Skip to content

Instantly share code, notes, and snippets.

@nicktimko
Created February 25, 2018 00:28
Show Gist options
  • Save nicktimko/3e5679555029329ef3751595ba304893 to your computer and use it in GitHub Desktop.
Save nicktimko/3e5679555029329ef3751595ba304893 to your computer and use it in GitHub Desktop.
Manual Password Cracking from the 500M list
Display the source blob
Display the rendered blob
Raw
{
"cells": [
{
"cell_type": "code",
"execution_count": 6,
"metadata": {},
"outputs": [],
"source": [
"import hashlib\n",
"def sha1digest(x):\n",
" return hashlib.sha1(x.encode('utf-8')).hexdigest().upper()"
]
},
{
"cell_type": "code",
"execution_count": 20,
"metadata": {},
"outputs": [],
"source": [
"most_common_passwords = {}\n",
"order = []\n",
"with open('../Software/pwned-passwords-2.0.txt') as f:\n",
" for line in f:\n",
" digest, count = line.split(':')\n",
" most_common_passwords[digest] = {'count': count, 'plaintext': None}\n",
" order.append(digest)\n",
" if len(most_common_passwords) > 100000:\n",
" break"
]
},
{
"cell_type": "code",
"execution_count": 23,
"metadata": {
"scrolled": false
},
"outputs": [
{
"name": "stdout",
"output_type": "stream",
"text": [
"guess a password: qwer\n",
"that's the #986 most common password\n",
"guess a password: 1234\n",
"that's the #15 most common password\n",
"guess a password: lkjnf\n",
"that's not in the top #100000!\n",
"guess a password: princess\n",
"that's the #55 most common password\n",
"guess a password: Princess\n",
"that's the #7934 most common password\n",
"guess a password: peanut\n",
"that's the #312 most common password\n",
"guess a password: apple\n",
"that's the #141 most common password\n",
"guess a password: abcde\n",
"that's the #1777 most common password\n",
"guess a password: abcdef\n",
"that's the #273 most common password\n",
"guess a password: butter\n",
"that's the #1328 most common password\n",
"guess a password: keyboard\n",
"that's the #4609 most common password\n",
"guess a password: qwerty\n",
"that's the #3 most common password\n",
"guess a password: 12345\n",
"that's the #10 most common password\n",
"guess a password: 123456\n",
"that's the #1 most common password\n",
"guess a password: 12345678\n",
"that's the #6 most common password\n",
"guess a password: qwQW\n",
"that's not in the top #100000!\n",
"guess a password: !@#$%^\n",
"that's the #17168 most common password\n",
"guess a password: !@#$\n",
"that's not in the top #100000!\n",
"guess a password: !@#$%^&*\n",
"that's the #71654 most common password\n",
"guess a password: Battery\n",
"that's not in the top #100000!\n",
"guess a password: battery\n",
"that's the #18293 most common password\n",
"guess a password: correct horse\n",
"that's not in the top #100000!\n",
"guess a password: horse\n",
"that's the #4190 most common password\n",
"guess a password: correct\n",
"that's the #55408 most common password\n",
"guess a password: staple\n",
"that's the #95567 most common password\n",
"guess a password: baby\n",
"that's the #853 most common password\n",
"guess a password: sha1\n",
"that's not in the top #100000!\n",
"guess a password: top\n",
"that's the #26658 most common password\n",
"guess a password: hat\n",
"that's the #82601 most common password\n",
"guess a password: dick\n",
"that's the #3000 most common password\n",
"guess a password: ass\n",
"that's the #4984 most common password\n",
"guess a password: tits\n",
"that's the #10117 most common password\n",
"guess a password: pussy\n",
"that's the #590 most common password\n",
"guess a password: fucker\n",
"that's the #570 most common password\n",
"guess a password: motherfucker\n",
"that's the #4387 most common password\n",
"guess a password: shit\n",
"that's the #2774 most common password\n",
"guess a password: piss\n",
"that's the #84246 most common password\n",
"guess a password: cock\n",
"that's the #8567 most common password\n",
"guess a password: zxcvbn\n",
"that's the #124 most common password\n",
"guess a password: zxcv\n",
"that's the #7124 most common password\n",
"guess a password: asdf\n",
"that's the #83 most common password\n",
"guess a password: ASDF\n",
"that's the #72240 most common password\n",
"guess a password: Asdf\n",
"that's not in the top #100000!\n",
"guess a password: Qwerty\n",
"that's the #4856 most common password\n",
"guess a password: QWERTY\n",
"that's the #2454 most common password\n",
"guess a password: qwer1234\n",
"that's the #105 most common password\n",
"guess a password: QWER1234\n",
"that's the #49431 most common password\n",
"guess a password: !@#$1234\n",
"that's not in the top #100000!\n",
"guess a password: 1234!@#$\n",
"that's the #81723 most common password\n",
"guess a password: 1234qwer\n",
"that's the #57 most common password\n",
"guess a password: 1234qwerasdf\n",
"that's the #22724 most common password\n",
"guess a password: 1234qwerasdfzxcv\n",
"that's the #35054 most common password\n",
"guess a password: 123456qwerty\n",
"that's the #1394 most common password\n",
"guess a password: qwerty123456\n",
"that's the #697 most common password\n",
"guess a password: jkl;\n",
"that's not in the top #100000!\n",
"guess a password: ;lkj\n",
"that's not in the top #100000!\n",
"guess a password: qwertyuiop\n",
"that's the #17 most common password\n",
"guess a password: asdfghjkl\n",
"that's the #48 most common password\n",
"guess a password: zxcvbnm\n",
"that's the #44 most common password\n",
"guess a password: qazwsx\n",
"that's the #52 most common password\n",
"guess a password: qazwsxedc\n",
"that's the #154 most common password\n",
"guess a password: qazwsxedcrfv\n",
"that's the #2602 most common password\n",
"guess a password: qazwsxedcrfvtgbyhnujm\n",
"that's not in the top #100000!\n",
"guess a password: qazwsxedcrfvtgb\n",
"that's the #15882 most common password\n",
"guess a password: 1qaz2wsx\n",
"that's the #26 most common password\n",
"guess a password: 123qweasdzxc\n",
"that's the #875 most common password\n",
"guess a password: 111\n",
"that's the #677 most common password\n",
"guess a password: 1\n",
"that's the #196 most common password\n",
"guess a password: q\n"
]
}
],
"source": [
"while True:\n",
" trial = input('guess a password: ').strip()\n",
" if trial == 'q':\n",
" break\n",
" digest = sha1digest(trial)\n",
" try:\n",
" nth_most = order.index(digest) + 1\n",
" except ValueError:\n",
" print('that\\'s not in the top #100000!')\n",
" continue\n",
"\n",
" most_common_passwords[digest]['plaintext'] = trial\n",
" print('that\\'s the #{} most common password'.format(nth_most))"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": []
}
],
"metadata": {
"kernelspec": {
"display_name": "Python 3",
"language": "python",
"name": "python3"
},
"language_info": {
"codemirror_mode": {
"name": "ipython",
"version": 3
},
"file_extension": ".py",
"mimetype": "text/x-python",
"name": "python",
"nbconvert_exporter": "python",
"pygments_lexer": "ipython3",
"version": "3.6.4"
}
},
"nbformat": 4,
"nbformat_minor": 2
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment