-
Notifications
You must be signed in to change notification settings - Fork 0
/
hack.bas
113 lines (113 loc) · 4.06 KB
/
hack.bas
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
V REM +------------------------------------------------+
X REM | HACK.BAS (c) 19100 fr33 v4r14bl3z |
XV REM | |
XX REM | Brute-forces passwords on UM vIX.0 systems. |
XXV REM | Compile with Qvickbasic VII.0 or later: |
XXX REM | /bin/qbasic hack.bas |
XXXV REM | Then run: |
XL REM | ./hack.exe username |
XLV REM | |
L REM | This program is for educational purposes only! |
LV REM +------------------------------------------------+
LX REM
LXV IF ARGS() > I THEN GOTO LXXXV
LXX PRINT "usage: ./hack.exe username"
LXXV PRINT CHR(X)
LXXX END
LXXXV REM
XC REM get username from command line
XCV DIM username AS STRING
C username = ARG(II)
CV REM common words used in passwords
CX DIM pwdcount AS INTEGER
CXV pwdcount = LIII
CXX DIM words(pwdcount) AS STRING
CXXV words(I) = "airplane"
CXXX words(II) = "alphabet"
CXXXV words(III) = "aviator"
CXL words(IV) = "bidirectional"
CXLV words(V) = "changeme"
CL words(VI) = "creosote"
CLV words(VII) = "cyclone"
CLX words(VIII) = "december"
CLXV words(IX) = "dolphin"
CLXX words(X) = "elephant"
CLXXV words(XI) = "ersatz"
CLXXX words(XII) = "falderal"
CLXXXV words(XIII) = "functional"
CXC words(XIV) = "future"
CXCV words(XV) = "guitar"
CC words(XVI) = "gymnast"
CCV words(XVII) = "hello"
CCX words(XVIII) = "imbroglio"
CCXV words(XIX) = "january"
CCXX words(XX) = "joshua"
CCXXV words(XXI) = "kernel"
CCXXX words(XXII) = "kingfish"
CCXXXV words(XXIII) = "(\b.bb)(\v.vv)"
CCXL words(XXIV) = "millennium"
CCXLV words(XXV) = "monday"
CCL words(XXVI) = "nemesis"
CCLV words(XXVII) = "oatmeal"
CCLX words(XXVIII) = "october"
CCLXV words(XXIX) = "paladin"
CCLXX words(XXX) = "pass"
CCLXXV words(XXXI) = "password"
CCLXXX words(XXXII) = "penguin"
CCLXXXV words(XXXIII) = "polynomial"
CCXC words(XXXIV) = "popcorn"
CCXCV words(XXXV) = "qwerty"
CCC words(XXXVI) = "sailor"
CCCV words(XXXVII) = "swordfish"
CCCX words(XXXVIII) = "symmetry"
CCCXV words(XXXIX) = "system"
CCCXX words(XL) = "tattoo"
CCCXXV words(XLI) = "thursday"
CCCXXX words(XLII) = "tinman"
CCCXXXV words(XLIII) = "topography"
CCCXL words(XLIV) = "unicorn"
CCCXLV words(XLV) = "vader"
CCCL words(XLVI) = "vampire"
CCCLV words(XLVII) = "viper"
CCCLX words(XLVIII) = "warez"
CCCLXV words(XLIX) = "xanadu"
CCCLXX words(L) = "xyzzy"
CCCLXXV words(LI) = "zephyr"
CCCLXXX words(LII) = "zeppelin"
CCCLXXXV words(LIII) = "zxcvbnm"
CCCXC REM try each password
CCCXCV PRINT "attempting hack with " + pwdcount + " passwords " + CHR(X)
CD DIM i AS INTEGER
CDV i = I
CDX IF CHECKPASS(username, words(i)) THEN GOTO CDXXX
CDXV i = i + I
CDXX IF i > pwdcount THEN GOTO CDXLV
CDXXV GOTO CDX
CDXXX PRINT "found match!! for user " + username + CHR(X)
CDXXXV PRINT "password: " + words(i) + CHR(X)
CDXL END
CDXLV PRINT "no simple matches for user " + username + CHR(X)
CDL REM
CDLV REM the above code will probably crack passwords for many
CDLX REM users so I always try it first. when it fails, I try the
CDLXV REM more expensive method below.
CDLXX REM
CDLXXV REM passwords often take the form
CDLXXX REM dictwordDD
CDLXXXV REM where DD is a two-digit decimal number. try these next:
CDXC i = I
CDXCV DIM j AS INTEGER
D j = I
DV DIM pass AS STRING
DX pass = words(i) + j
DXV IF CHECKPASS(username, pass) THEN GOTO DXLV
DXX j = j + I
DXXV IF j < C THEN GOTO DX
DXXX i = i + I
DXXXV IF i > pwdcount THEN GOTO DLX
DXL GOTO DX
DXLV PRINT "found match!! for user " + username + CHR(X)
DL PRINT "password: " + pass + CHR(X)
DLV END
DLX PRINT "no matches found for user " + username + CHR(X)
DLXV END