A little while ago I got interested in making a pseudo-password cracker. So, here’s some code:
list = [ '1', '2', '3', '4', '5', '6', '7', '8', '9', '0', 'a','b','c','d','e','f','g','h','i','j','k','l','m','n','o','p','q','r','s','t','u','v','w','x','y','z'] # giving it a list passlength = int(input('Length of string: ')) # length of code or no of objects aspass = '' # empty string acts as assumed password passs = input('Please input password ') # he infamous password b = [] # the list that will stores randomly generated passwords as values attempt = 0 digits = 0 o = True while o: for k in range(0, passlength): # run this loop as many times as the length of password x = str(random.choice(list))#the attempted upon digit in the password aspass += x digits += 1 # counts the step the cracker is on #print(aspass) if(len(aspass) > passlength or aspass in b): digits = 0 attempt += 1 break else: continue #b.append(aspass) if(aspass == passs): break o = False end() else: b.append(aspass) aspass = '' continue
The thing here is, everything works and it generates 2 string password petty well. However, if length exceeds 2 or 3 strings. Well, it kind of moves at snail pace. Then I got an idea, if I could save the randomly generated password in the “b” list that I made and make sure that the passwords in that list are not repeated in the process then i think it will run significantly faster.
As I am a total beginner I am out of ideas how to make it faster any other way. What things can I try (e.g. importable modules) to improve this?
Advertisement
Answer
Password cracking is not an easy job. Think about the search space you have to go through as the length of the password grows. Your list of the possible characters contains 26 letters and 10 digits (by the way you can use string.digits
and string.ascii_lowercase
). So, for the first character in your password there are 36 options. The second has 36 options, the 3rd has 36 options and so on. Therefor, for a password of length n
you will have 3^n options. As you can quickly see, this number is growing extremely rapidly even for small numbers.
Your method of cracking the password is called Brute-force attack and it’s extremely inefficient, especially considering the fact that most password are not stored as plain text but as hashed string.
Few other notes:
- You variables names are not great. Most of them are meaningless and it makes your code much harder to understand.
- You select random string instead of going through all the possible options in order. You have no way to cover all the options using this method. You can use itertools.permutations for iterating over all the options.
- Don’t use parenthesis in
if
statements, it’s not the Python way. Please.