Page 1 of 2

App13 Bruteforce Guide

PostPosted: Fri Apr 03, 2009 1:55 pm
by overflownull
Look the absolute easiest way to do app13 is with a bruteforce method. Note this method will consume your computers processor time significantly and will cause your system to run slow during execution. To not give away the actual code heres a pseudocode shell:

loop i 1..999
loop j 1...999
loop k 1...999
loop l 1...999
run app13 with 1 j k l params and >> the results to a file.

also note: This code will loop up to 999^4 to it will take awhile

Re: App13 Bruteforce Guide

PostPosted: Fri Apr 03, 2009 3:35 pm
by Dredric1
i made a brute forcer for passwords

and it is like 64^8 at its max
and that would like take forever

so 999^4 is litteraly inconcivible how does it go that fast

to be able to crack it in a worh while ammount of time

if the computer can try 200 a second
it would take 315.8314295 years to go through all the combinaitons
if im correct

but i think all you would need would be

Code: Select all
int[] crack = { 1,2,3,4,5,6,7,8,9,0}
this is C# - not all the code you would need
which in turn is all the combinatons of 999^4

so that would end up being 10^4

at the same computing power it would take - about a minute or two to crack it
im not understanding why you need 1-999 what is the point of wasting that time.

please explain

Re: App13 Bruteforce Guide

PostPosted: Fri Apr 03, 2009 3:59 pm
by overflownull
I was putting a basic nested for loop that would test every not saying i did it with this code. However if you do have 4 nested loops that will test 999*999*999*999 combinations which is 999^4. i wasnt refering to the O(n) of my program or how fast it would solve it just saying if you do it with a basic for-loop nested 4 times, this is what will happen.

Also, your code with crack = {1..9} is basically what i did, i was just putting out there that if you have unlimited resources time and nothing better to do, it is possible.

Heres an example of what i was referring to
Code: Select all
for (int i=1; i<999; i++)
  for (int j=1; j<999; j++)
   for (int k =1; k<999; k++)
    for (int l=1; l<999; l+++)

This will eventually return every combination and permutation of each number however ineffecient it is.

Re: App13 Bruteforce Guide

PostPosted: Sun Apr 05, 2009 3:45 am
by eljonto
This is a ridiculous way to solve the mission XD - if they wanted you to do it this way they would've made the password quite a few numbers shorter. They give you a hint about how some hackers monitored activity whilst trying different password for smartcards so you have to apply the same concept here.

Code: Select all
if(firstnumberinputted == correctfirstnumber){
    if(secondnumberinputted == correctsecondnumber){
        if(thirdnumberinputted == correctthirdnumber){
            if(fourthnumberinputted == correctfourthnumber){
                all correct numbers, win
                wrong number, exit
            wrong number, exit
        wrong number, exit
    wrong number, exit

now obviously you can't monitor what the hackers monitored for smartcards- but think like this, if the first number is wrong the program exits if it is right- it has to check the other numbers- the exiting process is significantly shorter than the checking the other numbers process so there will be a different time amount taken to do each process so what do you think you should monitor??

btw- check out defiences great article on this app mission

Re: App13 Bruteforce Guide

PostPosted: Mon Apr 06, 2009 9:07 am
by Defience
Thanks Eljonto ;)
Trying to brute force this isn't the sensible way to go and I'm not sure that would even work. The key to this is in timing how long the program will 'pause' on a certain number. Use your loop to get one set of numbers at a time.

Numbers in loop time taken before moving on to the next number

100 --------> .073
101 --------> .075
102 --------> .081
103 --------> .020
104 --------> .056
105 --------> .095
106 --------> .045

Using this set of numbers as an example, 100 would obviously be printed out first but then 102 > 100's time and then 105>102's time. It isn't necessary to print out every single number and then examine the times of each one, just have it print out if a numbers time is greater than previous ones. Link to article:

Re: App13 Bruteforce Guide

PostPosted: Mon Aug 24, 2009 12:39 am
by edilVin
my question is, does the app13win tells you if any of the numbers is right? or I must go through every single combination? you know, it would be very helpful to narrow the brute force algorithm to a smaller number of combinations.

EDIT: Never mind I got it. My first approach was insanely devastating to my comp. I totally solved it with a batch, was not necessary but very fun though. Brute force alg. not hard at all just had to keep in mind that a process must be done before to try another set of numbers or the computer will be drowsy for a while (is not gonna happen again baby :cry: I promise) :)

Re: App13 Bruteforce Guide

PostPosted: Fri Jul 30, 2010 4:06 pm
by UKCrack
Hey there,
Im having a bit of trouble with this app, Ive coded thee brute forcer in c# and measuring the time taken for the program to run is a nightmare, i keep getting different values each time. Ive tried measuring by use of a stop watch, checking by totalprocesstime, and userprocesstime. I get the feeling that bruting this on a slower machine should give more accurate results in terms of timing. I can get what i believe is slightly better results when running in low power mode with no interaction with the computer but still nothing accurate.

Re: App13 Bruteforce Guide

PostPosted: Fri Jul 30, 2010 9:57 pm
by mojo1948
One time is always the right time.

Re: App13 Bruteforce Guide

PostPosted: Fri Sep 24, 2010 11:50 am
by xhor
mojo1948 wrote:One time is always the right time.

That's not true. I did this on an ~4 year old laptop and I was getting wildly different results every time. In that case I had to do multiple passes and average them. 5 passes worked fine for this cpu. Took like 40 minutes though :D

Re: App13 Bruteforce Guide

PostPosted: Fri Sep 24, 2010 2:49 pm
by Defience
Eliminating all other running process first helps.