wordlist generator

Lets get down to business on ASM, reverse engineering, product activation, and what it's really all about. [ THERE ARE NO WAREZ HERE ]
Post Reply
User avatar
stasik
Guru
Posts: 525
Joined: Thu Oct 12, 2006 8:38 am
Location: dublin

wordlist generator

Post by stasik » Tue May 20, 2008 2:04 pm

A while ago i was looking for a wordlist generator that will create words of given character set and could not find any, so i decided to write it myself. The soft will generate all possible words of given character set, of defined length and save them to a text file. This is useful for the bruteforce attack when char set is known or at least partially known. Generating all possible words for the full alphabet will take time and space. Before generating words, it will display the number of words which will be generated, and the final size of the text file, so the user will have a rough idea of time/size. While generating, the soft will display: actual word, percentage of the work done, time elapsed, time left, speed and actual file size in perioud chosen by the user. The character set inputed by the user will be sorted and duplicates will be removed.

Edited: user have the option to select fow often the progress to be displayed

Download the source code: http://stasiunea.com/soft/wordlist.cpp
Download the executable: http://stasiunea.com/soft/wordlist.exe

Update: Copy of the source can be found here: http://coolfire.insomnia247.nl/hackerth ... rdlist.cpp
Attachments
wordlist.JPG
wordlist generator in action)
wordlist.JPG (89.87 KiB) Viewed 59099 times
Last edited by Cool_Fire on Fri Aug 17, 2012 5:04 am, edited 4 times in total.
Reason: Added mirror link for source code.

User avatar
IceDane
Because I Can
Posts: 2652
Joined: Wed May 12, 2004 9:25 am

Re: wordlist generator

Post by IceDane » Tue May 20, 2008 3:18 pm

Very nice, mate, truly - I was about to code one of those myself, actually.

However, please post the source-code. Most of us are going to be reluctant to download and execute .exes from people on the internet, and then there's the obvious learning experience to be gained from reading the source-code.

Also: I can give you a hint without seeing the source-code - it looks as if you're actually displaying every single permutation of the data. This means that just purely lowercase alphabetical password will need 11881376 statements to be printed. This is important, because printing to the console is probably one of the slowest operations. I guarantee you that without printing output, the generator will be much faster.

User avatar
stasik
Guru
Posts: 525
Joined: Thu Oct 12, 2006 8:38 am
Location: dublin

Re: wordlist generator

Post by stasik » Tue May 20, 2008 4:28 pm

Thanks for the reply. Indeed the soft is printing every single string generated. I ll put the delay to display the info every 5 sec or something like that. The code is a mess coz i wrote it during working hours at work and could be optimized, but i ll post the code anyway.
***
I edited the soft and now it displays the info every 10 sec, for 1 sec, and the speed is 100 times faster. Link to both exe and source code is available in the initial post. Thanks a lot for the hint!!!

User avatar
Aiden
Administrator
Posts: 1080
Joined: Tue Oct 31, 2006 11:11 pm
Location: /usr/bin/perl

Re: wordlist generator

Post by Aiden » Tue May 20, 2008 9:59 pm

If making it display every 10 seconds increased the speed 100-fold, why not take an approach like nmap where the user can decide when they want a progress report by pressing space or something similar. Waay less printing, yet still keeps the user up to date. It might even speed it up a bit more ;)
"When it takes forever to learn all the rules, no time is left for breaking them."

User avatar
IceDane
Because I Can
Posts: 2652
Joined: Wed May 12, 2004 9:25 am

Re: wordlist generator

Post by IceDane » Wed May 21, 2008 1:20 am

Oh man, that's what I feared.

Sure, your method works, but using loops and loops and loops and loops and repetitive code is not the way forth. When I finally code one, I'll show you the difference.

User avatar
stasik
Guru
Posts: 525
Joined: Thu Oct 12, 2006 8:38 am
Location: dublin

Re: wordlist generator

Post by stasik » Wed May 21, 2008 2:33 am

I ve told you its a mess.. Could not get rids of those loops as there are few similarities between them. Still can be used before any better one is out.

User avatar
IceDane
Because I Can
Posts: 2652
Joined: Wed May 12, 2004 9:25 am

Re: wordlist generator

Post by IceDane » Wed May 21, 2008 3:55 am

stasik wrote:I ve told you its a mess.. Could not get rids of those loops as there are few similarities between them. Still can be used before any better one is out.
Don't get me wrong - it's good initiative, and the fact that you actually coded something this big is good. The code is also nicely formatted and indented, but it's just not programmed using an optimal algorithm, even though it's pretty fast.

However, even though optimized, the code is bound to have a lot of loops. One could do it recursively, but that's extremely inefficient.

EDIT:

Also, to explain what I mean; this code:

Code: Select all

while((strcmp (min_char,"1") != 0) && (strcmp (min_char,"2") != 0) &&
		(strcmp (min_char,"3") != 0) && (strcmp (min_char,"4") != 0) &&
		(strcmp (min_char,"5") != 0) && (strcmp (min_char,"6") != 0) &&
		(strcmp (min_char,"7") != 0) && (strcmp (min_char,"8") != 0) &&
		(strcmp (min_char,"9") != 0) && (strcmp (min_char,"10") != 0) &&
		(strcmp (min_char,"11") != 0) && (strcmp (min_char,"12") != 0) &&
		(strcmp (min_char,"13") != 0) && (strcmp (min_char,"14") != 0) &&
		(strcmp (min_char,"15") != 0) && (strcmp (min_char,"16") != 0)) // make sure digit is entered
	{
		printf ("\n*********");
		printf ("\n*[ERROR]* The input should be a digit between 1 and 16. Try again!");
		printf ("\n*********\n");
		printf ("\n minimum number of characters: ");

		cin.getline (min_char,array_length,'\n'); 
	}

	if(strcmp (min_char,"1") == 0 ) {a = 1;} // if digit is entered, what integer?
	if(strcmp (min_char,"2") == 0 ) {a = 2;}
	if(strcmp (min_char,"3") == 0 ) {a = 3;}
	if(strcmp (min_char,"4") == 0 ) {a = 4;}
	if(strcmp (min_char,"5") == 0 ) {a = 5;}
	if(strcmp (min_char,"6") == 0 ) {a = 6;}
	if(strcmp (min_char,"7") == 0 ) {a = 7;}
	if(strcmp (min_char,"8") == 0 ) {a = 8;}
	if(strcmp (min_char,"9") == 0 ) {a = 9;}
	if(strcmp (min_char,"10") == 0 ) {a = 10;}
	if(strcmp (min_char,"11") == 0 ) {a = 11;}
	if(strcmp (min_char,"12") == 0 ) {a = 12;}
	if(strcmp (min_char,"13") == 0 ) {a = 13;}
	if(strcmp (min_char,"14") == 0 ) {a = 14;}
	if(strcmp (min_char,"15") == 0 ) {a = 15;}
	if(strcmp (min_char,"16") == 0 ) {a = 16;}

Can be replaced with:

Code: Select all


int minChar = atoi(min_char);

if(minChar < 1 || minChar > 16)
{
     printf("Min length must be between 1 and 16.\n");

     // .. Do something about it ..

}

Also, you should decide on which language you're using. If you're using C++, which is implied by the headers you include, and the use of the cin class - you should be using the string class, not C-style arrays(String class is MUCH better) and cout instead of printf.

You should also add "using namespace std;" below your include directives, and remove the ".h" in front of iostream, because iostream.h is deprecated.

However, most of all, you should also get a real compiler. What are you using? Try getting Code::Blocks, and configuring it to turn on the highest warning level.

User avatar
stasik
Guru
Posts: 525
Joined: Thu Oct 12, 2006 8:38 am
Location: dublin

Re: wordlist generator

Post by stasik » Wed May 21, 2008 5:49 pm

I dont know about you, but when i start coding i like to write every thing the long way, make me understand better + make less error, then optimize/reduce what i can. I used C style as printf is faster than cout, or am i wrong? At work i use Visual Basic C++, but at home i compiled with Borland C++ 5.5. Its a bit old (2000) and its command line. When i tried to compile the code i got errors, but at work was working ok. Which compiler would you advise?
Also i looked into displaying the progress when the user press a key (space) but some library has to be imported and its a lot of work. Maybe the user should use the interval for the info display...

fivefold
htd0rg lieutenant
Posts: 412
Joined: Thu Feb 23, 2006 5:02 pm
Location: YXJlbid0IHlvdSBjbGV2ZXIu

Re: wordlist generator

Post by fivefold » Wed May 21, 2008 10:38 pm

stasik wrote:I dont know about you, but when i start coding i like to write every thing the long way, make me understand better + make less error, then optimize/reduce what i can.
That's what pseudocode is for. But hey, whatever werks for you.
Buffalo buffalo Buffalo buffalo buffalo buffalo Buffalo buffalo.

User avatar
IceDane
Because I Can
Posts: 2652
Joined: Wed May 12, 2004 9:25 am

Re: wordlist generator

Post by IceDane » Thu May 22, 2008 1:22 am

stasik wrote:I dont know about you, but when i start coding i like to write every thing the long way, make me understand better + make less error, then optimize/reduce what i can. I used C style as printf is faster than cout, or am i wrong? At work i use Visual Basic C++, but at home i compiled with Borland C++ 5.5. Its a bit old (2000) and its command line. When i tried to compile the code i got errors, but at work was working ok. Which compiler would you advise?
Also i looked into displaying the progress when the user press a key (space) but some library has to be imported and its a lot of work. Maybe the user should use the interval for the info display...
The newer compiler the better - it's bound to support newer standards. As to printf and cout, no, it shouldn't really be faster. The difference shouldn't be noticeable, really, since they both use the same way of writing to the console.

Allucard
n00b
Posts: 1
Joined: Wed Jun 13, 2012 12:16 pm

Re: wordlist generator

Post by Allucard » Wed Jun 13, 2012 12:22 pm

can you get the link for the source code of the wordlist working again???

User avatar
Cool_Fire
Not a sandwich
Posts: 1912
Joined: Fri May 09, 2003 1:20 pm
Location: 41 6d 73 74 65 72 64 61 6d
Contact:

Re: wordlist generator

Post by Cool_Fire » Fri Aug 17, 2012 5:03 am

The only copy I could find is from March 4th, 2009.
I've copied it here:
http://coolfire.insomnia247.nl/hackerth ... rdlist.cpp

Also, look here for a Topic-45221
It only does one set length, but that's easily solved with an extra loop around it. I'm not sure if it's going to be any faster than the C++ one (probably not) but I would say it's a lot more comprehensible.
If we're breaking the rules, then how come you can't catch us? You can't find us? I know why. Cause, it's ... MAGIC!
Hackerthreads chat, where the party is going 24/7.

Post Reply