search

BoboTiG / cracker-ng

ZIP cracker, CCRYPT cracker, and others to come.
GNU General Public License v2.0
90 stars 10 forks source link

Doesn't stop on first match #7

Closed FalcoGer closed 2 years ago

FalcoGer commented 2 years ago

The program keeps on trying all the passwords until the wordlist file ends or until the pipe is closed when the input ceases. This is an issue especially because

  1. It wastes time, trying passwords that do not need to be tried
  2. It may never terminate if the generator used does not terminate on it's own (for example hashcat with stdout in brute force mode)

Test case

echo "This is a secret" > secret.txt
ccrypt -e -K p4ssw0rd secret.txt
cptcrypt-ng -w /usr/share/seclists//Passwords/Leaked-Databases/rockyou-75.txt

This will run through all words in the list. (check against wc -l)

If you have a substancial wordlist and you put the test case at the very start (say the entire rockyou database and your password is 123456), then it will run through all 14M passwords.

cptcracker-ng -w [...]/SecLists/Passwords/Leaked-Databases/rockyou.txt -f testcrypt.txt.cpt

 ~ CPT Cracker-ng v2.0.0-dev ~
 - File......: testcrypt.txt.cpt
 - Generator.: rockyou.txt
 . Worked at 421,948 pwd/sec
   Combinations: 14,346,259
   Working time: 34 sec
 + Password found: p4ssw0rd
   HEXA[ 70 34 73 73 77 30 72 64 ]
 ^ Ex(c)iting.
                                                                                                                                                                   [ 1m-25,898s ]
grep -n "p4ssw0rd" [...]/SecLists/Passwords/Leaked-Databases/rockyou.txt
40860:p4ssw0rd
[...]
wc -l [...]SecLists/Passwords/Leaked-Databases/rockyou.txt
14344391[...]/SecLists/Passwords/Leaked-Databases/rockyou.txt

With 422k pwd/s it shouldn't take 34 seconds to reach the 41000th line but rather about 1 second.

FalcoGer commented 2 years ago

Fix in src/shared/cracker.cc

diff --git a/src/shared/cracker.cc b/src/shared/cracker.cc
index 8328458..1fff610 100644
--- a/src/shared/cracker.cc
+++ b/src/shared/cracker.cc
@@ -695,6 +695,7 @@ void Cracker::crack() {
                }
 #endif
                __sync_add_and_fetch(&num, 1);
+                if (!this_is_now_we_fight) break; // stop trying, we did it.
        }
        if ( this->from != "STDIN" ) {
                fclose(input);

Result

time cptcracker-ng -w [...]/SecLists/Passwords/Leaked-Databases/rockyou.txt -f testcrypt.txt.cpt

 ~ CPT Cracker-ng v2.0.0-dev ~
 - File......: testcrypt.txt.cpt
 - Generator.: rockyou.txt
 . Worked at 40,860 pwd/sec
   Combinations: 40,860
   Working time: 1 sec
 + Password found: p4ssw0rd
   HEXA[ 70 34 73 73 77 30 72 64 ]
 ^ Ex(c)iting.

cptcracker-ng -w  -f testcrypt.txt.cpt  0,09s user 0,00s system 9% cpu 1,007 total
BoboTiG commented 2 years ago

Hey @FalcoGer,

I would be more than happy to merge your patches, let's open PRs :)