BRUTE: A brute force approach to hacking Unix passwords. Version 1.1 - Version 2.0

    BRUTE:  A brute force approach to hacking Unix passwords.  Version 1.1 - Version 2.0
     
     
    Description

    BRUTE:  A brute force approach to hacking Unix passwords.  Version 1.1
    ------------------------------------------------------------------------------

    Here's how to use it in a nutshell...

    Download the passwd file from your local unix site, or have someone download
    it for you.  It should be in the unix format (that is, line feeds but no
    carriage returns) so don't run it through any conversion programs--Brute uses
    it "as-is".

    To check a single password against your list do this:

    BRUTE passwd Password

    (that would check the passwd file for the password "Password").  Brute is
    case sensitive (just as unix is), so "Password" is different than "password".

    To convince yourself that brute actually works you'll probably want to run it
    with your password and see that it pulls up your account.  It will.

    ---

    Brute can be used with a list of passwords.  In this case, edit up a list or
    use a pre-made one (one password per line) and call brute like this:

    BRUTE passwd @passlist.txt

    (where passlist.txt is the name of your list-of-passwords.  The @ sign tells
    brute that you're using list file).  Note that you don't have to use the name
    "passlist.txt" for your word list, and you don't have to use the name
    "passwd" for the password file.  This allows you to keep separate word lists
    for different types of unix sites, and separate password files.

    Right now that's about it.  There are a few enhancements I'm planning in the
    future, but this ought to do the trick for you.  Any passwords found are
    written to the file "PWD_HITS.DAT".

    Brute ignores unpassworded and invalidly-passworded accounts automatically,
    so you should probably check the passwd file for these babys yourself.

    ---

    Brute is about 25% faster than it's nearest competitor.

    Have fun.

    Prometheus

    ---

    Version 1.1:  Fixed the icky short int bug which causes the "Password"
                  counter to go negative after 32k attempts (changed to long
                  int--now it will go negative should you reach 2 billion
                  attempts in a single setting, which isn't extrememly likely.

                  Added the "*" password to check for the username as a password
                  (forward and reversed).  Either put * on a line by itself in
                  your word list file, or call brute like this: brute passwd *
                  ---

    Version 2.0:  I'm using the fastcrypt routine as ported to DOS by Gandalf and
                  distributed in OBJ form by sir hackalot.  I haven't measured
                  the speed increase, but it's not as much as I had hoped.  Maybe
                  twice as fast.  Anyhow, such is life.Source URL: http://gbejadacosta.blogspot.com/2010/12/brute-brute-force-approach-to-hacking.html
    Visit Gbejada Costa for Daily Updated Hairstyles Collection
My Ping in TotalPing.com

Blog Archive