Welcome to www.programmer2programmer.net Its all about security programming source code

programmer2programmer.net

 Tips
 Microsoft Certification
 Final Year Project Idea
 Connection Strings
 Password Recovery
 SQL Injection
 Encryption & Decryption
  
 LIVE Academic Project
 Project #1 - VB6, Access
  Project #2 - VB.Net, SQL
 Project #3 - ASP, Access
 Project #4 - ASP.NET, C#
 Project #5 - VB6, SQL
 Project #6 - Stegano
 Project #7 - C
 Project #8 - C++
 Project #9 - JAVA, MySQL
 Project #10- PHP, MySQL
 Project #11- JSP, Oracle
 Project #12- C# Face Exp
 Project #13- Mobile Bank
 Download MBA Project
 MBA Project Topic
 Project Viva Question
  2017 New Projects
 Project Synopsis Download
  
 University Question Paper and Assignment
 SMU - Question Paper
 SMU - Assignment
 SCDL - Assignment
  
 Interview Question Answer
 General & HR Round
 Visual Basic 6
 VB.Net & C#
 ASP.Net
 SQL Server
  Oracle and DBA
 My SQL
  

100% Tested
Ready Academic IT Projects

BE, ME, BTech, BCA, MCA, MBA, Bsc-IT, MS, BIT, ADIT, DOEACC, IGNOU, SMU
readymadeproject.com

 Brute force cracking of passwords, key combination for right password, download Visual Basic source code

Home Personal Member Forum Source Project Tips Contact
 

Brute Force Cracking of Passwords

Brute force technique is very simple and efficient, basically it try out all possible combination of password by given character set. The developer of such program admitted that the software includes artificial delays to make the cracking appear to take longer than it really does. because some commercial application have restricted by numbers of attempt for password guising and automatically lock the system for preventing hack.

Brute force cracking works by trying all possible values for the key until the right one is found. Once it succeeds, the attacker can read the message that was encrypted with that key. along with other messages encrypted with that key. the principle defense against brute force cracking is to produce as long a list of legal keys as possible, As the list gets longer, so does the amount of work it could take to guess the right key.



How to make key combination for find right password?

If your password length very small say 3 and numbers of different character used to make the password are very few say 4 and fortunately you the characters then you may try the password for 24 times and definitely at one time you get the right password. However real time scenario is very different normally we don't know the password length and key combination, for better performance always try with less character long passwords like  start with 1,2,3,4..10 and key combination like start with digits, characters upper, characters lower, then combination of upper, lower, combination of characters and digits and lastly combination of digits, mixed case characters and special characters. 

I know now you want some practical things, so first thing first now we first create key combination,
Following code create unique key combination of equal length.

        '>>> create unique key with equal length combination

        Dim NoChar As Integer

        NoChar = 26 '>>>No of charcaters

        Dim KeyLen As Integer

        KeyLen = 22 '>>>password lengths

        '>>> store password characters

        Dim StrPChar() As String

        ReDim StrPChar(NoChar)

        '>>> store for orginal value

        Dim TempChar() As String

        ReDim TempChar(NoChar)

 

        Dim i, j, k, c, p As Integer

        '>>>store alaphabet A-Z

        For i = 65 To 91

            StrPChar(i - 65) = Chr(i)

        Next

        '>>>copy original value to temp

        Array.Copy(StrPChar, TempChar, NoChar)

        '>>> store each uniqe password

        Dim StrPass As String

        StrPass = ""

 

        '>>> store all passwords

        Dim TPass As String

        TPass = ""

        For i = 0 To NoChar - 1

            c = 1

            p = 1

            While c < NoChar * 2 - 1

                For k = 1 To KeyLen - 1

                    StrPass = StrPass & StrPChar(k)

                Next

                StrPass = StrPChar(0) & StrPass

                '>>> add new password to list box

                TPass = TPass & StrPass & vbCrLf

 

                StrPass = ""

                '>>> increment pointer

                c = c + 1

                p = p + 1

                Dim t As String

 

                If p < NoChar Then

                    t = StrPChar(0)

                    Array.Clear(StrPChar, 0, NoChar)

                    Array.Copy(TempChar, StrPChar, NoChar)

                    '>>> change first value

                    StrPChar(0) = t

                    StrPChar(1) = TempChar(p - 1)

                    StrPChar(p - 1) = TempChar(1)

                Else

                    p = 2

                    t = StrPChar(0)

                    Array.Clear(StrPChar, 0, NoChar)

                    Array.Copy(TempChar, StrPChar, NoChar)

                    '>>> change first value

                    StrPChar(0) = t

                    StrPChar(1) = TempChar(p - 1)

                    StrPChar(p - 1) = TempChar(1)

                End If

            End While

            '>>> increase initial value

            If j < NoChar Then

                j = j + 1

                '>>> copy from temp

                Array.Clear(StrPChar, 0, NoChar)

                Array.Copy(TempChar, StrPChar, NoChar)

                '>>> change first value

                StrPChar(0) = TempChar(j)

                StrPChar(j) = TempChar(0)

            End If

        Next

It will create Password Combination of equal length with unique character, you may create separate program to create reputing character password and varying length password combination. Output of above code something like.

 

SUCDEFGHIJKLMNOPQRSTBV

SVCDEFGHIJKLMNOPQRSTUB

SWCDEFGHIJKLMNOPQRSTUV

TQCDEFGHIJKLMNOPBRSTUV

UECDBFGHIJKLMNOPQRSTUV

UFCDEBGHIJKLMNOPQRSTUV

AICDEFGHBJKLMNOPQRSTUV

AJCDEFGHIBKLMNOPQRSTUV
BJCDEFGHIBKLMNOPQRSTUV

BQCDEFGHIJKLMNOPBRSTUV

Now you understand the first step of cracking password, it may become complicated if you want to use multithreading means to run password finder program in threading, you can divide your password directory list in separate location and point them while running your actual finding utility. by threading you can dictate your compute  do more thing in a single time, you may run 10 loops in same time. 

How to Try each password automatically?

You can use send keys to open non database or non ISM type application, and for ISM type document it is very much easy to create a connection string and passing the password with parameter and check the connection state if state is open then you got password. otherwise you loop for each and every possible password. 

For finding password of Access or Excel you need to know the connection string with password, I give you sample coding for finding password of access database, 

        '>>> store access filename to crack

        Dim FileName As String

        FileName = "C:\db1.mdb"

        Dim TPass As String

        Dim i As Integer

 

        '>>> password combination

        '>>> here we are create 3 character password

        '>>> with "A","B" and "C"

        Dim NoPass As Integer

        NoPass = 30

        '>>> store password in array

        '>>> you can use already created password combination

        '>>> or you can create it in runtime

        '>>> it is better you create password key combination

        '>>> sepeartly and use it when needed

        Dim A() As String

        ReDim A(NoPass)

        A(0) = "A"

        A(1) = "B"

        A(2) = "C"

        A(3) = "AA"

        A(4) = "AB"

        A(5) = "AC"

        A(6) = "BB"

        A(7) = "BA"

        A(8) = "BC"

        A(9) = "CC"

        A(10) = "CA"

        A(11) = "CB"

        A(12) = "AAB"

        A(13) = "AAC"

        A(14) = "BAA"

        A(15) = "CAA"

        A(16) = "BBA"

        A(17) = "BBC"

        A(18) = "ABB"

        A(19) = "ACC"

        A(20) = "CCA"

        A(21) = "CCB"

        A(22) = "ACC"

        A(23) = "BCC"

        A(24) = "ABC"

        A(25) = "CBA"

        A(26) = "BAC"

        A(27) = "BCA"

        A(28) = "ACB"

        A(29) = "CAB"

        '>>> it is not complete listed you may find

        '>>> many more passwords by using 3 characters

 

        '>>> intialiaze array pointer

        i = 0

 

        '>>> we will try if any error occures

        '>>> here error will come when we supply wrong password

        On Error Resume Next

        For i = 0 To NoPass - 1

            '>>> password

            TPass = A(i)

            Dim Db As Database

            '>>> build connection string

            Db = OpenDatabase(FileName, False, False, "MS Access;PWD=" &             TPass)

 

            Dim c As Integer

            c = 0

            c = Db.TableDefs.Count

            '>>> if password is coorect

            '>>> you get the table counts

            If c > 0 Then

                '>>> congrats!!!! you find the password

                MsgBox("Password Found, Password is without braces [" & TPass                 & "]", vbInformation)

                Exit For

            End If

        Next

 
This is not very robust code for finding password , it finds password depends on key combination you supply, you may create random pause mechanism after a random numbers of time. Otherwise it may corrupt the file, always take a backup copy of original file before try. it may locked or corrupt. Above password finder program very much efficient to find a 10 bytes password with single case character password within 5 minutes. If everything goes right you will find the password. 

      

You can download this sample source code and Visual Basic 6 (VB6) and Visual Basic .NET (VB.Net) project, source code contains key combination program and password find program for access file.

Click here for DOWNLOAD  Password Recovery Project source files.

So now you know how to create password key combination and how to try each password to crack the file, but for very large password length say more than 10 and different character combinations (characters with case, digits, special characters) it requires a huge amount of time for processor to crack. In brute force cracking we don't have any other option other than try each possible key combination. 

Brute force analysis on shorter key

Type of Key Bits Nos of Keys Test Time/Key No of Threading Avg Search Time
3 digit language key 10 1,000 2 sec 1 17 min
4 digit cash card pin 14 10,000 60 sec 1 3.5 days
Short text password 28 81,450,625 50 micro sec 1 34 min
Long text password 40 1,099,511,627,776 50 micro sec 50 6 days
DES Key 56 72,057,594,037,927,900 50 micro sec 1 5,274 yrs

There is another way to find password it is tough but very much accurate and less time consuming for non ISM type of documents, If you know the byte location of the stored encrypted password, then you just decrypt the encrypted password to get the secret keys. However it requires very good knowledge of byte manipulation. Any way i am not a hacker or cracker, i just want to give you a knowledge of how it works and make your application very much robust and secured.

Tips to Follow make Secret Key and Secured Application

  • Always use alphanumeric password.

  • Use different case mixed with upper and lower case combination

  • Use Special Characters

  • Lock the application if more than 3 times guess for secret key.


Next Password Recovery Source Code



(C) Atanu Maity, 2006-2017