How to make a brute forcer [?]

Hello everyone, I'm trying to make a rednet password hacker but I can't find out how to brute force. Does anyone know how? (I know 1 way but it will take forever)

Brute forcing does take forever. You start at 0, work your way up through every entry in a range.

Lyqyd, on 11 September 2012 - 05:05 AM said:

Brute forcing does take forever. You start at 0, work your way up through every entry in a range.

Is there a api to convert the number to a letter?

Like this:

value = 1
while true do
  value = value+1
  rednet.send(serverID, toWord(value)
  id, message = rednet.receive()
  if message == "login_success" then
    print("Complete!")
    print(tWords(value))
    error()
  end
end

The string manipulation functions may have what you're looking for. I can't recall. Worst case scenario, just make a list of all the characters and a function to iterate through the possibilities.

lol, cool idea. I'm going to have to make one of these now :D/>/>

I bet LUA has a command to convert key to numerical value… most languages do, if you find it please inform me… great idea BTW

Here is my basic prototype, you would send the keycode instead but I was just testing

local id=1
local password='bbc'
chars={'a','b','c','d','e','f','g','h','i','j','k','l','m','n','o','p','q','r','s','t','u','v','w','x','y','z',' '}
--chars={'a','b','c','d','e','f','g','h','i','j','k','l','m','n','o','p','q','r','s','t','u','v','w','x','y','z',',','.','/',';',''','[',']','-','=','','<','>','?',':','"','{','}','_','+','`','~','1','2','3','4','5','6','7','8','9','0','!','@','#','$','%','^','&amp;','*','(',')',' '}
function cyclechar(current)
local tChars={}
for i=1,#current do
  tChars[#tChars+1]=string.sub(current,i,i)
end
--for k,v in pairs(tChars) do print(v) end
local at=#tChars+1
local returned=nil
local looping=1
while looping==1 do
  at=at-1
  if at==0 then
   returned='a'
   break
  end
  for k,v in pairs(chars) do
   if tChars[at]==v and k~=#chars then
    tChars[at]=chars[k+1]
    looping=0
    break
   elseif tChars[at]==v and k==#chars then
    tChars[at]=chars[1]
   end
  end
end
local returned=returned or ''
for k,v in pairs(tChars) do
  returned=returned..v
end
return returned
end
local keycode='a'
while true do
term.clear()
term.setCursorPos(1,1)
print(keycode)
if keycode==password then
  print('found password: '..keycode)
  while true do sleep(10) end
end
keycode=cyclechar(keycode)
sleep(0)
end

KaoS, on 12 September 2012 - 11:44 AM said:

Here is my basic prototype, you would send the keycode instead but I was just testing

local id=1
local password='bbc'
chars={'a','b','c','d','e','f','g','h','i','j','k','l','m','n','o','p','q','r','s','t','u','v','w','x','y','z',' '}
--chars={'a','b','c','d','e','f','g','h','i','j','k','l','m','n','o','p','q','r','s','t','u','v','w','x','y','z',',','.','/',';',''','[',']','-','=','','<','>','?',':','"','{','}','_','+','`','~','1','2','3','4','5','6','7','8','9','0','!','@','#','$','%','^','&amp;','*','(',')',' '}
function cyclechar(current)
local tChars={}
for i=1,#current do
  tChars[#tChars+1]=string.sub(current,i,i)
end
--for k,v in pairs(tChars) do print(v) end
local at=#tChars+1
local returned=nil
local looping=1
while looping==1 do
  at=at-1
  if at==0 then
   returned='a'
   break
  end
  for k,v in pairs(chars) do
   if tChars[at]==v and k~=#chars then
	tChars[at]=chars[k+1]
	looping=0
	break
   elseif tChars[at]==v and k==#chars then
	tChars[at]=chars[1]
   end
  end
end
local returned=returned or ''
for k,v in pairs(tChars) do
  returned=returned..v
end
return returned
end
local keycode='a'
while true do
term.clear()
term.setCursorPos(1,1)
print(keycode)
if keycode==password then
  print('found password: '..keycode)
  while true do sleep(10) end
end
keycode=cyclechar(keycode)
sleep(0)
end

Thanks, this worked! :)/>/>

no problem, you also need to add capital letters to the table in case they use those. There is a problem though, you can easily protect your system from this, initially I thought to just make my password/keyword accepting PC wait a second after it received incorrect input but I realised that it would cause issues in a high traffic system. all you do is make your PC wait for 2 separate messages one after the other, the brute forcer would not get this right

I make my computers check the ID that sent the request, so it can validate it!

That is another method but it is tiresome to constantly be looking up ids and adding them to your code

I agree, but its full proof!

Unless you code your own OS and add a ID spoofer.. haha!

haha, I love it when people think their system is unbreakable, all I do is get a computer looping at max speed broadcasting 'aa' and a second one as well to be sure, a spam bot if you like, illegal on most server but still effective on almost any system. disk hacking is also an option, take over their PC and use its ID to pirate the others :)/>/>

You mean your going to DDoS the computer?

Yep, gotta be careful though or you may get banned from servers, only do it on PvP and servers that allow hacking

Tanks for sharing, KaoS.

goldiekruger, on 16 September 2012 - 01:59 PM said:

Tanks for sharing, KaoS.

Thanks :)/>/> always great to know it helps