Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Brutle Forcer! <gets "7637865" password in 1Min
Goto page Previous  1, 2, 3, 4, 5  Next
 
Post new topic   This topic is locked: you cannot edit posts or make replies.    Cheat Engine Forum Index -> General programming -> Binaries
View previous topic :: View next topic  
Author Message
rapion124
Grandmaster Cheater Supreme
Reputation: 0

Joined: 25 Mar 2007
Posts: 1097

PostPosted: Fri Dec 12, 2008 2:22 pm    Post subject: Reply with quote

You cannot brute force a password for a website in a timely fashion. Even if the password is plain-text, it will take maybe 200ms for you to send the password data to the server, and maybe another 200ms for the response.

That is literally thousands of times slower than brute forcing a local password. Even a P4 can count from 0 to 10^8 and do a "cmp" for each number in less than a minute.
Back to top
View user's profile Send private message
Jorg hi
I post too much
Reputation: 7

Joined: 24 Dec 2007
Posts: 2276
Location: Minnesota

PostPosted: Fri Dec 12, 2008 5:34 pm    Post subject: Reply with quote

rapion124 wrote:
You cannot brute force a password for a website in a timely fashion. Even if the password is plain-text, it will take maybe 200ms for you to send the password data to the server, and maybe another 200ms for the response.

That is literally thousands of times slower than brute forcing a local password. Even a P4 can count from 0 to 10^8 and do a "cmp" for each number in less than a minute.


Yes but what if the server was hosted by you?

Edit:I'm a year smarter now.

I mean that what if you send a bruteforcer virus to someones server/pc and it trys to brute force it there but the password/server is encrypted.

_________________
CEF will always stay alive.


Last edited by Jorg hi on Thu Jun 10, 2010 8:05 pm; edited 1 time in total
Back to top
View user's profile Send private message
killer1478
Grandmaster Cheater
Reputation: -1

Joined: 20 Jul 2007
Posts: 845
Location: Watching You Threw My Internet Eye

PostPosted: Sat Dec 13, 2008 7:37 pm    Post subject: Reply with quote

D: i used 123456789 and it took 4 ever O:
_________________

^^^CLICK FOR FREE PORN^^^


Killer
RULES! !``
Back to top
View user's profile Send private message
Jonyleeson
Master Cheater
Reputation: 0

Joined: 03 May 2007
Posts: 484
Location: Hrault, France

PostPosted: Sun Dec 14, 2008 5:30 pm    Post subject: Reply with quote

Jorg hi wrote:
rapion124 wrote:
You cannot brute force a password for a website in a timely fashion. Even if the password is plain-text, it will take maybe 200ms for you to send the password data to the server, and maybe another 200ms for the response.

That is literally thousands of times slower than brute forcing a local password. Even a P4 can count from 0 to 10^8 and do a "cmp" for each number in less than a minute.


Yes but what if the server was hosted by you?

If you're hosting the server, you have direct access to the password.
Sense, you make none.
Back to top
View user's profile Send private message
nog_lorp
Grandmaster Cheater
Reputation: 0

Joined: 26 Feb 2006
Posts: 743

PostPosted: Tue Dec 16, 2008 3:13 pm    Post subject: Reply with quote

Jorg hi wrote:
Yes but what if you already had the plaintext password and therefore had no reason to use a brute forcer?


Fixed.

_________________
Mutilated lips give a kiss on the wrist of the worm-like tips of tentacles expanding in my mind
I'm fine accepting only fresh brine you can get another drop of this yeah you wish
Back to top
View user's profile Send private message
Jvlaple
Grandmaster Cheater
Reputation: 0

Joined: 15 Dec 2008
Posts: 770

PostPosted: Wed Dec 24, 2008 10:39 pm    Post subject: Reply with quote

Lol its made in GameMaker xD
Back to top
View user's profile Send private message
kitterz
Grandmaster Cheater Supreme
Reputation: 0

Joined: 24 Dec 2007
Posts: 1268

PostPosted: Wed Dec 24, 2008 10:54 pm    Post subject: Reply with quote

So...does this work or not? =/
_________________
Back to top
View user's profile Send private message Send e-mail
Jvlaple
Grandmaster Cheater
Reputation: 0

Joined: 15 Dec 2008
Posts: 770

PostPosted: Thu Dec 25, 2008 7:42 am    Post subject: Reply with quote

kitterz wrote:
So...does this work or not? =/


work , but extremely slow due to interpretation by GMKER -_-
Back to top
View user's profile Send private message
Jorg hi
I post too much
Reputation: 7

Joined: 24 Dec 2007
Posts: 2276
Location: Minnesota

PostPosted: Thu Dec 25, 2008 1:54 pm    Post subject: Reply with quote

Jvlaple wrote:
kitterz wrote:
So...does this work or not? =/


work , but extremely slow due to interpretation by GMKER -_-


I tried one in c++ it got the pass "7637865" in 3 seconds Confused

_________________
CEF will always stay alive.
Back to top
View user's profile Send private message
nog_lorp
Grandmaster Cheater
Reputation: 0

Joined: 26 Feb 2006
Posts: 743

PostPosted: Thu Dec 25, 2008 2:51 pm    Post subject: Reply with quote

Sigh...
_________________
Mutilated lips give a kiss on the wrist of the worm-like tips of tentacles expanding in my mind
I'm fine accepting only fresh brine you can get another drop of this yeah you wish
Back to top
View user's profile Send private message
Jorg hi
I post too much
Reputation: 7

Joined: 24 Dec 2007
Posts: 2276
Location: Minnesota

PostPosted: Thu Dec 25, 2008 5:56 pm    Post subject: Reply with quote

nog_lorp wrote:
Sigh...


I'm going to make a faster one that brutle forces ACSI or 2-bit Cool

_________________
CEF will always stay alive.
Back to top
View user's profile Send private message
92Garfield
I'm a spammer
Reputation: 57

Joined: 20 Dec 2007
Posts: 5871
Location: Banana Republic Germany

PostPosted: Thu Jan 01, 2009 9:36 am    Post subject: This post has 1 review(s) Reply with quote

Does this only count up? Confused
_________________
Back to top
View user's profile Send private message
Jorg hi
I post too much
Reputation: 7

Joined: 24 Dec 2007
Posts: 2276
Location: Minnesota

PostPosted: Thu Jun 10, 2010 8:05 pm    Post subject: Reply with quote

Jonyleeson wrote:
Jorg hi wrote:
rapion124 wrote:
You cannot brute force a password for a website in a timely fashion. Even if the password is plain-text, it will take maybe 200ms for you to send the password data to the server, and maybe another 200ms for the response.

That is literally thousands of times slower than brute forcing a local password. Even a P4 can count from 0 to 10^8 and do a "cmp" for each number in less than a minute.


Yes but what if the server was hosted by you?

If you're hosting the server, you have direct access to the password.
Sense, you make none.

_________________
CEF will always stay alive.
Back to top
View user's profile Send private message
Slugsnack
Grandmaster Cheater Supreme
Reputation: 71

Joined: 24 Jan 2007
Posts: 1858

PostPosted: Thu Jun 10, 2010 9:47 pm    Post subject: Reply with quote

Nobody seems to have noticed the fallacy rapion124 has made there. He assumes that a bruteforcer has to run in a single thread and has to wait for a reply to each request before making the next one. The fact of the matter is you could have hundreds of threads. And have them all synchronise in such a way that they all try different passwords. All the threads run concurrently so waiting for a reply is not an issue.

As for counting and comparing in less than a minute. loooollll

Code:
include \masm32\include\masm32rt.inc

.code
start:

xor ebx, ebx
  invoke AllocConsole
  invoke GetTickCount
mov esi, eax

mov eax, 100000000 ; 10^8

  @@:

cmp eax, 1
dec eax
test eax, eax
jnz @b

  invoke GetTickCount
sub eax, esi
    print ustr$(eax)

  @@:

  invoke Sleep, 100
  invoke crt__kbhit
test eax, eax
jz @b


  invoke FreeConsole
  invoke ExitProcess, ebx

end start


I count 78ms on my machine. I little shorter than a minute Neutral
Back to top
View user's profile Send private message
hcavolsdsadgadsg
I'm a spammer
Reputation: 26

Joined: 11 Jun 2007
Posts: 5804

PostPosted: Thu Jun 10, 2010 10:40 pm    Post subject: Reply with quote

brute forcing becomes an effort in futility very quickly as the password strength ramps up.

a strong enough password will easily outlast your lifetime regardless of what kind of horsepower you throw at it.

something like a 512 bit password probably results in a number of possibilities bigger than the number of known stars in the observable universe or some shit. it's effectively uncrackable, you'll never survive to see the outcome.



ܨ?쵩I[No0ΝF7z<?q7}ì"e?õpbnW=?R}=:?

this alone would probably never be figured out.


at that level of complexity, number of potential combinations is ridiculous.
if my math is right:

2,772,669,690,
000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,
000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000

so assuming you're managing 100 trillion attempts a day, in one hundred years, you would have managed to plow out

100 trillion a day:
3,650,000,000,000,000,000 of those possibilities.

100 trillion a second:
315,360,000,000,000,000,000,000


needless to say, LAFF.


Last edited by hcavolsdsadgadsg on Thu Jun 10, 2010 11:37 pm; edited 3 times in total
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   This topic is locked: you cannot edit posts or make replies.    Cheat Engine Forum Index -> General programming -> Binaries All times are GMT - 6 Hours
Goto page Previous  1, 2, 3, 4, 5  Next
Page 3 of 5

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites