Created
April 30, 2012 05:25
-
-
Save blt/2555738 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/* | |
* 2012 -- updated to make use of an 8-core machine by Brian L. Troutwine | |
* | |
* THC/2003 | |
* | |
* Simple ssh-private key cracker. Tries to brute force (dictionary | |
* attack) almost any ssh private key file format. | |
* | |
* This is just a quick tool from THC. Using OpenSSL is not really | |
* fast... | |
* | |
* COMPILE: | |
* gcc -Wall -O2 -o thc-ssh-crack thc-ssh-crack.c -lssl | |
* | |
* RUN: | |
* John is a good password generator. We use it for thc-ssh-crack: | |
* | |
* $ john -stdout -incremental | nice -19 thc-ssh-crack id_dsa | |
* | |
* Normal dictionary (without john's permutation engine): | |
* | |
* $ nice -19 thc-ssh-crack id_dsa <dictionary.txt | |
* | |
* Enjoy, | |
* | |
* http://www.thc.org | |
*/ | |
#include <stdio.h> | |
#include <openssl/ssl.h> | |
#include <openssl/err.h> | |
#include <openssl/evp.h> | |
#include <openssl/pem.h> | |
#include <string.h> | |
#include <sys/types.h> | |
#include <unistd.h> | |
int | |
main(int argc, char *argv[]) | |
{ | |
FILE *fp = fopen(argv[1], "r"); | |
EVP_PKEY *pk; | |
char *ptr; | |
char pwd[1024]; | |
int status; | |
int tot_child = 0; | |
SSL_library_init(); | |
pwd[0] = '\0'; | |
while (1) { | |
if (!fgets(pwd, sizeof pwd, stdin)) | |
exit(0); | |
ptr = strchr(pwd, '\n'); | |
if (ptr) | |
*ptr = '\0'; | |
switch(fork()) { | |
case -1: { | |
perror("fork"); | |
exit(1); | |
} | |
case 0: { // child | |
pk = PEM_read_PrivateKey(fp, NULL, NULL, (char *)pwd); | |
if (pk) { | |
printf("THC THC THC THC THC THC THC THC THC\n"); | |
printf("----> pwd is '%s' <-----\n", pwd); | |
printf("THC THC THC THC THC THC THC THC THC\n"); | |
exit(0); | |
} | |
exit(1); | |
} | |
default: { // parent | |
tot_child++; | |
if (tot_child >= 7) { | |
waitpid(0, &status, WNOHANG); | |
tot_child--; | |
} | |
} | |
} | |
} | |
return 0; | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment