domenica 1 dicembre 2013

Words permutation for passwords generation

When you are performing a password bruteforcing you may have some hints on the password format, of course it is a pity not to exploit this information. During one of my test I noticed that a lot of passwords were based on some year number plus some words combination, like mimmo1983 or oracle2010db.

In order to use this knowledge I have created a little F# script that combines the inputs lists values in order to create all possible permutations.
I am pretty sure that you can do the same with John The Ripper, but I couldn't miss the opportunity to write some F# code. Of course you can use the code for other purposes, even not malicious ones!


let combineValues (listOfList: _ list list) =
    let indexArray = Array.zeroCreate(listOfList.Length)

    let rec combineValuesImpl (listOfList: _ list list) (listIndex: Int32 list) (currentScannedListIndex: Int32) = 
 seq {

  let currentScannedListOverflow =
   let currentList = listOfList.[currentScannedListIndex]
   if listIndex.[currentScannedListIndex] >= currentList.Length  then true
   else false
   
  if currentScannedListOverflow then
   // update the indexs           
   let newListIndex = Array.copy(listIndex |> Array.ofList)     
   newListIndex.[currentScannedListIndex] <- newListIndex.[currentScannedListIndex] + 1

   // zeroes the previous index
   for i in [0 .. currentScannedListIndex] do                        
    newListIndex.[i] <- 0

   // update the next list index
   let updateNextIndex = ref true
   for i in [currentScannedListIndex+1 .. listIndex.Length-1] do
    if !updateNextIndex then
     let li = listIndex.[i] + 1
     if li >= listOfList.[i].Length then
      newListIndex.[i] <- 0
     else 
      newListIndex.[i] <- li
      updateNextIndex := false

   if not(!updateNextIndex) then
    yield! combineValuesImpl listOfList (newListIndex |> List.ofSeq) 0
  else
   // calculate value
   let newCombination = Array.zeroCreate<_>(listOfList.Length)
   for i in [0..listOfList.Length-1] do
    let listValIndex = listIndex.[i]
    let listVal = listOfList.[i].[listValIndex]
    newCombination.[i] <- listVal
   yield newCombination
  
   // update the indexs           
   let newListIndex = Array.copy(listIndex |> Array.ofList)     
   newListIndex.[currentScannedListIndex] <- newListIndex.[currentScannedListIndex] + 1

   // iterate
   yield! combineValuesImpl listOfList (newListIndex |> List.ofSeq) currentScannedListIndex
 }

    combineValuesImpl listOfList (indexArray |> List.ofArray) 0
Follow an example of usage:
for test in (combineValues [["oracle"; "tomcat"]; ["password"; "secret"]; ["letmein"; "qwerty"; "123456"]]) do
    printf "%s-%s-%s\n" test.[0] test.[1] test.[2]

which produce the following result
oracle-password-letmein
tomcat-password-letmein
oracle-secret-letmein
tomcat-secret-letmein
oracle-password-qwerty
tomcat-password-qwerty
oracle-secret-qwerty
tomcat-secret-qwerty
oracle-password-123456
tomcat-password-123456
oracle-secret-123456
tomcat-secret-123456
if you want to try it (maybe with your custom words list) checkout this link.