Browsing: Windows

WPA Password Verification Tool

I was going through my computer projects and realised that I never shared this one on my website. It’s a tool, coded in C++ that checks a text file for WPA/WPA2 password compatibility. It is most helpful in network security applications / pentesting when you have a password list and aren’t sure just how much of the list is actually a legitimate password.

For example, we have a text file with these contents:

Good Password
good password

Good Password 1234567890
good password 1234567890

GoodPassword
goodpassword

BadPass
badpass
badpa55

badpas™
BadPas™
B3dPas™

This is a bad password because the character length is way above the maximum limit of 63 characters, and WPA won’t allow such horrible things to exist in the first place anyways.

If we run the tool on it, we get these results:

A picture of the tool in action

 

Finally, here is the source code of the project. It should be able to be compiled with just about any compiler on any operating system.

#include <iostream>
#include <fstream>
#include <string>

int help(char *argv[]) {
std::cout << “Usage: ” << argv[0] << ” <PasswordFile> [Options]” << std::endl;
std::cout << ”  Options:” << std::endl;
std::cout << ”    -wpa  Verify password list using WPA Rules (WPA uses same rules as WPA2)” << std::endl;
//std::cout << ”    -clean    Automatically delete invalid passwords from file” << std::endl;
std::cout << ”    -goodlist Print all valid passwords” << std::endl;
std::cout << ”    -badlist  Print all invalid passwords” << std::endl;
std::cout << ”  Example:” << std::endl;
std::cout << ”    ” << argv[0] << ” passwordlist.txt -wpa -badlist” << std::endl;

return(1);
}

int does_exist(char *filetouse) {
//first check to see if the cfg file exists
FILE * pFile;
if(pFile = fopen (filetouse,”r”)) {
//the file exists
return(1);
} else {
//the file doesnt exist
return(0);
}
}

int verify(int argc, char *argv[]) {
//variables for later usage
//booleans for user options
bool wpa = false;
//bool clean = false;
bool goodlist = false;
bool badlist = false;
//strings for file reading
std::string password;
std::ifstream infile;
//strings for password statistics
int numberoflines = 0;
int numberoftolong = 0;
int numberoftoshort = 0;
int numberofbadchar = 0;
int numberofgood = 0;
int numberofempty = 0;

const char *filetouse = argv[1];

//check all the options
for (int i = 0; i < argc; i++) {
//options are -wpa -clean -goodlist -badlist
std::string options[4] = {“-wpa”,”-clean”,”-goodlist”,”-badlist”};
if(argv[i] == options[0]) {
wpa = true;
}
/*if(argv[i] == options[1]) {
clean = true;
}*/
if(argv[i] == options[2]) {
goodlist = true;
}
if(argv[i] == options[3]) {
badlist = true;
}
}

//read the file line by line and check to see if the passwords are right
infile.open(filetouse); //open the user file
while(getline(infile, password)) { //while not the end of the file
//getline(infile,password); //read the current line to std::string password

//count the lines in the password field
numberoflines += 1;

//check password
if(wpa == true) { //if checking WPA Rules
if(password == “”) { //empty line
//skip empty lines
numberofempty += 1;
} else if(password.size() > 63) {
//password is to big to be used
if(badlist == true) {
std::cout << password << std::endl;
}
numberoftolong += 1;
} else if(password.size() < 8) {
//password is to small to be used
if(badlist == true) {
std::cout << password << std::endl;
}
numberoftoshort += 1;
} else if (password.find_first_not_of(“!\”#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~ “) != std::string::npos) {
//password contains a bad character
if(badlist == true) {
std::cout << password << std::endl;
}
numberofbadchar += 1;
} else {
if(goodlist == true) {
std::cout << password << std::endl;
}
numberofgood += 1;
}
}
}
infile.close();

std::cout << “Checked ” << numberoflines << ” passwords.” << std::endl;
std::cout << ”  ” << numberofempty << ” lines contained no text” << std::endl;
std::cout << ”  ” << numberoftoshort << ” lines were to short” << std::endl;
std::cout << ”  ” << numberoftolong << ” lines were to long” << std::endl;
std::cout << ”  ” << numberofbadchar << ” lines contained illegal characters” << std::endl;
std::cout << ”  ” << numberofgood << ” lines contained good passwords” << std::endl;

return(0);
}

int main(int argc, char *argv[]) {
if(argc <= 1){ //not enough options so help is shown
if(help(argv)) {
std::cout << “Fatal error. Quitting program.” << std::endl;
return(1);
} //else program is working fine
} else { //plenty of options, better check to see if they are the right ones
if(argv[1] == std::string(“help”)) {//display help
if(!help(argv)) {
std::cout << “Fatal error. Quitting program.” << std::endl;
return(1);
} //else program is working fine
} else {
if(does_exist(argv[1])){
verify(argc, argv);
} else {
std::cout << “Invalid file” << std::endl;
}
}
}
}

 

{ Add a Comment }

Windows and Linux Autotypers

I have good news, and bad news. I’ll start with the bad news. Quite frankly, development of the windows autotyper has stopped for one reason: windows is a pain in the butt. I recently got Windows 7, the latest and greatest. I tried installing VB6 (The language i use for the windows autotyper) and it failed miserably due to issues beyond my abilities to fix. I got the newest Visual Studio (2010) and it ran so slow it wasn’t worth it. It could not import my autotyper’s source, so it wasn’t worth the effort of remaking it.

For now, the windows autotyper development is stopped. I cannot develop it right now. If you want to help out,  and start development again, email me at imageek247@gmail.com, and we can work something out. For now, there is only the old version of the windows autotyper.

 

Alrighty guys! Here’s the good news. I finally got around to finishing the newest version of the Linux autotyper; 1.0. This one has some major updates;

New OSD  that shows a preview of the next text

You could already save/open a text file into the autotyper. Now you can choose the method with which it divides the text. Suppose you felt like ‘reading’ a book you got of the internet to RuneScape. You would import the text file, and choose a period “.” as the divider, instead of the default enter “\n” key.

Runescape Effects are now fully supported (that one took awhile)

Finally, You have three different ways of timing the sent text. You can use one speed for all the texts, just like always, or you can have it send the text randomly between two texts. And the newest one, you can have its sending speed go according to the number of characters in the text. For example, by building off of you reading a book to runescape, you could use this speed setting to make it look like you typed it yourself, at an average typing speed.

You can get the newest version of the autotyper,  at this link:

//sourceforge.net/projects/rsautosayer/files/Linux/1.0/?

and you can check out its new screenshot on my website at this link:

//dageek247.tk/wordpress/?page_id=32

enjoy!

{ Add a Comment }