11 replies to this topic

[code0]

Here's what i have done. I have made a grid computing app as a college project. Currently i have got client/node modules ready. I am able to add nodes to my client module and do some basic stuff like generate prime numbers over grid ( very high 600-700 digits ). I give a large range to my client module as input, it divides it as per the number of nodes available and sends ranges to each . Each node calculates primes in range and return result which is shown on client module. Same thing for calculating large factorials.

Now i need to add a brute force attack capability to my app for some basic md5 and sha1 strings. Currently i am planning to read a string ( md5/sha1 ) from user, divide a-z range as per number of nodes available ( if 2 then one node will brute force a-g and second g-z and so on). I need some help on algorithms to generate all possible 6-8 digit strings from starting alphabet i provide. Any help/tips greatly appreciated.

[Turk4n]

code0 said:

Here's what i have done. I have made a grid computing app as a college project. Currently i have got client/node modules ready. I am able to add nodes to my client module and do some basic stuff like generate prime numbers over grid ( very high 600-700 digits ). I give a large range to my client module as input, it divides it as per the number of nodes available and sends ranges to each . Each node calculates primes in range and return result which is shown on client module. Same thing for calculating large factorials.

Now i need to add a brute force attack capability to my app for some basic md5 and sha1 strings. Currently i am planning to read a string ( md5/sha1 ) from user, divide a-z range as per number of nodes available ( if 2 then one node will brute force a-g and second g-z and so on). I need some help on algorithms to generate all possible 6-8 digit strings from starting alphabet i provide. Any help/tips greatly appreciated.

And your planning to use Java?
I would seriously use either C or C++ or even Haskell to perform such actions you want to do !

[code0]

Agreed that they would be much faster but for now i just need to show them something working and i have already did lot of code in java for this project. Practical application doesn't matter, other that proff have some kind of obsession in java here. My main goal is to show some working of distributed working ( take task, divide, execute, show ). I need to add something good to it other than primes and factorial so i was planning of this. Any other good computationally complex yet easy to divide task suggestions?

[Turk4n]

code0 said:

Agreed that they would be much faster but for now i just need to show them something working and i have already did lot of code in java for this project. Practical application doesn't matter, other that proff have some kind of obsession in java here. My main goal is to show some working of distributed working ( take task, divide, execute, show ). I need to add something good to it other than primes and factorial so i was planning of this. Any other good computationally complex yet easy to divide task suggestions?

Start of with simple input reading with javas build in I/O reader...Try also using the StringTokenizer effective. Also I would try out with subStrings to perform similarity checks, otherwise just build it up simple yet complex.
Try to create a scheme before doing the actually code, myself I use UML pad before coding so can see if it's realistic and fantastic :)

Good Luck...

[code0]

here's something i have written. Problem is very obvious in output attached below. Need some help with iterations.

public class bbr{
		public static void main(String[] args)
		{
			String foo = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
			int nfoos = foo.length();
			int i=4,j,k;
			char[] ca1=new char[i];
			for(j=0;j<i;j++)
				ca1[j]='a';
			
			String s1=new String(ca1);
			System.out.println(s1 + nfoos);
			
			for(j=i-1;j>=0;j--)
				{
					for(k=0;k<nfoos;k++)
					{	ca1[j]=foo.charAt(k);
						s1=String.copyValueOf(ca1);
						System.out.println(s1);
						}
					i--;
				}
				
			
		}
}

output is:

aaaa62
aaa0
aaa1
aaa2
aaa3
aaa4
aaa5
aaa6
aaa7
aaa8
aaa9
aaaA
aaaB
aaaC
aaaD
aaaE
aaaF
aaaG
aaaH
aaaI
aaaJ
aaaK
aaaL
aaaM
aaaN
aaaO
aaaP
aaaQ
aaaR
aaaS
aaaT
aaaU
aaaV
aaaW
aaaX
aaaY
aaaZ
aaaa
aaab
aaac
aaad
aaae
aaaf
aaag
aaah
aaai
aaaj
aaak
aaal
aaam
aaan
aaao
aaap
aaaq
aaar
aaas
aaat
aaau
aaav
aaaw
aaax
aaay
aaaz
aa0z
aa1z
aa2z
aa3z
aa4z
aa5z
aa6z
aa7z
aa8z
aa9z
aaAz
aaBz
aaCz
aaDz
aaEz
aaFz
aaGz
aaHz
aaIz
aaJz
aaKz
aaLz
aaMz
aaNz
aaOz
aaPz
aaQz
aaRz
aaSz
aaTz
aaUz
aaVz
aaWz
aaXz
aaYz
aaZz
aaaz
aabz
aacz
aadz
aaez
aafz
aagz
aahz
aaiz
aajz
aakz
aalz
aamz
aanz
aaoz
aapz
aaqz
aarz
aasz
aatz
aauz
aavz
aawz
aaxz
aayz
aazz
a0zz
a1zz
a2zz
a3zz
a4zz
a5zz
a6zz
a7zz
a8zz
a9zz
aAzz
aBzz
aCzz
aDzz
aEzz
aFzz
aGzz
aHzz
aIzz
aJzz
aKzz
aLzz
aMzz
aNzz
aOzz
aPzz
aQzz
aRzz
aSzz
aTzz
aUzz
aVzz
aWzz
aXzz
aYzz
aZzz
aazz
abzz
aczz
adzz
aezz
afzz
agzz
ahzz
aizz
ajzz
akzz
alzz
amzz
anzz
aozz
apzz
aqzz
arzz
aszz
atzz
auzz
avzz
awzz
axzz
ayzz
azzz
0zzz
1zzz
2zzz
3zzz
4zzz
5zzz
6zzz
7zzz
8zzz
9zzz
Azzz
Bzzz
Czzz
Dzzz
Ezzz
Fzzz
Gzzz
Hzzz
Izzz
Jzzz
Kzzz
Lzzz
Mzzz
Nzzz
Ozzz
Pzzz
Qzzz
Rzzz
Szzz
Tzzz
Uzzz
Vzzz
Wzzz
Xzzz
Yzzz
Zzzz
azzz
bzzz
czzz
dzzz
ezzz
fzzz
gzzz
hzzz
izzz
jzzz
kzzz
lzzz
mzzz
nzzz
ozzz
pzzz
qzzz
rzzz
szzz
tzzz
uzzz
vzzz
wzzz
xzzz
yzzz
zzzz

