MY TECH BLOG

Google+ Badge

Thursday, 9 January 2014

BRUTE: A brute force approach to hacking Unix passwords. Version 1.1

BRUTE:  A brute force approach to hacking Unix passwords.  Version 1.1
------------------------------------------------------------------------------

Here's how to use it in a nutshell...

Download the passwd file from your local unix site, or have someone download
it for you.  It should be in the unix format (that is, line feeds but no
carriage returns) so don't run it through any conversion programs--Brute uses
it "as-is".

To check a single password against your list do this:

BRUTE passwd Password

(that would check the passwd file for the password "Password").  Brute is
case sensitive (just as unix is), so "Password" is different than "password".

To convince yourself that brute actually works you'll probably want to run it
with your password and see that it pulls up your account.  It will.

---

Brute can be used with a list of passwords.  In this case, edit up a list or
use a pre-made one (one password per line) and call brute like this:

BRUTE passwd @passlist.txt

(where passlist.txt is the name of your list-of-passwords.  The @ sign tells
brute that you're using list file).  Note that you don't have to use the name
"passlist.txt" for your word list, and you don't have to use the name
"passwd" for the password file.  This allows you to keep separate word lists
for different types of unix sites, and separate password files.

Right now that's about it.  There are a few enhancements I'm planning in the
future, but this ought to do the trick for you.  Any passwords found are
written to the file "PWD_HITS.DAT".

Brute ignores unpassworded and invalidly-passworded accounts automatically,
so you should probably check the passwd file for these babys yourself.

---

Brute is about 25% faster than it's nearest competitor.

Have fun.

Prometheus

---

Version 1.1:  Fixed the icky short int bug which causes the "Password"
              counter to go negative after 32k attempts (changed to long
              int--now it will go negative should you reach 2 billion
              attempts in a single setting, which isn't extrememly likely.

              Added the "*" password to check for the username as a password
              (forward and reversed).  Either put * on a line by itself in
              your word list file, or call brute like this: brute passwd *
              ---

Version 2.0:  I'm using the fastcrypt routine as ported to DOS by Gandalf and
              distributed in OBJ form by sir hackalot.  I haven't measured
              the speed increase, but it's not as much as I had hoped.  Maybe
              twice as fast.  Anyhow, such is life.

    ÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜ
    ÜÝÄ’œ›Š úúúúúúúúúúúúúúú THE HOLLOW'S ALLIANCE úúúúúúúúúúúúúúú AliceÄÞÜ ú
    ÜÝÄ     (415)849-2688      Ÿ‰‰ë 攁r hîŽë       (415)849-2688       ÄÞÜ ú
    ÜÝ ÄÄ Ä Ä Ä Ä Ä Ä   T-file Distribution Cent-a-RoR    Ä Ä Ä Ä Ä Ä ÄÄ ÞÜ ú
    ÜÝDr. Murdock ú Powerful Paul ú RatSnatcher ú Sir Death ú Pressed RatÞÜ ú
    ÜÝ ÄÄ Ä Ä Ä        R  o  R   -   A  l  u  c  a  r  d        Ä Ä Ä ÄÄ ÞÜ ú
    ÜÝÄ The Corporate Headquarters of Shawn-Da-Lay Boy Productions, Inc.ÄÞÜ ú
    ÜÝÄúúúú Ø úúúúSmooth is the Descent and Easy is the Wayúúúúú Ø úúúúúÄÞÜ ú
    ÜÛßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßÛÜ ú
      úúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúú