sha256-helper.h"
+#include "passwords.h"
+void brute_force_four(HashTable *ht, Passwords* solved){
+ printf("brute force\n");
+ char brute_guess[4];
+ SHA256_CTX ctx;
+ int hash;
+ for(int i=65;i < 127; i++){
+ brute_guess[0] = (char)i;
+ for(int j=33;j < 127; j++){
+ brute_guess[1] = (char)j;
+ for(int k=33;k < 127; k++){
+ brute_guess[2] = (char)k;
+ for(int l=33;l < 127; l++){
+ brute_guess[3] = (char)l;
+ brute_guess[4] = '\0';
+ sha256_init(&ctx);
+ sha256_update(&ctx, (BYTE*)brute_guess, strlen(brute_guess));
+ BYTE guess[32];
+ sha256_final(&ctx, guess);
+ char* hex_guess = sha256_byteToHexString(guess);
+ // printf("%s\n", brute_guess);
+ if ((hash = hash_table_get(ht, hex_guess))>0){
+ printf("%s %d\n", brute_guess, hash);
+ add_new_cracked(solved, brute_guess);
+ printf("remaining passwords are : %d\n", remaining_hashes(ht));
+ }
+ free(hex_guess);
+ if (remaining_hashes(ht) == 0){
+ break;
+ }
+ }
+ }
+ }
+ if(i == 127){
+ i = 33;
+ }
+ else if(i == 64){
+ break;
+ }
+ }
+}
+
+int popular_character_guess_four(HashTable *ht, Passwords* solved){
+ printf("popular character guess strategy\n");
+ char brute_guess[4];
+ SHA256_CTX ctx;
+ int hash;
+ char line[20];
+ FILE *file = fopen("common_password_frequency.txt", "r");
+ char frequent_characters[60];
+ int index = 0;
+ while (fgets(line, sizeof(line), file)){
+ line[1] = '\0';
+ frequent_characters[index] = line[0];
+ index++;
+ }
+ for(int i = 0;i < index; i++){
+ brute_guess[0] = frequent_characters[i];
+ for(int j = 0;j < index; j++){
+ brute_guess[1] = frequent_characters[j];
+ for(int k = 0;k < index; k++){
+ brute_guess[2] = frequent_characters[k];
+ for(int l = 0;l < index; l++){
+ brute_guess[3] = frequent_characters[l];
+ brute_guess[4] = '\0';
+ sha256_init(&ctx);
+ sha256_update(&ctx, (BYTE*)brute_guess, strlen(brute_guess));
+ BYTE guess[32];
+ sha256_final(&ctx, guess);
+ char* hex_guess = sha256_byteToHexString(guess);
+ // printf("%s\n", brute_guess);
+ if ((hash = hash_table_get(ht, hex_guess))>0){
+ printf("%s %d\n", brute_guess, hash);
+ add_new_cracked(solved, brute_guess);
+ printf("remaining passwords are : %d\n", remaining_hashes(ht));
+ }
+ free(hex_guess);
+ if (remaining_hashes(ht) == 0){
+ break;
+ }
+ }
+ }
+ }
+ }
+ return 0;
+}
+
+void generate_guesses_four(int n_guesses, HashTable *ht, Passwords* solved){
+ FILE* file = fopen("proj-2_common_passwords.txt", "r");
+ char line[20];
+ SHA256_CTX ctx;
+ int hash;
+ while (fgets(line, sizeof(line), file) && remaining_hashes(ht) > 0){
+ line[4] = '\0';
+ // printf("%s\n", line);
+ sha256_init(&ctx);
+ sha256_update(&ctx, (BYTE*)line, strlen(line));
+ BYTE guess[32];
+ sha256_final(&ctx, guess);
+ char* hex_guess = sha256_byteToHexString(guess);
+ if ((hash = hash_table_get(ht, hex_guess))>0){
+ printf("%s %d\n", line, hash);
+ add_new_cracked(solved, line);
+ print_passwords(solved);
+ printf("remaining passwords are : %d\n", remaining_hashes(ht));
+ }
+ free(hex_guess);
+ }
+ printf("finished file");
+ fclose(file);
+}
\ No newline at end of file
diff --git a/four_password_strategy.h b/four_password_strategy.h
new file mode 100644
index 0000000000000000000000000000000000000000..c65148ae4d4d1bde3fe296d57a6f32f6396215c0
--- /dev/null
+++ b/four_password_strategy.h
@@ -0,0 +1,10 @@
+#include <stdlib.h>
+
+#include "hashtable.h"
+#include "proj-2_sha256.h"
+#include "passwords.h"
+void brute_force_four(HashTable *ht, Passwords* solved);
+
+int popular_character_guess_four(HashTable *ht, Passwords* solved);
+
+void generate_guesses_four(int n_guesses, HashTable *ht, Passwords* solved);
diff --git a/passwords.c b/passwords.c
new file mode 100644
index 0000000000000000000000000000000000000000..dc37220729be0c29c32d3aea3735e65302fdbf8a
--- /dev/null
+++ b/passwords.c
@@ -0,0 +1,50 @@
+
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <assert.h>
+#include <string.h>
+
+#include "passwords.h"
+
+struct passwords {
+ char **cracked; //array of words
+ int passwords_left;
+ int current_size;
+};
+
+Passwords* create_passwords(int passwords_to_guess){
+ Passwords* passwords = malloc(sizeof *passwords);
+ assert(passwords);
+ passwords->cracked = malloc(sizeof(char*)*passwords_to_guess);
+ assert(passwords->cracked);
+ passwords->passwords_left = passwords_to_guess;
+ passwords->current_size = 0;
+ return passwords;
+}
+
+void add_new_cracked(Passwords * pwrds, char* pword){
+ pwrds->cracked[pwrds->current_size] = calloc(6, sizeof(char*));
+ assert(pwrds->cracked[pwrds->current_size]);
+ memcpy(pwrds->cracked[pwrds->current_size], pword, strlen(pword));
+ pwrds->current_size++;
+ pwrds->passwords_left--;
+}
+
+int remaining_passwords(Passwords *pwrds){
+ return pwrds->passwords_left;
+}
+
+void free_passwords(Passwords* pwrds){
+ for(int i=0; i < pwrds->current_size; i++){
+ free(pwrds->cracked[i]);
+ }
+ free(pwrds->cracked);
+ free(pwrds);
+}
+
+void print_passwords(Passwords* pwrds){
+ for(int i=0; i< pwrds->current_size; i++){
+ printf("%s\n", pwrds->cracked[i]);
+ }
+}
\ No newline at end of file
diff --git a/passwords.h b/passwords.h
new file mode 100644
index 0000000000000000000000000000000000000000..b765b08d54725d07ede9ffa51469e401306fed4d
--- /dev/null
+++ b/passwords.h
@@ -0,0 +1,15 @@
+#include <stdbool.h>
+
+typedef struct passwords Passwords;
+
+
+
+Passwords* create_passwords(int passwords_to_guess);
+
+void add_new_cracked(Passwords * pwrds, char* pword);
+
+int remaining_passwords(Passwords *pwrds);
+
+void free_passwords(Passwords* pwrds);
+
+void print_passwords(Passwords* pwrds);
\ No newline at end of file
diff --git a/sha256-helper.c b/sha256-helper.c
new file mode 100644
index 0000000000000000000000000000000000000000..86f849960344be6f564ec6e5f25c34b2f011b6f3
--- /dev/null
+++ b/sha256-helper.c
@@ -0,0 +1,16 @@
+#include <stdlib.h>
+#include <assert.h>
+#include "proj-2_sha256.h"
+#include "sha256-helper.h"
+char *sha256_byteToHexString(BYTE data[]) {
+ char *hexC = "0123456789abcdef";
+ char *hexS = malloc(65);
+ assert(hexS);
+ if (!hexS) return NULL;
+ for(BYTE i=0; i<32; i++) {
+ hexS[i*2] = hexC[data[i]>>4];
+ hexS[i*2+1] = hexC[data[i]&0xF];
+ }
+ hexS[64] = 0;
+ return hexS;
+}
\ No newline at end of file
diff --git a/sha256-helper.h b/sha256-helper.h
new file mode 100644
index 0000000000000000000000000000000000000000..1177d563b8c845f41b6f3fae6c4592ccadb7abae
--- /dev/null
+++ b/sha256-helper.h
@@ -0,0 +1,4 @@
+
+#include "proj-2_sha256.h"
+
+char *sha256_byteToHexString(BYTE data[]);
\ No newline at end of file
diff --git a/six_password_strategy.c b/six_password_strategy.c
new file mode 100644
index 0000000000000000000000000000000000000000..83b3c5111fca032451f8a65ec3b5c1547d321d9d
--- /dev/null
+++ b/six_password_strategy.c
@@ -0,0 +1,129 @@
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <assert.h>
+
+#include "hashtable.h"
+#include "proj-2_sha256.h"
+#include "six_password_strategy.h"
+#include "sha256-helper.h"
+
+void brute_force_six(HashTable *ht){
+ char brute_guess[6];
