-1

I made a brute force password cracker for one of my classes, but couldn't figure out why it wasn't wasn't fully checking every combination. If I use simple passwords with just numbers or lowercase it usually works, but complex combinations of characters do not necessarily yield an answer at all.

Here is the code I submitted for my assignment:

from datetime import datetime
from itertools import combinations_with_replacement, permutations
#############################
# Password Cracking Program #
#############################
possibleChars = ["a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s",
                 "t", "u", "v", "w", "x", "y", "z", "A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L",
                 "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z", "0", "1", "2", "3", "4",
                 "5", "6", "7", "8", "9", "!", "@", "#", "$", "%", "^", "&", "*", "(", ")"]

# Get the current time after program runs, subtracts it from the initial time
now = datetime.now()
password = input("Enter a 4 character password:\n")

combinations = list(combinations_with_replacement(possibleChars, 4)) + list()
totalTries = 0
for combo in combinations:
    totalTries += 1
    print(join(combo))
    if password == "".join(combo):
        print("Your password is: " + password)
        print(totalTries)
        # Output the difference in seconds
        later = datetime.now()
        diff = (later - now).total_seconds()
        print(diff)

        break

Any help is appreciated!

Yames
  • 3
  • 2
  • can you give an example of complex combinations? – Matiiss Oct 30 '20 at 00:03
  • Welcome to SO. Please post the expected output and actual output of your script with the sample data. – ewokx Oct 30 '20 at 00:03
  • also you should add some check so that people enter exactly 4 characters – Matiiss Oct 30 '20 at 00:04
  • You shouldn't create a list from your combinations generator. That causes Python to bring all of the possibilities into memory at once to make a list out of them. There's no need to do that. Change the line that makes the list to: `combinations = combinations_with_replacement(possibleChars, 4) ` – CryptoFool Oct 30 '20 at 00:09
  • @Matiiss Certainly, something like e1Z? (using all 4 character types) usually resulted in no output at all – Yames Oct 30 '20 at 00:19
  • @ewong Thanks for the welcome! Does this work? 'Enter a 4 character password:1234' 'Your password is: 1234' '1208345' '5.362289' I'm clearly having problems with formatting, haha sorry. – Yames Oct 30 '20 at 00:21
  • *sigh* I have no idea how to fix this. My best guess would be to make password generator of you own or look up documentation for those functions – Matiiss Oct 30 '20 at 00:31
  • @Yames please include the sample data, expected/actual output in your original post and not in the comments. Also, what is ```print(join(combo))```? – ewokx Oct 30 '20 at 00:42
  • @Yames might this help? https://stackoverflow.com/questions/29001085/python-combination-with-replacement – ewokx Oct 30 '20 at 00:59

2 Answers2

0

The combinations = list(combinations_with_replacement(possibleChars, 4)) + list() line is wrong.

The combinations_with_replacement function right use is this: combinations_with_replacement('ABCD', 2) # Output: AA AB AC AD BB BC BD CC CD DD

Sadly, you pass the entire list to the function, however string to need.

Source: https://docs.python.org/3.9/library/itertools.html

TerraBug1011
  • 81
  • 4
  • maybe my understanding of combinations_with_replacement(), but I just tried that code with some modifications and am somewhat confused. I tried ```e!34``` and it misses it. Is ```e!34``` not a valid combination? or have I completely missed what combination means? – ewokx Oct 30 '20 at 00:56
0

After some digging around, combinations_with_replacement() is the wrong function to use. I made some changes to your code and couldn't get it working. Looking at [1] I got the understanding that this function isn't what you wanted. Digging some more, I got [2], which works with both 1234 and e!34.

So, in the end, I got:

from datetime import datetime
from itertools import product

#############################
# Password Cracking Program #
#############################
possibleChars = ["a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s",
                 "t", "u", "v", "w", "x", "y", "z", "A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L",
                 "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z", "0", "1", "2", "3", "4",
                 "5", "6", "7", "8", "9", "!", "@", "#", "$", "%", "^", "&", "*", "(", ")"]

# Get the current time after program runs, subtracts it from the initial time
now = datetime.now()
password = input("Enter a 4 character password:\n")

combinations = product(possibleChars, repeat=4)
totalTries = 0
for combo in combinations:
    totalTries += 1
    if password == "".join(combo):
        print("Your password is: " + password)
        print(totalTries)
        # Output the difference in seconds
        later = datetime.now()
        diff = (later - now).total_seconds()
        print(diff)
        break

[1] - https://www.geeksforgeeks.org/python-itertools-combinations_with_replacement/

[2] - Python combination with replacement

ewokx
  • 2,204
  • 3
  • 14
  • 27