0

I have a file containing encrypted user passwords. I want to check each password with every possible combination of alphabetic characters (depending on the length the user gives) and if it's the same, I write it to a file, like a password authentication system using crypt function. However, when the algorithm runs for a time (with length >4) , it randomly drops a seg. fault, like the screenshot below.

enter image description here

#define _GNU_SOURCE
#include <stdio.h>
#include <time.h>
#include <unistd.h>
#include <crypt.h>
#include <string.h>
#include <stdlib.h>
#include <stdlib.h>
#include <sys/stat.h>
#define pass_size 10000000000

char *f_password,*f2_password,*log_password,*log_password2,*f3_password,*f4_founds;
int i=0,founds=0,ans,found=0,length;
char username[1000];
char password[1000];
int counter=0;


static const char alphabet[] =
"abcdefghijklmnopqrstuvwxyz"
"ABCDEFGHIJKLMNOPQRSTUVWXYZ"
"0123456789";
 int x=0;
static const int alphabetSize = sizeof(alphabet) - 1;



int main(void)
{

clock_t begin=clock();
void bruteSequential(int maxlen);
void bruteImpl(char* str, int index, int maxDepth);



printf("Press 1 for Bruteforce.\n");
printf("Press 2 for Exit.\n");
scanf("%d",&ans);



switch(ans)
 {


    case 1:
    {
        printf("Enter the length of the passwords\n");
        scanf("%d",&length);
        bruteSequential(length);
        break;

    }

    case 2:
    printf("Bye!\n");
    exit(1);

 }

 clock_t end=clock();
 double time_spent=(double)(end-begin)/CLOCKS_PER_SEC;      //clock ticking!
 printf("Time of process :  %f  Seconds \n",time_spent);
 return 0;

}






//bruteforse time 
void bruteImpl(char* str, int index, int maxDepth)
{
  FILE *f4=fopen("Users_found2.txt","a+");
  FILE *f=fopen("shadow_2016.txt","r");
  FILE *f6=fopen("encr_pass","a+");

    for (int i = 0; i < alphabetSize; ++i)
    {
        str[index] = alphabet[i];

        if (index == maxDepth - 1)
         {


            f_password=(char*) malloc(1000000000*sizeof(char));
            x++;
            printf("Attempt %d , with word %s... \n",x,str);


            while((fscanf(f,"%s",f_password)!=EOF ))
            {

             strcpy(username,strtok(f_password,":"));
             strcpy(password,strtok(NULL,":"));
             log_password = crypt(str,password); 
             fprintf(f6,"%s\n",log_password);


             if (strcmp(log_password,password)==0)    
             {                              


              fprintf(f4,"Access Granted of user %s with password %s from (Bruteforce) \n ",username,str);

              found++;


              }                                                       

            }

        }

        else bruteImpl(str, index + 1, maxDepth);
    }
    fclose(f);
    fclose(f4);
    fclose(f6);
    printf("%d password(s) found, see Users_found.txt file for users passwords... \n",found);
}



//bruteforce time
void bruteSequential(int maxLen)
{
    char* buf = malloc(maxLen + 1);

    for (int i = 1; i <= maxLen; ++i)
    {
        memset(buf, 0, maxLen + 1);
        bruteImpl(buf, 0, i);
    }

    free(buf);
}
hat
  • 781
  • 2
  • 14
  • 25
laland
  • 61
  • 1
  • 9
  • Possible duplicate of [What is a segmentation fault?](https://stackoverflow.com/questions/2346806/what-is-a-segmentation-fault) – Dan W May 29 '18 at 17:31
  • 1
    At a glance, that `malloc` call looks wrong. should be `char* buf = malloc(sizeof(char) * (maxLen + 1));`. Either way, compile with -g and run with gdb. – Jason May 29 '18 at 17:32
  • 2
    `f_password=(char*) malloc(1000000000*sizeof(char));` First off, this is 100% equivalent to `f_password = malloc(1000000000)` and should be written that way. Second off, this attempts to allocate 0.93 gigabytes of scratch space. You don't need anywhere near that much, and it could be failing, and you're not checking for failure. – zwol May 29 '18 at 17:33
  • General-purpose advice for segfaults: run the program under [`valgrind`](http://valgrind.org/), fix the __first__ problem it reports, repeat until no more problems. – zwol May 29 '18 at 17:33
  • 1
    Your program fails in this fashion if the open of `shadow_2016.txt` fails. Check the result of the fopen before proceeding. Also, fix compiler warnings and consider using ASan/UBSan to help localize problems. – Brian Cain May 29 '18 at 17:39
  • @Jason `sizeof(char)` is 1 _by definition_, rendering it unnecessary and, IMO, poor style ever to write. – zwol May 29 '18 at 18:15
  • Your question is in my opinion too much code and no explanation. Try to help us in understanding your code putting comments and explaining the logic. – roschach May 29 '18 at 20:37

0 Answers0