Faster SDF Database Password Cracking with Multithreading

March 18th, 2012 § 2 comments § permalink

Unimpressed that my CPU was merely idling through the attack process I gave it, I wrote a quick update to the SDF password cracker.

In the previous post, I posted the source for my SQL standalone database cracker. It was fine for some basic password auditing, but for those really big password lists… it needed to be faster.

So I added in some code to use threading.

A better coder would probably have included delegates, and time efficient locking mechanisms. Not me.

I’ve attached the source code for the SDF database password cracker, once again in C#.

 

SDF Database Password Cracker

March 15th, 2012 § 1 comment § permalink

I had the need to explore the structure of a stand alone database file (SDF), which was password protected.

Early on it occurred to me that there were no tools available to run a quick dictionary attack against the SDF database file.

So I wrote my own SDF password cracker.

The SDF password cracker is written in C#, and its the definition of quick and dirty – but it works.

Source
Sample Config File
Sample SDF Database
Sample Password List
System.Data.SqlServerCe.dll

It’s worth noting that the SqlServerCe library doesn’t compile well under x64 environments, just switch the compile profile to x86.

Training Camp Crackme1 Woodmann

September 13th, 2011 § 0 comments § permalink

Every so often I try a crackme. I just enjoy the problem solving. I’m terrible, but somehow I get a kick out of it.
crackmes.de is down, so I stumbled across the next best, maybe a better thing. http://www.woodmann.com/RCE-CD-SITES/Quantico/mib/train.htm

An amazing collection of scene crackmes; if you ever thought you were good enough to represent – this is where to start.

Being an infant, I stuck with the tutorials. Even then I struggled. For hours.

My *working* solution to CrackMe1 is below. To make it a little more difficult for myself, I thought I would give C++ a spin.
I was bitterly disappointed that my keygen was larger than the original crackme.

#include <cstdlib>
#include <iostream>
 
using namespace std;
 
int main(int argc, char *argv[])
{
    //declare local variables
    string _name;
    int i = 0;    
    int char_sum = 0;
    int _first, _second;
    char c, d;
 
    //ask user to input name, store it in local variable
    cout << "name: ";
    cin >> _name;
 
    //put the name variable to uppercase
    while(_name[i])
    {
         c = _name[i]; //create char from current index on string
         d = toupper(c); //put char to upper
         char_sum = (int(d)) + char_sum; //increment the count         
         i++;          
    }  
 
    //http://www.woodmann.com/RCE-CD-SITES/Quantico/mib/crack10.htm
    _first = char_sum ^ 22136;
    _second = _first ^ 4660;    
 
    //output the serial!
    cout << "serial: " << _second << endl;
 
    system("PAUSE");
    return EXIT_SUCCESS;
}