Share your repls and programming experiences

← Back to all posts
Brute Force Password Cracker
CyanCoding (1541)

https://repl.it/@CyanCoding/Brute-Force-Password-Cracker
I built the Brute Force Password Cracker as a fun program to test out passwords, and to test my knowledge of Python 3 and its libraries.

Commentshotnewtop
bgrubert (140)

Quite impressive, actually!

bgrubert (140)

@bgrubert Thanks for the support! Repl.it is awesome!

bramley (187)

@bgrubert forget to switch accounts?

bgrubert (140)

@bramley lol, no, I was just reflecting on the fact that the comment had got 11 upvotes

OwenBradstreet (94)

Hey dude. I'm not here to take a dump on your work, I can tell you spent a while making this, and it seems functional - I just wanted to give you some advice. A lot of this code could have been done way more efficiently, and it's very hard on the eyes. I have rewritten two of the excessively inefficient and hard to look at parts for you (Those if's with all the or's), you can take inspiration from it if you would like.

I hope this helps you out man.

PS - The parts I have rewritten can be distinguished by the large comments around the scripts. I completely fine with you flat out copying these scripts, I only ask you chuck some sort of comment somewhere saying I helped out. Thanks man.

https://repl.it/@OwenBradstreet/Brute-Force-Password-Cracker

OwenBradstreet (94)

@OwenBradstreet PS: I got 450 milliseconds reaction time on your Reaction Test :) I think I'm pretty good.

ABulman (7)

@OwenBradstreet it is pretty inefficient, a bit like their C# one

CodingCactus (2470)

@hg0428 it's brute force, if it was quick, then everyone's account would be hacked

awesome10 (197)

i did a keyboard mash..
5 million guessed so far...
10 mil...
15 mil...
20mil...
25mil..
30mil...
35mil...
40miil...
45mil...
50mil...
55mil...
this could be a while.Feel free to leave this page open while you use the computer.
70 mil...
75mil...
80mil...
85mil...
90mil...
95mil...
edit: i waited and...
500million guessed so far...
imma keep waiting
update: 1bil, 20mil guessed so far...
still going... 1bil 500mil...
omg 2 billion+

paulramnora (6)

I don't get it...I typed in the password as: abc123; and, it currently says 100 million passwords guessed so far...(and, it still hasn't gotten it right, yet)??? Continuing to guess: 150 million passwords guessed so far.../350 million passwords guessed so far/...-etc. Surely, 'abc123' can't be that difficult to guess...?! 450 million passwords guessed so far.../500 million passwords guessed so far... Maybe, it should have started off by checking a list of the most commonly used passwords, first. 600 million passwords guessed so far.../760 million passwords guessed so far.../950 million passwords guessed so far. 1 billion, 5 million passwords guessed so far. It makes you wonder if it'll ever guess it...??? Anyway, I'm going back to sleep...can't just sit here staring at the screen...when not a lot seems to be happening. I billion, 675 million passwords guessed so far... OMG! I billion, 850 million passwords guessed so far.../2 billion, 225 million passwords guessed so far...

I admire the coding, seriously; it shows admirable skill and understanding of the overall Python language(which is a hell of a lot more than I've got). However, the program itself does seem to take an inordinately long time to guess correctly even a very 'simple' password. It's not my wish to put anybody down...I deeply appreciate anybody who sticks with learning 'how to code'...in fact, I'm trying to do the same thing myself. I wonder how the program might have performed if I had simply typed in as the password: abc...without the 123 part at the end? Maybe, I'll stop it, and, try, again. OK, so it cracked the 'abc' password...in 9218 tries and 1 second. That's approximately 1217046 guessed passwords per second! So, I guess, it does work in certain specific cases.

Or, is it possible I might have typed the password wrong the first try...let me try entering: abc123, again. Hmm...the same result as before, apparently...55 million passwords guessed so far...

RilGames (0)

@paulramnora u have done this to me... why did u do this

tharlynnhtetong (44)

@paulramnora
this doesn't use rainbow tables, in regular cracking we... I mean the crackers will use a rainbow table that'll check for common passwords like password password123 acdefg 12345678 Pa$$w0rd first and get the accounts that's the least secure in most cases getting the secure accounts are not worth the computing resources to bf.

HenryZelonka1 (55)

@tharlynnhtetong
That's why it's called "brute force."

TobyS (61)

"Import replit" doesnt work anymore. Idk why

minx28 (230)

Hi! This is a cool project and I really like the use of colour. However, in places, there are major issues with the code: in under 10 minutes, I cut your 323 lines of code down to 259, with several lines becoming much shorter and easier.
The key to this is the string module:

import string

This module has several highly useful constants:

print(string.ascii_lowercase)
print(string.ascii_uppercase)
print(string.digits)
print(string.punctuation)
print(string.printable)
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
0123456789
!"#$%&\'()*+,-./:;<=>[email protected][\\]^_`{|}~
0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!"#$%&\'()*+,-./:;<=>[email protected][\\]^_`{|}~

I went through your code and replaced instances of "abcdefghijklmnopqrstuvwxyz" with string.ascii_lowercase for example.
The other thing I did was the section where you detect if certain groups of characters are in the password. You did

if "A" in password or "B" in password...

I changed this to

if any([char in password for char in string.acii_uppercase]):

The any function requires a list and if any of the items in the list are True, it returns True. The [char in password for char in string.acii_uppercase] creates a list: each item is True of False, depending on whether each character in string.ascii_uppercase is in the password. This means that if any of the upper case letters are in the password, our any() returns True. I did the same thing with the lowercase, digits and punctuation bits, the punctuation one being particularly satsisfying because previously you had individual if statements for each separate character.
Hope you found this comment useful, please upvote!
-minx

ScratchyGamer31 (1)

Attempting to crack password via CyanCoding's BFPC...

This could be a while. Feel free to leave this page open while you use the computer.

2 billion, 495 million passwords guessed so far...

epicman702 (186)

@ScratchyGamer31
2 trillion, 495 billion, 135 million passwords guessed so far...
I never got that far...

itbarsoum (47)

Password Password

I typed in the password Password and we're currently at 800 million passwords and going...

PYer (3232)

Its crazy! Years (maybe 1 or 2) later your project is still on top! It is even still getting views. look at the one comment before me. in new of course, and that was 1 month ago! If you look at the most recent reply, it is 3 days ago. Since me posting this of course, on own bradstreets comment? I have no idea how you did this, this is really cool though.

JosephSanthosh (58)

There is something really wrong with this. How can i get 3 billion 400 million and not crash.
It takes over 200 million tries to get the word 'Strange'.

VivaanSa (12)

it could not guess dizzyredmonkey#22

IvanChang111 (10)

Why does this happen?:

110 million passwords guessed so far...
Traceback (most recent call last):
File "main.py", line 312, in <module>
tries, timeAmount = tryPassword(password, stringType)
TypeError: cannot unpack non-iterable NoneType object

applesX (19)

Horse. 130 million guesses so far. This is so great 😂. Awesome coding. How many words do you know!?

applesX (19)

I’ve been waiting for 5 min. Oh dear.

applesX (19)

I just put in my username, ApplesX.

TerrorbuildLuna (14)

my password is literally 123456 and it takes more than 200 million password guesses to figure it out.

AH3973 (38)

my password "panda" is gonna take some while I guess

adl212 (49)

How is it supposed to work? Isn't it supposed to give you the password or something?

demizhn (0)

omg why is my password so hard to crack, I think it's rlly ez

awesome10 (197)

Attempting to crack password via CyanCoding's BFPC...

CyanCoding's BFPC cracked the password b in 2 tries and 1 second!

That's approximately 44859 guessed passwords per second!

ummmmmm

awesome10 (197)

Attempting to crack password via CyanCoding's BFPC...

CyanCoding's BFPC cracked the password 1 in 54 tries and 1 second!

That's approximately 874489 guessed passwords per second!

syflexer (467)

i saw one of these on the python forum that was exactly the same

studentAlfredAl (387)

Lol, I'm hack-proof. It never guessed my password, or at least it took over 3 billion tries (still trying) :)

tharlynnhtetong (44)

Hey I've made something similar when my class was talking about cyber security. Does yours use pure bf with all printables (w/o whitespace) does it check if a guess has already been made.