Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
Solución automática de crackmes
""" """
import sys
import pexpect
import re
import string
import collections
PIN = './pin-2.14-71313-gcc.4.4.7-linux/pin'
INSCOUNT0 = './test/pin-2.14-71313-gcc.4.4.7-linux/source/tools/ManualExamples/obj-ia32/'
def inscount_out():
while True:
with open('inscount.out', 'r') as f:
count = re.findall('Count (.*)',
if len(count):
return count.pop()
def send_password(crackme_name, username_prompt, username, password_prompt, password, padding_size, badboy_message, after_password):
cmd = '{0} -t {1} -- {2}'.format(PIN, INSCOUNT0, crackme_name)
child = pexpect.spawn(cmd)
if username_prompt is not None:
child.sendline(password + padding_size * '0')
if after_password:
if badboy_message is not None:
return badboy_message not in child.before, inscount_out()
return False, inscount_out()
def next_char(crackme_name, username_prompt, username, password_prompt, known, padding_size, badboy_message, charset, after_password):
d = dict()
for char in charset:
completed, inscount = send_password(crackme_name, username_prompt, username, password_prompt, known + char, padding_size, badboy_message, after_password)
#if completed:
# return completed, char
d[char] = inscount
sys.stdout.write('\r{0}: {1} \b\b\b'.format(repr(known + char + padding_size * '0'), d[char]))
n = collections.Counter(d.values())
inscount_most_common, count_most_common = n.most_common()[0]
inscount_least_common, count_least_common = n.most_common()[-1]
if inscount_least_common > inscount_most_common:
return completed, [char for char in d.keys() if d[char] == inscount_least_common].pop()
return completed, ''
def main(crackme_name, username_prompt, username, password_prompt, badboy_message, charset=string.printable, padding_size=0, after_password=False):
known = ''
while True:
completed, char = next_char(crackme_name, username_prompt, username, password_prompt, known, padding_size, badboy_message, charset, after_password)
if char == '':
padding_size += 1
known += char
if padding_size != 0:
padding_size -= 1
if completed:
print '\n%s %s' %(password_prompt, known)
main('./crack', 'User ID', '123', 'Lice%', 'Oops!') #
main('./BeatMe', 'USERNAME :', 'rmolina', 'PASSWORD :', 'NOPE , YOU LOSE') #
main('./linux/toadkey32', 'Username:', 'rmolina', 'Password:', 'Access Denied.') #
main('./crackme_01/crackme', None, None, 'Enter Password:', '-[ Ohhhh, your skills are bad try again later ]-') #
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment