loading...
Cover image for Genetic algorithms for brute forcing

Genetic algorithms for brute forcing

terceranexus6 profile image Paula ・1 min read

Due to my work I tend to use brute force lists a lot, mostly to test incorrect login management. Sometimes I feel I get really close to correct passwords either guessing or using profiling tools. I don't know if some of you, when it comes to change the default or old passwords you just take your old one and change it a bit. That's mostly wrong btw.

In any case recently I felt like hand-writing customized lists out of guessing on a text file was a poorly decision, so I decided to create a command that creates fitted guessing options from a fitting range using a genetic algorithm. I created a gitlab repo in order to share it and I'd like to improve it, mostly because I know C++ might not be the best option and also because I'm open to suggestions, in general.

If you are curious please check and merge request your ideas!

Example of use with a sample guessed password and the desired fitness 2:

$ ./jockpass myPasswordGu3ss 2

Posted on by:

terceranexus6 profile

Paula

@terceranexus6

Offensive security, into privacy and digital rights. I give speeches, write articles and founded a digital privacy awareness association called Interferencias in Spain. Japanese style tattooing.

Discussion

markdown guide
 

Nice idea! If I got it right, you want to find similar passwords for a given one that you already know? To try out those, because a user might just have used it in a slightly different variation?

In your fitness function you check for quality if each letter. The more exact machtes, the higher the fitness. Is that right?

You could also toy around with a levenshtein distance or consider a lead speak distance. So that for example an i and an 1 are more close to each other. From what I have learned, sometimes certain letters are replaced by number counterparts. And considering that in the fitness function might yield interesting results.

Besides that, I would actually give it a try in Rust, just out of curiosity.

 

This is wonderful thank you. Actually a friend of mine told me today to try out keyboard proximity as a fact as well? so many awesome ideas.

If you know Rust I'd love for a merge request!

 

I'm all but familiar with C++ and biology wasn't my strong suit so I gotta give kudos for not only the functional aspect of the tool you wrote but the way it's written as well. A combination of the terminology used in naming (kinda implicit to do when you use a genetic algorithm but still) and the simple but thoughtful comments really made it understandable for me. πŸ˜‰πŸ™

 

Happy to hear that!

 

This is awesome! You should add your repo to the list of projects at the bottom of this page: github.com/OWASP/www-community/blo...

I'm sure some people who are looking for this kind of tool will find it there. Just for your reference here is where that page is hosted: owasp.org/www-community/Fuzzing

As far as improvements, there is a ton of research out there, sorry I don't have time to read through your code right now but I will sometime this weekend.

 

Thank you so much!

 

Took a glance at it and it looks interesting. I want to do something with Go or Rust so maybe I'll try to recreate it in one of those languages and we can see what works better.

 

Looking forward to see it!

 

How do you measure fitness of a candidate password? I tend to see password checking as this true or false response, which makes it hard to guide the searching performed by the GA.