[code0]

Ok here's a major improvement :D

public class brute {

	char[] canUse = {'a','b','c','d','e','f','g','h','i','j','k','l','m','n','o','p','q','r','s','t','u','v','w','x','y','z','0','1','2','3','4','5','6','7','8','9'};
	int maxlen = 4;
	public static void main (String[] args) {
		brute b = new brute();
	}

	public brute() {
	int k = 0;
	while (k < canUse.length) {
		nextString(new Character(canUse[k]).toString());
		k++;
	}
	}

	private void nextString(String s) {
	int i = 0;
	System.out.println(s);
	while (i< canUse.length) {
		System.out.println(s + new Character(canUse[i]).toString());
		if (new String(s + new Character(canUse[i]).toString()).length() <= maxlen-1) {nextString(s + new Character(canUse[i]).toString());}
		i++;
	}

	}
}

This one is working great producing all possible bruteforce strings required. Now only thing left is division of generation on some condition so i can divide string ranges and pass on to nodes along with md5/sha hashes to crack. Any ideas on division part ?

[WingedPanther]

What if you pass the string the computer is supposed to start with, and the string it is supposed to end with?

[code0]

Changing this

while (k < canUse.length) {

		nextString(new Character(canUse[k]).toString());

		k++;

to

while (k < canUse.length-3) {

		nextString(new Character(canUse[k+3]).toString());

		k++;

( See +3, -3) makes this algo to generate all strings from third character in arrayso currently i can pass a integer value to the node which can make it to start brute force from required character ( first node starts from a, second starts from g and so on) . Just realized from your post that i have to specify ending as well :D ( totally ignored it before). That shouldn't really be a problem to implement. A-Z ranges can be divided as per node but by current algorithm all nodes will anyway calculate string starting from 0-9 as well :( .

[code0]

Now i am able to crack md5 and sha1 hashes properly running on 3-4 nodes (5-6 digits a-z,0.9 char set :D) . Hpw many algorithms are supported by MessageDigest.getInstance(algorithm) ? I am able to use SHA1 and MD5 but can't find a proper list of how many one way hashes can be used in this way.

[WingedPanther]

MD5 has 16^32 potential hash results. SHA-1 has 16^40 potential hash results.

[code0]

i mean to ask how many types of hashes are supported by Messagedigest class ( like MessageDigest.getInstanceof("MD5") or sha1 and so on.

Edit: looks like messagedigest only supports md2,md5 and sha-1. Any idea how i can get more algos like sha256,sha384,md4,etc ??

I meant supported algorithms :) . I am using bouncycastle to use more hash algorithms compared to messagedigest. There's a problem in it. I have classes like JDKMessageDigest.SHA1,JDKMessageDigest.MD4,JDKMessageDigest.Tiger,etc. in this package. The super class JDKMessageDigest itself doesn't allow to create new objects. I want a object to change depending on hash string received by node.

JDKMessageDigest md = null;

		if(type=="SHA1")

			md=new JDKMessageDigest.SHA1();

		else if(type=="MD5")

			md=new JDKMessageDigest.MD5();

		else if(type=="MD2")

			md=new JDKMessageDigest.MD2();

		else if(type=="SHA256")

			md=new JDKMessageDigest.SHA256();

		else if(type=="SHA384")

			md=new JDKMessageDigest.SHA384();

		else if(type=="Tiger")

			md= new JDKMessageDigest.Tiger();

		else if(type=="MD4")

			md=new JDKMessageDigest.MD4();

		else if(type=="SHA512")

			md=new JDKMessageDigest.SHA512();

		else if(type=="RIPEMD160")

			md=new JDKMessageDigest.RIPEMD160();

		

Problem is that while running this i get a null pointer exception. If i intialize md as JDKMessageDigest.SHA1(), then it works for sha1 hashes properly but as per the if clause md doesn't change to object of md4 or md5 if required. I cannot initialize md as JDKMessageDigest() as that class seems to have private constructor. Any tips ?

Ahh changing them to type.equals("MD4") worked. Silly mistake checking strings with == :P .

Edited by WingedPanther, 22 February 2009 - 02:22 PM.
Triple post

[code0]

On node side, i want to show a popup box which should show

Hashstring
Hashtype
"Current candidate pass string validated".

I tried using JOptionPane and it did show popup box but my program won't continue until user manually clicks on Ok. What i want is, when the bruteforce thread starts.. a small window opens and shows above info ( "Current candidate pass string validated" will chaneg very rapidly) and this box should hide when the password is found . What should i use to display this ?