Help understanding some code

Hi I'm doing some research into brute force password cracking for my university course and my tutor suggested using these lines of code, and I was wondering if anyone could explain it to me. Previously I used multiple arrays.

1
2
3
4
5
6
7
8
9
10
11
12
char digitArray[] = { 'a' - 1,'a','a','a','a','a','a','a','a','a' };

    while (password.compare(generatedPass) != 0) {

        digitArray[0]++;
        for (int x = 0; x <password.length(); x++) {   
            if (digitArray[x] == 'z' + 1)
            {
                digitArray[x] = 'a';
                digitArray[x + 1]++;
            }
        }

more specifically how this achieves the result of cycling through the alphabet comparing it to a password entered.

Last edited on
the best way to see what happens with weird code is to insert print statements.
but this isn't too bad:

if the current letter is 1 past z, presumably this is not allowed in the password, then reset letter to 'a' and increment the next letter.
not sure what is up with that -1. but assume they were all a instead for a 3 digit password of boo.
is password a a a? nope. is it b a a? nope. much later... is it z a a ? nope. z becomes junk and is reset to a, and second a is moved to b. is it a b a? nope. is it b b a? nope. and so on.

Check that -1. Its either some weird ascii trick (does not seem right to me) or a typo.

there are lots of ways to do it. if all possible bytes are allowed in the password, you can cast chunks of it to integers and increment and compare much more efficiently. Here, due to the weird limitations of the allowed letters, that is not useful. I mean, imagine if it could be any combination of all 255 ascii extended values for 8 bytes. Just iterate an int64 until you get it, preferably in as many threads on as hot a machine as you can lay to hand.

Last edited on
Here is the entirety of the program below, the digit array only handles lower case letter, so I think I understand what you mean by it incrementing by 1 each time, how would I now incorporate allowing the user to add capital letters and numbers to their password? Thanks


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
#include "stdafx.h" 
#include <iostream> //= Input output stream! File brought into this project
#include <limits>  
using namespace std;
# include "string"  

int main()
{
	string password;
	string generatedPass;

	cout << "Please enter a password" << endl;
	cin >> password;

	char digitArray[] = { 'a' - 1,'a','a','a','a','a','a','a','a','a' };

	while (password.compare(generatedPass) != 0) {

		digitArray[0]++;
		for (int x = 0; x <password.length(); x++) {   
			if (digitArray[x] == 'z' + 1)
			{
				digitArray[x] = 'a';
				digitArray[x + 1]++;
			}
		}   

		// creating the string with those digits
		generatedPass = digitArray[password.length() - 1]; // i set the first one here

		for (int i = password.length() - 2; i >= 0; i--)
			generatedPass += digitArray[i]; // now i add other digits to next to first digit

		cout << generatedPass << endl; // i put it to test how it looks

	}

	cout << "This is your password " << generatedPass << endl; // gives the result 
	return 0;
the ascii table is annoying for that.
I would just load up a (vector, or string) of the characters you want to check, eg
string checker = "abcdefghijklmnopqrstuvwxyzABCDEF...12345... etc"
and iterate that instead of trying to get cute with the ascii table.

then it works pretty much the same way, it just takes exponentially longer for each letter you check.

just jump back to the first entry in the string when you hit the last entry, same as before, here that might be '9' sets back to 'a' instead of 'z' sets back to 'a'.

technically you wouldnt know the password length and would just send all possible combinations from 1 character to some max length.
Last edited on
Topic archived. No new replies allowed.