Skip to content

Instantly share code, notes, and snippets.

@spacelatte

spacelatte/des_decrypt.c

Created July 18, 2016 12:13
Show Gist options
  • Save spacelatte/235b7ec4981dd11eaebf450b78d4e534 to your computer and use it in GitHub Desktop.
Save spacelatte/235b7ec4981dd11eaebf450b78d4e534 to your computer and use it in GitHub Desktop.
Download ZIP
attack modems' passwd files
Raw
des_decrypt.c
#include <stdio.h>
#include <stdlib.h>
#include <stdint.h>
#include <stdbool.h>
#include <unistd.h>
#include <string.h>
#include <sys/types.h>
#include <signal.h>
#include <math.h>
#include <locale.h>
#ifdef __linux__
#include <crypt.h>
#endif
#define LINE_MAX_CHARS 1024
#define MAX_LEN 10
enum ERRORS
{
OK,
GENERIC,
NO_FILE,
NO_HASH,
CORRUPTED,
RESERVED
};
int useWordList(const char *hash, const char *wl)
{
if(strlen(hash) != 13)
return CORRUPTED;
FILE *wfp = fopen(wl,"r");
if(wfp == NULL)
return NO_FILE;
char *line = (char*)malloc(LINE_MAX_CHARS*sizeof(char));
char *pwd;
char salt[3] = {hash[0],hash[1],0};
while(!feof(wfp))
{
fgets(line,LINE_MAX_CHARS,wfp);
line[strlen(line)-1] = 0;
pwd = crypt(line,salt);
if(!strcmp(pwd,hash))
{
printf("PWD FOUND! : \"%s\"\n",line);
return OK;
}
}
return GENERIC;
}
unsigned calculateDigits(uint64_t num)
{
unsigned digits = 0;
unsigned dots = 0;
while(num)
{
digits += 1;
if(digits%3 == 0)
dots += 1;
num /= 10;
}
return digits + dots;
}
uint64_t pcnt = 0;
bool bruteForceWithConstLen(const char *hash, int length)
{
setlocale(LC_ALL,"");
char salt[3] = {hash[0],hash[1],0};
char key[length+1];
int interval[] = {33,126};
for(int i=0;i<length;i++)
key[i] = interval[0];
key[length] = 0;
char *pwd;
int pos = 1;
bool qt = false;
double maxlimit = pow(interval[1]-interval[0],length);
unsigned maxdigits = calculateDigits((uint64_t)maxlimit);
while(!qt)
{
for(int i=interval[0];i<=interval[1];i++)
{
key[0] = i;
pwd = crypt(key,salt);
pcnt += 1;
if(pcnt%(uint64_t)pow(10,5) == 0)
{
fprintf(stderr,"%-78s|\r",".");
fprintf(stderr," %'*llu %7.3f%% %*s %*s \r",maxdigits,pcnt,100.0*pcnt/maxlimit,MAX_LEN+1,key,14,pwd);
}
if(!strcmp(hash,pwd))
{
printf("\nPWD FOUND! : \"%s\"\n",key);
return true;
}
}
key[0] += 1;
for(int i=0;i<length;i++)
{
if(key[i] > interval[1])
{
if(i + 1 < length)
{
key[i+1] += 1;
key[i] = interval[0];
}else
qt = true;
}
}
}
return false;
}
int bruteForce(const char *hash)
{
bool found = false;
int mx = MAX_LEN;
pid_t p[mx];
pid_t c = 0;
for(int i=mx;i>0;i++)
{
// if(i%2)
c = 0;
c = p[i] = fork();
if(c)
{
found = bruteForceWithConstLen(hash,i);
break;
}
}
printf("Enter to abort... (%d)\n",c);
fgetc(stdin);
for(int i=mx;i>0;i++)
kill(p[i],SIGTERM);
return !found;
}
int create(const char *t)
{
//char t[LINE_MAX_CHARS];
//fgets(t,LINE_MAX_CHARS,stdin);
char salt[3] = {t[0],t[1],0};
//t[strlen(t)-1] = 0;
char *pwd = crypt(t,salt);
printf("%s\n",pwd);
return 0;
}
int help(const char *name)
{
printf("Usage: %s (0|1|2|3) (hash) [length|wordlist]\n"
"\t%s 0 passphrase\n"
"\t%s 1 hash\n"
"\t%s 2 hash length\n"
"\t%s 3 hash wordlist\n"
,name,name,name,name,name);
return 0;
}
int main(int argc, const char *argv[])
{
if(argc < 2)
return help(argv[0]);
int type = atoi(argv[1]);
switch(type)
{
case 3:
return useWordList(argv[2],argv[3]);
case 2:
return bruteForceWithConstLen(argv[2],atoi(argv[3]));
case 1:
return bruteForce(argv[2]);
case 0:
return create(argv[2]);
default:
return help(argv[0]);
}
return 0;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment