TUCoPS :: Password Security
:: devbrute.txt
11a on Brute Force Hacking
-11A- DEV BRUTEFORCE -11A-
If there's an encrypted password, you can decrypt it.
Therefore, a saved password is a possible weakness.
What if someone got a copy of the password file?
It would be a severe, maybe unrecoverable security chaos.
So security experts sat down and thought about how to fight password cracking.
The hash/checksum algorithms were born.
Instead of saving the password, they saved a small value, and only a few passwords
would generate the same value, one in a thousand or maybe not even one in a million.
However, what they couldn't predict was the speed of computer development.
Within a few years computers they would have called "supercomputers" were available
for ordinary people (such as crackers and hackers).
The unencrytable passwords were about to be cracked.
Instead of trying to make smart mathematical attacks which math/computer scientists
had tried, crackers used a technic called Bruteforce.
Instead of some neat scientific calculations, bruteforce tests every possible combination.
A bruteforce never fails, if you just give it enough time.
You probably get a couple of false (but OK) passwords.
One possible problem could be that for example you search for contains characters you
haven't included in your bruteforce, like if you would search for passwords containing
only A, B and C and the password contain a D.
-------------------------------------------------------
Here's a short example of a bruteforce made in pascal.
It's really slow (you should only bruteforce with fast assembler codes)
but states the logic pretty well for all you high-level dudes....
procedure BruteForce (var code : string);
var b : byte;
label nextChar;
begin
b := length(code);
nextChar:
if code[b] = brute_highest then begin
code[b] := brute_lowest;
if b > 1 then begin
dec(b);
goto nextChar;
end else
code := code + brute_lowest ;
end else
code[b]:= chr(1+ord(code[b]));
end;
-------------------------------------------------------
Here's an good bruteforce made in assembler for use in Pascal.
It's the fastest bruteforcer I ever seen, but you could speed it up somewhat if you
made it local, and kept data within the procedure instead of pushing it everytime
you called the procedure...
Don't ask me to explain it, I made it years ago and since then I've hardly even
looked at the source. All is happily forgotten ;-)
Observe: This code must be compiled with a {$F+} statement or within a unit.
procedure BruteForceAsm
(var code : string; low, high : char); assembler;
asm
PUSH DS
LDS BX,[BP+10] {; get DS, string offset to BX}
xor ch,ch
mov cl,[bx] {; length of string}
mov dl,[BP+8] {; lowest}
mov dh,[BP+6] {; highest}
@nextChar:
mov si,bx {;}
add si,cx {; si points to string[cx]}
cmp [si],dh
jb @charIsNotHighest
mov [si],dl
cmp cl,1
jbe @incLength
loop @nextChar
@incLength:
mov cl,[bx] {; string length}
inc cl
mov [bx],cl
add bx,cx
mov [bx],dl
jmp @theEnd
@charIsNotHighest:
inc byte ptr [si]
@theEnd:
POP DS
end;
Site design & layout copyright © 1986-2025 AOH