Esempio n. 1
0
void bruteforceAttack(Account **accounts, int max_len)
{
    int i, j, k, nb, found;
    char *word = NULL;
    char *hash = NULL;
    Account *account = NULL;

    /* *** Check parameters *** */
    if (accounts == NULL)
        goto exit;
    if (max_len < 1)
        max_len = BRUTE_FORCE_DEFAULT_LEN;

    /* *** Init *** */
    nb = AccountsLen(accounts);
    found = 0;

    word = malloc((max_len + 1) * sizeof(char));
    if (word == NULL)
    {
        fprintf(stderr, "error : memory allocation failed\n");
        goto exit;
    }

    for (i = 1; i <= max_len; i++)
    {
        for (j = 0; j < i; j++)
            word[j]='a';
        word[i]=0;
    
        do
        {
            /* *** If all accounts have been cracked *** */
            if (found == nb)
                goto exit;

            /* *** Display the testing word *** */
            printf(" %s\n", word);

            /* *** Try the word for each account *** */
            for (k = 0; k < nb; k++)
            {
                account = accounts[k];

                /* *** Get the hash of the word *** */
                switch(account->id)
                {
                    case MD5:
                        hash = crypt_md5(word, account->salt,
                                account->rounds);
                        break;
                    case SHA256:
                        hash = crypt_sha256(word, account->salt,
                                account->rounds);
                        break;
                    case SHA512:
                        hash = crypt_sha512(word, account->salt,
                                account->rounds);
                        break;
                }   

                /* *** Check if the word hash is identical *** */
                if (hash != NULL)
                {
                    if (account->password == NULL && 
                        !strcmp(account->hash, hash))
                    {
                        printf("\nlogin    : %s\n", account->login);
                        printf("password : %s\n", word);
                        account->password = (char *) malloc(strlen(word)
                                                             + 1);
                        if (account->password == NULL)
                            fprintf(stderr, "error : memory allocation "\
                                    "failed\n");
                        memset(account->password + strlen(word), '\0', 1);
                        getchar();
                        found++;
                    }
                    free(hash);
                    hash = NULL;
                }
            }
        } while (inc(word));
    }

    /* *** Restore memory *** */
    free(word);
    word = NULL;

exit:
    if (hash != NULL)
        free(hash);
    return ;
}
Esempio n. 2
0
void dictionaryAttack(Account **accounts, const char *dico)
{
    int i, nb, found;
    size_t read, len;
    char *line = NULL;
    char *word = NULL;
    char *hash = NULL;
    FILE *f = NULL;
    Account *account = NULL;

    /* *** Init *** */
    nb = AccountsLen(accounts);
    found = 0;

    /* *** Check parameters *** */
    if (accounts == NULL || dico == NULL)
        goto exit;

    /* *** Try to open the dictionary *** */
    f = fopen(dico, "r");
    if (f == NULL)
    {
        fprintf(stderr, "error : unable to open %s\n", dico);
        goto exit;
    }

    /* *** Try each word in the dictionary *** */
    while ((read = getline(&line, &len, f)) != EOF)
    {
        /* *** If all accounts have been cracked *** */
        if (found == nb)
            goto exit;

        word = strtok(line, "\r\n");
        if (word == NULL)
            continue;

        /* *** Print the word *** */
        printf(" %s\n", word);

        /* *** Try the word for each account *** */
        for (i = 0; i < nb; i++)
        {
            account = accounts[i];
            switch(account->id)
            {
                case MD5:
                    hash = crypt_md5(word, account->salt, account->rounds);
                    break;
                case SHA256:
                    hash = crypt_sha256(word, account->salt,
                            account->rounds);
                    break;
                case SHA512:
                    hash = crypt_sha512(word, account->salt,
                            account->rounds);
                    break;
            }

            /* *** Check if the hash is identical *** */
            if (hash != NULL)
            {
                if (account->password == NULL && 
                        !strcmp(account->hash, hash))
                {
                    printf("\nlogin    : %s\n", account->login);
                    printf("password : %s\n", word);
                    account->password = (char *) malloc(strlen(word) + 1);
                    if (account->password == NULL)
                    {
                        fprintf(stderr, "error : memory allocation "\
                                "failed\n");
                        goto exit;
                    }
                    strcpy(account->password, word);
                    memset(account->password + strlen(word), '\0', 1);
                    found++;
                    getchar();
                }
                free(hash);
            }
        }

        /* *** Restore memory *** */
        free(line);
        line = NULL;
        word = NULL;
        hash = NULL;
    }

exit:
    if (f != NULL)
        fclose(f);
    if (line != NULL)
        free(line);
    if (hash != NULL)
        free(hash);
}
Esempio n. 3
0
int
main(void)
{
	SHA512_CTX ctx;
	uint8_t sum[64];
	int result = 0;
	int i, cnt;

	for (cnt = 0; cnt < (int)ntests; ++cnt) {
		SHA512_Init(&ctx);
		SHA512_Update(&ctx, tests[cnt].input, strlen(tests[cnt].input));
		SHA512_Final(sum, &ctx);
		if (memcmp(tests[cnt].result, sum, 64) != 0) {
			printf("test %d run %d failed\n", cnt, 1);
			result = 1;
		}

		SHA512_Init(&ctx);
		for (i = 0; tests[cnt].input[i] != '\0'; ++i)
			SHA512_Update(&ctx, &tests[cnt].input[i], 1);
		SHA512_Final(sum, &ctx);
		if (memcmp(tests[cnt].result, sum, 64) != 0) {
			printf("test %d run %d failed\n", cnt, 2);
			result = 1;
		}
	}

	/* Test vector from FIPS 180-2: appendix C.3. */
	char buf[1000];

	memset(buf, 'a', sizeof(buf));
	SHA512_Init(&ctx);
	for (i = 0; i < 1000; ++i)
		SHA512_Update(&ctx, buf, sizeof(buf));
	SHA512_Final(sum, &ctx);
	static const char expected[64] =
	"\xe7\x18\x48\x3d\x0c\xe7\x69\x64\x4e\x2e\x42\xc7\xbc\x15\xb4\x63"
	"\x8e\x1f\x98\xb1\x3b\x20\x44\x28\x56\x32\xa8\x03\xaf\xa9\x73\xeb"
	"\xde\x0f\xf2\x44\x87\x7e\xa6\x0a\x4c\xb0\x43\x2c\xe5\x77\xc3\x1b"
	"\xeb\x00\x9c\x5c\x2c\x49\xaa\x2e\x4e\xad\xb2\x17\xad\x8c\xc0\x9b";

	if (memcmp(expected, sum, 64) != 0) {
		printf("test %d failed\n", cnt);
		result = 1;
	}

	for (cnt = 0; cnt < ntests2; ++cnt) {
		char *cp = crypt_sha512(tests2[cnt].input, tests2[cnt].salt);

		if (strcmp(cp, tests2[cnt].expected) != 0) {
			printf("test %d: expected \"%s\", got \"%s\"\n",
			       cnt, tests2[cnt].expected, cp);
			result = 1;
		}
	}

	if (result == 0)
		puts("all tests OK");

	return result;
}