Share your repls and programming experiences

← Back to all posts
Brute Force Password Cracker
CyanCoding (1589)

https://repl.it/@CyanCoding/Brute-Force-Password-Cracker
I built the Brute Force Password Cracker as a fun program to test out passwords, and to test my knowledge of Python 3 and its libraries.

Commentshotnewtop
bgrubert (157)

Quite impressive, actually!

bgrubert (157)

@bgrubert Thanks for the support! Repl.it is awesome!

bramley (196)

@bgrubert forget to switch accounts?

bgrubert (157)

@bramley lol, no, I was just reflecting on the fact that the comment had got 11 upvotes

OwenBradstreet (103)

Hey dude. I'm not here to take a dump on your work, I can tell you spent a while making this, and it seems functional - I just wanted to give you some advice. A lot of this code could have been done way more efficiently, and it's very hard on the eyes. I have rewritten two of the excessively inefficient and hard to look at parts for you (Those if's with all the or's), you can take inspiration from it if you would like.

I hope this helps you out man.

PS - The parts I have rewritten can be distinguished by the large comments around the scripts. I completely fine with you flat out copying these scripts, I only ask you chuck some sort of comment somewhere saying I helped out. Thanks man.

https://repl.it/@OwenBradstreet/Brute-Force-Password-Cracker

OwenBradstreet (103)

@OwenBradstreet PS: I got 450 milliseconds reaction time on your Reaction Test :) I think I'm pretty good.

ABulman (9)

@OwenBradstreet it is pretty inefficient, a bit like their C# one

paulramnora (7)

I don't get it...I typed in the password as: abc123; and, it currently says 100 million passwords guessed so far...(and, it still hasn't gotten it right, yet)??? Continuing to guess: 150 million passwords guessed so far.../350 million passwords guessed so far/...-etc. Surely, 'abc123' can't be that difficult to guess...?! 450 million passwords guessed so far.../500 million passwords guessed so far... Maybe, it should have started off by checking a list of the most commonly used passwords, first. 600 million passwords guessed so far.../760 million passwords guessed so far.../950 million passwords guessed so far. 1 billion, 5 million passwords guessed so far. It makes you wonder if it'll ever guess it...??? Anyway, I'm going back to sleep...can't just sit here staring at the screen...when not a lot seems to be happening. I billion, 675 million passwords guessed so far... OMG! I billion, 850 million passwords guessed so far.../2 billion, 225 million passwords guessed so far...

I admire the coding, seriously; it shows admirable skill and understanding of the overall Python language(which is a hell of a lot more than I've got). However, the program itself does seem to take an inordinately long time to guess correctly even a very 'simple' password. It's not my wish to put anybody down...I deeply appreciate anybody who sticks with learning 'how to code'...in fact, I'm trying to do the same thing myself. I wonder how the program might have performed if I had simply typed in as the password: abc...without the 123 part at the end? Maybe, I'll stop it, and, try, again. OK, so it cracked the 'abc' password...in 9218 tries and 1 second. That's approximately 1217046 guessed passwords per second! So, I guess, it does work in certain specific cases.

Or, is it possible I might have typed the password wrong the first try...let me try entering: abc123, again. Hmm...the same result as before, apparently...55 million passwords guessed so far...

RilGames (0)

@paulramnora u have done this to me... why did u do this

lynnlo (43)

@paulramnora
this doesn't use rainbow tables, in regular cracking we... I mean the crackers will use a rainbow table that'll check for common passwords like password password123 acdefg 12345678 Pa$$w0rd first and get the accounts that's the least secure in most cases getting the secure accounts are not worth the computing resources to bf.

HenryZelonka1 (84)

@tharlynnhtetong
That's why it's called "brute force."

CodingCactus (3035)

@hg0428 it's brute force, if it was quick, then everyone's account would be hacked

LilWolfy (58)

That would be REALLY sad... 😔 @CodingCactus

awesome10 (217)

i did a keyboard mash..
5 million guessed so far...
10 mil...
15 mil...
20mil...
25mil..
30mil...
35mil...
40miil...
45mil...
50mil...
55mil...
this could be a while.Feel free to leave this page open while you use the computer.
70 mil...
75mil...
80mil...
85mil...
90mil...
95mil...
edit: i waited and...
500million guessed so far...
imma keep waiting
update: 1bil, 20mil guessed so far...
still going... 1bil 500mil...
omg 2 billion+

itbarsoum (48)

Password Password

I typed in the password Password and we're currently at 800 million passwords and going...

minx28 (342)

Hi! This is a cool project and I really like the use of colour. However, in places, there are major issues with the code: in under 10 minutes, I cut your 323 lines of code down to 259, with several lines becoming much shorter and easier.
The key to this is the string module:

import string

This module has several highly useful constants:

print(string.ascii_lowercase)
print(string.ascii_uppercase)
print(string.digits)
print(string.punctuation)
print(string.printable)
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
0123456789
!"#$%&\'()*+,-./:;<=>[email protected][\\]^_`{|}~
0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!"#$%&\'()*+,-./:;<=>[email protected][\\]^_`{|}~

I went through your code and replaced instances of "abcdefghijklmnopqrstuvwxyz" with string.ascii_lowercase for example.
The other thing I did was the section where you detect if certain groups of characters are in the password. You did

if "A" in password or "B" in password...

I changed this to

if any([char in password for char in string.acii_uppercase]):

The any function requires a list and if any of the items in the list are True, it returns True. The [char in password for char in string.acii_uppercase] creates a list: each item is True of False, depending on whether each character in string.ascii_uppercase is in the password. This means that if any of the upper case letters are in the password, our any() returns True. I did the same thing with the lowercase, digits and punctuation bits, the punctuation one being particularly satsisfying because previously you had individual if statements for each separate character.
Hope you found this comment useful, please upvote!
-minx

TobyS (56)

"Import replit" doesnt work anymore. Idk why

ScratchyGamer31 (1)

Attempting to crack password via CyanCoding's BFPC...

This could be a while. Feel free to leave this page open while you use the computer.

2 billion, 495 million passwords guessed so far...

epicman702 (187)

@ScratchyGamer31
2 trillion, 495 billion, 135 million passwords guessed so far...
I never got that far...

PYer (3395)

Its crazy! Years (maybe 1 or 2) later your project is still on top! It is even still getting views. look at the one comment before me. in new of course, and that was 1 month ago! If you look at the most recent reply, it is 3 days ago. Since me posting this of course, on own bradstreets comment? I have no idea how you did this, this is really cool though.

JosephSanthosh (1063)

Sooo I maybe 3 years late but this is still epic!

Axrevyn (188)

@JosephSanthosh
It doesn't show up for me.
Is it that epic?

>:(
JosephSanthosh (1063)

FYI you are supposed to press the link. If it still doesn't work for you then your pc or device is not epic. @Axrevyn

AnimalLover09 (0)

I entered M1695$5+.

[deleted]

i did "pathtawithnothauthe" and it's stopped at 235 million.
also another random idea slam the keyboard a bunch of times see how long it takes im curious :3

[deleted]

k then

poetaetoes (191)

did "himynameisbobandiliketoeatfood" and took like 24 hours to do it. I left it on the whole night, and as soon as I got to my computer 24 hours later, it got it

ShivankChhaya (85)

For some reason, I feel like you are making the user wait, and when your done stalling you say the password even when you knew it from the beginning.

lphi71086 (17)

Because the lowest priority was symbols, I decided to do "#" as my entire password. It took 1 second, 68 tries. With my internet it was code breaking at 817229 passwords a second!

lphi71086 (17)

My Password was "THis is my apssfiwoegsdiokos" It is currently at 470 MILLION password guesses. I had it running all the way through dinner and this is 30 minutes after dinner. I am really in support of this project but wish that it could be just a little quicker. Nice job making it!

JackLesher (5)

You've just created a monster.

Duvangamer3845 (69)

i wanna guess the password of tha ccount of a afriend, i think this help me

LilWolfy (58)

Wow... That is so cool! I wish I could code something like that

poetaetoes (191)

Hey evrybody who sees this, try putting in "himynameisbobandiliketosleepandeatanddrinkwaterwellduhineedtodoallthatoriwilldiebutyeahseeyoutomorrowbutiwillnotleaveyetbecauseiamboredandsoareyousogoodnightiamsleepingtomorrownottodaybutiamnotsleepysoiwillcontinuewiththisnonsensehehehehehehehehethepieisthreepointonefouronefivenineblahblahblahiamnotapersonwhoknowspibutyeahIAMTIREDOFPUTTINGTHISREALLYWEIRDPASSWORDTHATISPROBABLYONETHOUSANDCHARACTERSLONG123098" and UPVOTE if it goes on forever. :)

poetaetoes (191)

@pythoder also, see if you know what words are in there. lol

dilshaan (15)

Cool. I am just saying, You can go check out my codes. The highest upvotes that i have is 3. And by the way, in you code, you first asked what my password was and then put it back in the spot where it says
CyanCoding's BFPC cracked the password 1234 in 46800002 tries and 81 seconds! That's approximately 579472 guessed passwords per second!
And i do not mean that the bad way. I was just saying. I hope you check out my code.

poetaetoes (191)

119 million..., my password is himynameisbob

poetaetoes (191)

how do we know the input is stored in, and it says x million passwords guessed just to make us think it is guessing?

Pyth0nline (0)

What happened here?

Pyth0nline (0)

Umm this is taking a while...