1

Currently this is what I have:

            for (int a = number; a < 255; a++)
            {
                for (int b = 0; b < 255; b++)
                {
                    for (int c = 0; c < 255; c++)
                    {
                        for (int d = 0; d < 255; d++)
                        {
                            string ip = String.Concat(a, '.', b, '.', c, '.', d);
                            string _id = TruncateLongString(Hash(ip), 20);
                            if (_id == "AE18D602C836D7EAD1F8")
                            {
                                Console.WriteLine(ip);
                                Thread.Sleep(3600000);
                            }
                        }
                    }
                }
            }

But this is very slow and take absolute ages. Is there any other way to do this, preferably in a much faster way? Also, the reason for this is cracking sha1 hash, me and another person are trying to figure out how a person managed to crack the hash (_id) for an ip in about three seconds. Fyi the hash also has a salt, which is known. Also, if your wondering, number is the number I have given the thread to use, going up from 1 to about 40. Also we have no idea what coding language the person used, but we guessed c# for its speed and because we knew some of it, but there's probably something much faster.

Nitsua
  • 235
  • 2
  • 8
  • A first idea is to use a `StringBuilder` to concatenate a+b+c+d, or **string interpolation**. You can check what is the better with a thing like a `Stopwatch`... Keep in mind that console writes are slow too... so try to put it out of loops using a `List` or a `HashSet` that may be better, that you join at the end for example, or a simple string using `NewLine` in your case. Also you can try `IPAddress` class. –  Dec 06 '20 at 20:04
  • 1
    `Console.WriteLine` will be the boottleneck here. And nothe that this will produce about 4.000.000.000 lines. – Klaus Gütter Dec 06 '20 at 20:09
  • Both are bottlenecks (the string assignment and `Console.WriteLine`): see, e.g., [How come for loops in C# are so slow when concatenating strings?](https://stackoverflow.com/q/50071096/7444103). -- You really don't want to do this. It's also quite useless. – Jimi Dec 06 '20 at 20:25
  • Like Jimi mentioned, both string manipulation and console print are bottlnecks. I am pretty sure no real world problem require iterating through all ipv4 addresses. May be if the op gives more info on that, we might be able to help better. – Kamaal Dec 06 '20 at 21:51
  • Have you considered using the [`IPAddress`](https://learn.microsoft.com/en-us/dotnet/api/system.net.ipaddress?view=net-5.0) class for this? – Rufus L Dec 06 '20 at 22:21
  • it may have excluded IP address ranges that it is not interested in, local networks, etc. – Stanislav Dec 06 '20 at 22:30
  • @RufusL The problem is I don't really know how I would use the `IPAddress` class for this case. – Nitsua Dec 06 '20 at 22:43
  • 1
    I think that in a reasonable time it is impossible to calculate 4 billion hashes, so either the hashes were already ready or the person guessed :) – Stanislav Dec 06 '20 at 22:47
  • 1
    I think it is impossible to calculate one million hashes in 1 millisecond – Stanislav Dec 06 '20 at 22:51
  • @Stanislav I generated a hash using `255.255.255.255` as an ip and the person still got it in 3 seconds. Either somehow the person got the first two numbers using the _id witch is half the sha1, which should be impossible, or he had some huge file of some sort, which is still insanely large. – Nitsua Dec 06 '20 at 23:08
  • if the hash selection time does not change, it is similar to O(1) access to the collection element. – Stanislav Dec 06 '20 at 23:13
  • It can use cascading tables or trees to store hash matches to an IP address. Add the prefix to TruncateLongString($"Prefix_{IP}") – Stanislav Dec 06 '20 at 23:15

3 Answers3

1

You need to reduce the number of method Console.WriteLine calls. Use Parallel.For and an array with generated IP addresses. Do not use well-known data to generate hashes, or add the prefix " some_{Ip}"

var array = new string[255];
for (int a = 1; a < 256; a++)
{
    for (int b = 0; b < 256; b++)
    {
        var prefB = String.Concat(a.ToString(), ".", b.ToString(), "."); 
        for (int c = 0; c < 256; c++)
        {
            var prefC =  String.Concat(prefB, c.ToString(), "."); 
            Parallel.For(0, 256, d =>
            {
                array[d] = String.Concat(prefC, d.ToString());
                
            });
            
            Console.WriteLine(string.Join(System.Environment.NewLine, array));
        }
    }
}
Stanislav
  • 459
  • 3
  • 6
  • Since the console output is most the critical point, why not put the writeline at the end outside the main loop? Using a HashSet (or any more optimized collection for this case)? –  Dec 06 '20 at 23:00
  • The maximum size of the collection is limited to ~2 billion values, the number of IP addresses is ~4 billion, you need to make an array of arrays – Stanislav Dec 06 '20 at 23:04
  • The author changed the question after I wrote the answer. – Stanislav Dec 06 '20 at 23:07
0

Another little notice: IPv4 addresses are 1 byte in size - so they go from 0 - 255, and not 254.

So the for-loop would have to be adjusted:

for (int a = 0; a < 256; a++) {
    for (int b = 0; b < 256; b++) {
        for (int c = 0; c < 256; c++) {
            for (int d = 0; d < 256; d++) {

(Sorry to give the notice as an answer, but I can't comment yet)

Daniel
  • 1,426
  • 1
  • 11
  • 24
0

First, there are UInt32.MaxValue possible IPv4 addresses, but not all IPv4 values are actually in use. So you could skip ranges that will never be mapped.

I'd guess that it should be possible to compute all 4 billion possible hashes in about 3 CPU hours. If you are using a single constant salt, it's possible that an attacker could spend the time to pre-compute the complete table to quickly lookup the result. 4 billion * 10 byte answers is only 40GB, quite easy to store on a HD.

Jeremy Lakeman
  • 9,515
  • 25
  • 29