App13 Bruteforce Guide

Learn to reverse engineer through some common application security methods.
Forum rules
DO NOT POST ANSWERS OR SPOILERS! [IE: Mission Links, Mission File Names/Pages, Scripts/Code, etc.]

Posting these will result in warnings/bans!

Re: App13 Bruteforce Guide

Post by d3v11 on Thu Oct 28, 2010 4:42 pm
([msg=48265]see Re: App13 Bruteforce Guide[/msg])

Code: Select all
#include <iostream>
#include <string>
#include <cstdio>
#include <stdio.h>
#include <stdlib.h>
using namespace std;

int main()
{
string characters[93]; characters[91]="\\\\";
characters[1]="a"; characters[31]="E"; characters[61]="8";
characters[2]="b"; characters[32]="F"; characters[62]="9";
characters[3]="c"; characters[33]="G"; characters[63]="\\!";
characters[4]="d"; characters[34]="H"; characters[64]="\\@";
characters[5]="e"; characters[35]="I"; characters[65]="\\#";
characters[6]="f"; characters[36]="J"; characters[66]="\\$";
characters[7]="g"; characters[37]="K"; characters[67]="\\%";
characters[8]="h"; characters[38]="L"; characters[68]="\\^";
characters[9]="i"; characters[39]="M"; characters[69]="\\&";
characters[10]="j"; characters[40]="N"; characters[70]="\\*";
characters[11]="k"; characters[41]="O"; characters[71]="\\(";
characters[12]="l"; characters[42]="P"; characters[72]="\\)";
characters[13]="m"; characters[43]="Q"; characters[73]="\\-";
characters[14]="n"; characters[44]="R"; characters[74]="\\_";
characters[15]="o"; characters[45]="S"; characters[75]="\\=";
characters[16]="p"; characters[46]="T"; characters[76]="\\+";
characters[17]="q"; characters[47]="U"; characters[77]="\\[";
characters[18]="r"; characters[48]="V"; characters[78]="\\{";
characters[19]="s"; characters[49]="W"; characters[79]="\\]";
characters[20]="t"; characters[50]="X"; characters[80]="\\}";
characters[21]="u"; characters[51]="Y"; characters[81]="\\|";
characters[22]="v"; characters[52]="Z"; characters[82]="\\;";
characters[23]="w"; characters[53]="0"; characters[83]="\\:";
characters[24]="x"; characters[54]="1"; characters[84]="\\'";
characters[25]="y"; characters[55]="2"; characters[85]="\\\"";
characters[26]="z"; characters[56]="3"; characters[86]="\\,";
characters[27]="A"; characters[57]="4"; characters[87]="\\<";
characters[28]="B"; characters[58]="5"; characters[88]="\\.";
characters[29]="C"; characters[59]="6"; characters[89]="\\>";
characters[30]="D"; characters[60]="7"; characters[90]="\\/";

string character[93]; character[91]="\\";
character[1]="a"; character[31]="E"; character[61]="8";
character[2]="b"; character[32]="F"; character[62]="9";
character[3]="c"; character[33]="G"; character[63]="!";
character[4]="d"; character[34]="H"; character[64]="@";
character[5]="e"; character[35]="I"; character[65]="#";
character[6]="f"; character[36]="J"; character[66]="$";
character[7]="g"; character[37]="K"; character[67]="%";
character[8]="h"; character[38]="L"; character[68]="^";
character[9]="i"; character[39]="M"; character[69]="&";
character[10]="j"; character[40]="N"; character[70]="*";
character[11]="k"; character[41]="O"; character[71]="(";
character[12]="l"; character[42]="P"; character[72]=")";
character[13]="m"; character[43]="Q"; character[73]="-";
character[14]="n"; character[44]="R"; character[74]="_";
character[15]="o"; character[45]="S"; character[75]="=";
character[16]="p"; character[46]="T"; character[76]="+";
character[17]="q"; character[47]="U"; character[77]="[";
character[18]="r"; character[48]="V"; character[78]="{";
character[19]="s"; character[49]="W"; character[79]="]";
character[20]="t"; character[50]="X"; character[80]="}";
character[21]="u"; character[51]="Y"; character[81]="|";
character[22]="v"; character[52]="Z"; character[82]=";";
character[23]="w"; character[53]="0"; character[83]=":";
character[24]="x"; character[54]="1"; character[84]="'";
character[25]="y"; character[55]="2"; character[85]="\"";
character[26]="z"; character[56]="3"; character[86]=",";
character[27]="A"; character[57]="4"; character[87]="<";
character[28]="B"; character[58]="5"; character[88]=".";
character[29]="C"; character[59]="6"; character[89]=">";
character[30]="D"; character[60]="7"; character[90]="/";

int A, B, C, D, E, F, G, H, I, J, K, L, M, N, O, P, Q, R, S, T;
       A=1; B=1; C=1; D=1; E=1; F=1; G=1; H=1; I=1; J=1;
       K=1; L=1; M=1; N=1; O=1; P=1; Q=1; R=1; S=1; T=1;

string DICT, EXH, FILE;

cout << "Enter the file to crack:" << endl;
cin >> FILE;


DICT = string("./dtr7z -F ") + FILE;
system(DICT.c_str());

 
for (A=0; A<92; A++)
   {
    for (B=0; B<92; B++)
       {
        for (C=0; C<92; C++)
           {
            for (D=0; D<92; D++)
               {
                for (E=0; E<92; E++)
                   {
                    for (F=0; F<92; F++)
                      {
                       for (G=0; G<92; G++)
                          {
                           for (H=0; H<92; H++)
                              {
                               for (I=0; I<92; I++)
                                  {
                                   for (J=0; J<92; J++)
                                      {
                                       for (K=0; K<92; K++)
                                          {
                                           for (L=0; L<92; L++)
                                              {
                                               for (M=0; M<92; M++)
                                                  {
                                                   for (N=0; N<92; N++)
                                                      {
                                                       for (O=0; O<92; O++)
                                                          {
                                                           for (P=0; P<92; P++)
                                                              {
                                                               for (Q=0; Q<92; Q++)
                                                                  {
                                                                   for (R=0; R<92; R++)
                                                                      {
                                                                       for (S=0; S<92; S++)
                                                                          {
                                                                           for (T=0; T<92; T++)
                                                                              {
EXH = string("./exr7z -F ") + FILE + (" -P ") +
characters[A] + characters[B] + characters[C] + characters[D] + characters[E] +
characters[F] + characters[G] + characters[H] + characters[I] + characters[J] + 
characters[K] + characters[L] + characters[M] + characters[N] + characters[O] +
characters[P] + characters[Q] + characters[R] + characters[S] + characters[T];
system(EXH.c_str());
cout << "[STATUS:] " <<
        character[A] << character[B] << character[C] << character[D] <<
        character[E] << character[F] << character[G] << character[H] <<
        character[I] << character[J] << character[K] << character[L] <<
        character[M] << character[N] << character[O] << character[P] <<
        character[Q] << character[R] << character[S] << character[T] << endl;
                                                                              }
                                                                           }   
                                                                       }   
                                                                   }   
                                                               }   
                                                           }   
                                                       }   
                                                   }   
                                               }   
                                           }   
                                       }   
                                   }   
                               }   
                           }   
                       }
                   }
               }
           }
       }
   }

cout << "Sorry, bfr7z couldn't find the password." << endl;

return(0);
}


that's part of a bruteforcer I wrote in C++. It works just fine and calls from a dictionary first and afterwards goes into an exhaustive mode if that fails. Perhaps that helps?
"The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not on the chance of his not attacking, but rather on the fact that we have made our position unassailable." - Sun Tzu
User avatar
d3v11
New User
New User
 
Posts: 18
Joined: Thu Oct 28, 2010 4:34 pm
Blog: View Blog (0)


Re: App13 Bruteforce Guide

Post by jusb3 on Fri Oct 13, 2017 5:09 pm
([msg=94789]see Re: App13 Bruteforce Guide[/msg])

Old thread, but I think it should be mentioned that newer os seem to trigger some antidebugging thingy, it takes my win10 >10s everytime to run the app. Tested with xp vm and the runtime was < 1s, so if the app is running long, there is something wrong.
jusb3
New User
New User
 
Posts: 4
Joined: Tue Apr 01, 2014 7:18 am
Blog: View Blog (0)


Previous

Return to Application

Who is online

Users browsing this forum: No registered users and 0 guests