Writing a Randomized Bruteforce Attack in C/C++

The randomized bruteforce attack works by guessing possible passwords in a random order unlike the sequential bruteforce attacks which guesses passwords in a logical order.

Writing a randomized bruteforcer is very similar to writing a sequential bruteforcer. The only change in the attack is the password generation. For the password generation, in order to efficiently guess the password, you'll want to guess inside of a range character length. For example, if I was attacking someone, I would only try passwords between 6 and 8 characters in length since that is the average password size. Once you have the length decided upon and you have the location to attack specified, all thats left to do is generate and try passwords.

Below is a simple randomized bruteforce attack I wrote in C/C++:

 /*Change "(" to "<" and change ")" to ">" */
#include (iostream)
#include (string)
 
      using namespace std;
 
      /*Prototypes*/
      void checkPassword(string password);
    
      /*Globakl Variables*/
      char chars[]={'0','1','2','3','4','5','6','7','8','9','a','b','c','d','e','f','g','h','i','j','k','l','m','n','o','p','q','r','s','t','u','v','w','x','y','z'};
      string t;
 
      /*This function checks to see if the generated password is correct*/
      void checkPassword(string password) {
         
      cout << "Trying this password: " << password << endl;

      if (password==t) {
 
      cout << "match [" << password << "]" << endl;
    
      int pause;
      cin >> pause;
 
      exit(1);
 
      }
 
      }
    
      int main() {
 
      cout << "Enter a string (No more then 10 characters for demonstration purposes): " << endl;
 
      cin >> t;
 
      int passwordsize = t.length();
      string basestring = "";
 
      for(;;){
 

    /*Generate and then check the password*/
      for(int i=0;i
 
      int chooseachar = rand() % 35 + 0;
      basestring += chars[chooseachar];
 
      }
      checkPassword(basestring);
      basestring = "";
      }
 
      return 0;
 
      }

Really, this attack is much simpler then the sequential bruteforce attacks and should be very easy for everyone to understand. One quick note about it, for demonstration purposes, it only guesses passwords as long as the one you input.

Writing a Sequential Bruteforce Attack in C/C++

The bruteforce attack is simple enough to understand. It is performed by entering in every possible password that can be accepted by a system until the correct password is entered. However, actually writing one is a bit more complex. There's a complex underlying logic involved simply entering in every password. This post will cover the logic of programming a sequential bruteforcer and cap off with writing a sequential ascending bruteforcer in C/C++. Lastly, I will show a quick trick to turn the sequential ascending bruteforcer into a sequential descending bruteforcer.

A bruteforcer has three main logical components: A selection where the user inputs specific location of the attack; Generating the passwords to test; Testing the password.

Having the user input the specific location to attack is arguably the easiest part of writing a bruteforcer. This part can actually be "hard-coded" (specified by the programmer so no input is required) so I was thinking of not even mentioning it. But, I decided to bring it up as any bruteforcer meant to be used by more then one person will include this. Let's say we've written a bruteforcer that attacks Yahoo accounts. In this case, the bruteforcer will be programmed to attack Yahoo accounts, but the user must input the Yahoo account to specifically attack. This first component of the bruteforcer will handle thus handles obtianing this information.

Once the bruteforcer knows what it is going to attack, it must generate the password to try. In a sequential bruteforcer, the password tried each time will be sequentially one step away from the last password tried. So, in a sequential ascending bruteforcer, the bruteforcer will try the password 000001 followed by 000002. This works in reverse in a sequential descending bruteforcer. The programming of this is generally handled by writing a continuous loop which breaks only when the password generated is successful. Meanwhile, a handful of variables constantly increment with each run through the loop. When all of the possible passwords are tried, the variables are all reset as low as possible, the number of characters in the password is incremented or decremented, and the process begins again with checking all of the passwords one character longer or shorter then the last number of characters in a password. In practice, this is simpler then it sounds.

The last main component of a bruteforcer is the part in which a bruteforcer checks to see if it's generated the correct password. In some cases, this can surprisingly be the hardest part of the bruteforcer to write. Using our Yahoo example again, writing this part of the bruteforcer requires a knowledge of the Yahoo API. It's really hard for me to write how to perform the password check as each check will be written differently. While all checks are simple from a broad perspective, this is liable to get quite complex depending on what you're trying to bruteforce. My recommendation is to look for a library to do the check for you so you can do the least amount of work possible to perform what is really be a trivial step overall.

Here is the code I wrote to an ascending bruteforcer in C/C++. It's really rather small code and thus pretty self-explanatory. (The comments should help explain things too):

/*Change "(" to "<" and change ")" to ">" */
#include (iostream)
#include (string)
  
      using namespace std;
  
      /*Prototypes*/
      void checkPassword(string password);
      void recurse(int width, int position, string baseString);
     
      /*Global Variables*/
      char chars[]={'0','1','2','3','4','5','6','7','8','9','a','b','c','d','e','f','g','h','i','j','k','l','m','n','o','p','q','r','s','t','u','v','w','x','y','z'};
      string t;
 
      /*This function generates the password*/
      void recurse(int width, int position, string baseString) {
 
      for(int i=0;i<35;i++) {
 
      if (position < width-1) {
 
      recurse(width, position + 1, baseString+chars[i]);
 
      }
 
      checkPassword(baseString+chars[i]);
 
      }
 
      }
 
      /*This function checks to see if the generated password is correct*/
      void checkPassword(string password) {
          
      cout << "Trying this password: " << password << endl;

      if (password==t) {
 
      cout << "match [" << password << "]" << endl;
     
      int pause;
      cin >> pause;
 
      exit(1);
 
      }
 
      }
     
      int main() {
  
      cout << "Enter a string (No more then 10 characters for demonstration purposes): " << endl;
 
      cin >> t;
 
      int maxChars = 10;
 
      for(int i=1;i

      cout << "Checking passwords width [" << i << "]..." << endl;
 
      recurse(i,0,"");
 
      }
 
      return 0;
 
      }

To turn this into a sequential descending brutefrocer, make two small changes. Change the chars[] to equal: {'z','y','x','w','v','u','t','s','r','q','p','o','n','m','l','k','j','i','h','g','f','e','d','c','b','a','9','8','7','6','5','4','3','2','1','0'};
And lastly change the for loop in main() to:
for(int i = maxChars; i >0; i++) {

For those of you who still might not fully understand how all of the C/C++ works, I strongly encourage you to compile the bruteforcer program to further your study. I hope all of you reading this have found the subject of bruteforcers to be as fascinating as I find them to be.

if ... then with C/C++

Absolutely the most central part of the core of every program is the if ... then statements of every program. The purpose of an if ... then statement is to check to see if something is true, and then perform an action if it is true.

Let me give you a few examples:

• If Mario is hit by a barrel, then get rid of one of the players lives
• If a user is banned, then do not let them post comments
• If dogs hate cats, then dogs fight with cats
• If a new video game is a AAA title, then it will sell a lot of copies

In C++ we perform if checks based on a variables' value. There are seven basic checks we can perform:

1. If a value is equal to another value ( == )
2. If a value is not equal to another value ( != )
   
3. If a value is greater than another value ( > )
4. If a value is less then another value ( < )
5. If a value is greater than or equal to another value ( >= )
6. If a value is less than or equal to another value ( <= )
7. If a value is greater than 0 ()
8. If a value is less than or equal to zero (!)

The basic syntax of an if ... then statement is below:  
if(value_one check value_two){ 
code to execute if the if statement is true  
}  

Here is a long, although perfectly practical example of a use of all of the basic if statements in a simple C/C++ program:
#include (iostream)


int main(){ 

int janes_age = 0; 
int bills_age = 0; 

std::cout << "How old is Jane?";
std::cin >> janes_age;  

std::cout << "How old is Bill?"; 
std::cin >> bills_age;  

//Now lets see how their ages compare  

if(janes_age == bills_age){  
std::cout << "Jane is the same age as Bill";
}  

if(janes_age != bills_age){
std::cput << "Jane is not the same age as Bill";
}


if(janes_age > bills_age){  
std::cout << "Jane is older than Bill";
}

if(janes_age <= bills_age){  
std::cout << "Bill is older than or the same age as Jane.";  
}

if(bills_age <= janes_age){  
std::cout << "Bill is younger than or the same age as Jane.";
} 

if(!janes_age){ std::cout << "Jane is not even more than 0 years old yet!";
} 
 
if(bills_age){ 
std::cout << "Bill is more than 0 years old."; 
} 
 
int pause; 
cin >> pause; 
 
return 0;  
} 
 
The program listed above creates two variables representing the age of two people; Bill and Jane. The program than asks the user to assign a values to be held by each variable. After wards, the program uses all of the seven basic if statements to compare the variables and output text if each if statement is true. But would happen if your programming duties asked you, the programmer, to compare the truth behind two if ... then statements and then execute code if they were both true? Here's a few examples to show you what I mean:

• If Mario is hit by a barrel and the player's health is equal to 1, then the game is over
• If dogs hate cats and cats hate dogs, then dogs and cats fight
• If a new game is a AAA title and it was developed by Davide Jaffe, then it will sell lots of copies

In C/C++ we use the character's && to represent and. The and clause is a clause that returns true only when both of it's depending clauses are true. The following is an if ... then statement that could be used in the program you read about Bill and Jane previously:
if(janes_age < bills_age && janes_age < 5){
std::cout << "Jane is younger than Bill because she is only a toddler.";
}  

In this example, the if statement is only tue if Janes age is less than Bills age and if Jane is less than 5. If either one or both of these two statements is false, then the if ... then statement is not true and the computer will not output, "Jane is younger than Bill because she is only a toddler." The following would also work the same way as the above example:
if((janes_age < bills_age) && (janes_age < 5)){ 
std::cout << "Jane is younger than Bill because she is only a toddler."; 
}  

The extra set of parenthesis in this second example does nothing to change the statement but many programmers, myself included, feel that is makes the if statement look more clear. This is especially true when you're writing complex if ... then statements such as collison routines ;-) The other, last, type of clause used in if statements is the or clause. The or clause only returns true if at least one of it's depending statements are true. Heres a few examples of using an or clause:

• If Mario is hit by a barrel or a fireball, then Mario is dead.
• If dogs hate cats or cats hate dogs, then dogs and cats fight
• If a user is banned permanently or temporarily, then he can not post comments

In C/C++ the or clause is represented by the characters ||. Here is an example of using an or that could be applied to our program about Jane and Bill: 
if((janes_age > bills_age) || (bills_age < janes_age)){
std::cout << "Jane is older than Bill";
}

In this example the computer will output, "Jane is older than Bill" if either janes_age is greater than bills_age or bills_age less than janes_age. 
 
if ... then statements are used literally everwhere in programming. Every laguage harnesses them, and every program has too many of them to count. While the examples provided here were simple, the core idea I hope I got across to you, the reader, is that without if ... then statements computer programs as we know them would not exist. (And I also hoped you learned how to properly use them in your C/C++ programs as well ;-) )

Coding Section

This post is an archive documenting all posts related to coding or computer programming.

General Programming Tutorials

• How to set-up and SVN on Googlecode and how to use Tortoise
  

C++ Tutorials

• What are C and C++?
• Setting up for C++
• Analysis of the Hello World program
• Comments with C++
• Variables with C++
• C++ Keyword: typedef
• The least you need to know about scopes with C++
• C++ Keyword: using and a little on Namespaces
• if ... then statements with C/C++
• Writing a sequential bruteforce attack in C/C++
• Writing a randomized bruteforce attack in C/C++
  

Wii Homebrew Development

• How to play external MP3 files with libogc's MP3Player
• How to output text from fonts with libwiisprite
• How to program with the balance board
  

My developments tools

• My ALLEGRO Sprite Class
• gl2gx Compilation
• libwiisprite devkitPROr19 recompilation
  

Insight

• Why I'm developing with ALLEGRO
• The bruteforce attack  
  
• More effective bruteforcing
  

Editorial

• Why Windows is the best target development platform for computers

Special: Porting DeSmuME to Wii

• Part 1
• Part 2
• Part 3
• Part 4
• Part 5
  

What are C and C++?

A computer programming language is a language which can be written in by humans and understood and executed by a computer. C and C++ are computer programming languages. They're the language of choice for for many programmers due to their portability and compatibility with a variety of platforms and with the needs of the programmer to use them.

C was developed by Dennis Ritch in 1972. C is a very straight forward, structured programming language. C++ was developed by Bjarne Stroustrup in 1983 as an extension to C which eventually grew into it's own language. Unlike C, C++ is an object oriented programming language. While C++ can be written in a structured, straight forward manner like C, its object oriented properties encourage programmers to program around objects (or clases, in C++).

C++ is perfectly compatible with C, and many programs written in either language will most times include at least a few files written in the other. Both languages offer low level access to the system they are run on. Homebrewers (of all kinds) will almost always program in these languages because of their portability and low level access.

If you are going to learn the languages, I suggest learning C++ first. From a high level standpoint, C is basically a version of C++ with less features and syntax and endian changes. It is far easier for most people to later "downgrade" a bit and learn C then to "upgrade" and learn C++ which will then make C++ feel like learning an entirely new language.