+ SHA256_CTX ctx;
+ int hash;
+ for(int i=65;i < 127; i++){
+ brute_guess[0] = (char)i;
+ for(int j=65;j < 127; j++){
+ brute_guess[1] = (char)j;
+ for(int k=33;k < 127; k++){
+ brute_guess[2] = (char)k;
+ for(int l=33;l < 127; l++){
+ brute_guess[3] = (char)l;
+ for(int m=33;m < 127; m++){
+ brute_guess[4] = (char)m;
+ for(int n=33;n < 127; n++){
+ brute_guess[5] = (char)n;
+ brute_guess[6] = '\0';
+ sha256_init(&ctx);
+ sha256_update(&ctx, (BYTE*)brute_guess, strlen(brute_guess));
+ BYTE guess[32];
+ sha256_final(&ctx, guess);
+ char* hex_guess = sha256_byteToHexString(guess);
+ if ((hash = hash_table_get(ht, hex_guess))>0){
+ printf("%s %d\n", brute_guess, hash);
+ printf("remaining passwords are : %d\n", remaining_hashes(ht));
+ }
+ free(hex_guess);
+ if (remaining_hashes(ht) == 0){
+ break;
+ }
+ }
+ }
+ }
+ }
+ }
+ if(i == 127){
+ i = 33;
+ }
+ else if(i == 64){
+ break;
+ }
+ }
+}
+int popular_character_guess_six(HashTable *ht){
+ printf("popular character guess strategy\n");
+ char brute_guess[4];
+ SHA256_CTX ctx;
+ int hash;
+ char line[20];
+ FILE *file = fopen("common_password_frequency.txt", "r");
+ char frequent_characters[60];
+ int index = 0;
+ while (fgets(line, sizeof(line), file)){
+ line[1] = '\0';
+ frequent_characters[index] = line[0];
+ index++;
+ }
+ for(int i = 0;i < index; i++){
+ brute_guess[0] = frequent_characters[i];
+ for(int j = 0;j < index; j++){
+ brute_guess[1] = frequent_characters[j];
+ for(int k = 0;k < index; k++){
+ brute_guess[2] = frequent_characters[k];
+ for(int l = 0;l < index; l++){
+ brute_guess[3] = frequent_characters[l];
+ for(int m = 0;m < index; m++){
+ brute_guess[4] = frequent_characters[m];
+ for(int n = 0;n < index; n++){
+ brute_guess[5] = frequent_characters[n];
+ brute_guess[6] = '\0';
+ sha256_init(&ctx);
+ sha256_update(&ctx, (BYTE*)brute_guess, strlen(brute_guess));
+ BYTE guess[32];
+ sha256_final(&ctx, guess);
+ char* hex_guess = sha256_byteToHexString(guess);
+ // printf("%s\n", brute_guess);
+ if ((hash = hash_table_get(ht, hex_guess))>0){
+ printf("%s %d\n", brute_guess, hash);
+ printf("remaining passwords are : %d\n", remaining_hashes(ht));
+ }
+ free(hex_guess);
+ if (remaining_hashes(ht) == 0){
+ break;
+ }
+ }
+ }
+ }
+ }
+ }
+ }return 0;
+}
+
+
+
+
+
+void generate_guesses_six(int n_guesses, HashTable *ht){
+ FILE* file = fopen("proj-2_common_passwords.txt", "r");
+ char line[20];
+ SHA256_CTX ctx;
+ int hash;
+ printf("start generate");
+ while (fgets(line, sizeof(line), file) && remaining_hashes(ht) > 0){
+ line[6] = '\0';
+ // printf("%s\n", line);
+ sha256_init(&ctx);
+ sha256_update(&ctx, (BYTE*)line, strlen(line));
+ BYTE guess[32];
+ sha256_final(&ctx, guess);
+ char* hex_guess = sha256_byteToHexString(guess);
+ if ((hash = hash_table_get(ht, hex_guess))>0){
+ printf("%s %d\n", line, hash);
+ printf("remaining passwords are : %d\n", remaining_hashes(ht));
+ }
+ free(hex_guess);
+ }
+ printf("finished file");
+ fclose(file);
+}
\ No newline at end of file
diff --git a/six_password_strategy.h b/six_password_strategy.h
new file mode 100644
index 0000000000000000000000000000000000000000..8847660f8f01db440969f951c4c708a2511cf747
--- /dev/null
+++ b/six_password_strategy.h
@@ -0,0 +1,7 @@
+#include <stdlib.h>
+
+#include "hashtable.h"
+void brute_force_six(HashTable *ht);
+void generate_guesses_six(int n_guesses, HashTable *ht);
+int popular_character_guess_six(HashTable *ht);
+char *sha256_byteToHexString(BYTE data[]);
\ No newline at end of file