Share your repls and programming experiences

← Back to all posts
Brute Force Password Cracker
CyanCoding (1814)

https://repl.it/@CyanCoding/Brute-Force-Password-Cracker
I built the Brute Force Password Cracker as a fun program to test out passwords, and to test my knowledge of Python 3 and its libraries.

Commentshotnewtop
IsaacRoot (4)

leeeets get 1000 vooooooooteeeeeeeessssss peeeeeeooooooppppppppllllllleeee

bgrubert (174)

Quite impressive, actually!

bgrubert (174)

@bgrubert Thanks for the support! Repl.it is awesome!

bramley (244)

@bgrubert forget to switch accounts?

bgrubert (174)

@bramley lol, no, I was just reflecting on the fact that the comment had got 11 upvotes

OwenBradstreet (112)

Hey dude. I'm not here to take a dump on your work, I can tell you spent a while making this, and it seems functional - I just wanted to give you some advice. A lot of this code could have been done way more efficiently, and it's very hard on the eyes. I have rewritten two of the excessively inefficient and hard to look at parts for you (Those if's with all the or's), you can take inspiration from it if you would like.

I hope this helps you out man.

PS - The parts I have rewritten can be distinguished by the large comments around the scripts. I completely fine with you flat out copying these scripts, I only ask you chuck some sort of comment somewhere saying I helped out. Thanks man.

https://repl.it/@OwenBradstreet/Brute-Force-Password-Cracker

OwenBradstreet (112)

@OwenBradstreet PS: I got 450 milliseconds reaction time on your Reaction Test :) I think I'm pretty good.

ABulman (9)

@OwenBradstreet it is pretty inefficient, a bit like their C# one

awesome10 (224)

i did a keyboard mash..
5 million guessed so far...
10 mil...
15 mil...
20mil...
25mil..
30mil...
35mil...
40miil...
45mil...
50mil...
55mil...
this could be a while.Feel free to leave this page open while you use the computer.
70 mil...
75mil...
80mil...
85mil...
90mil...
95mil...
edit: i waited and...
500million guessed so far...
imma keep waiting
update: 1bil, 20mil guessed so far...
still going... 1bil 500mil...
omg 2 billion+

paulramnora (7)

I don't get it...I typed in the password as: abc123; and, it currently says 100 million passwords guessed so far...(and, it still hasn't gotten it right, yet)??? Continuing to guess: 150 million passwords guessed so far.../350 million passwords guessed so far/...-etc. Surely, 'abc123' can't be that difficult to guess...?! 450 million passwords guessed so far.../500 million passwords guessed so far... Maybe, it should have started off by checking a list of the most commonly used passwords, first. 600 million passwords guessed so far.../760 million passwords guessed so far.../950 million passwords guessed so far. 1 billion, 5 million passwords guessed so far. It makes you wonder if it'll ever guess it...??? Anyway, I'm going back to sleep...can't just sit here staring at the screen...when not a lot seems to be happening. I billion, 675 million passwords guessed so far... OMG! I billion, 850 million passwords guessed so far.../2 billion, 225 million passwords guessed so far...

I admire the coding, seriously; it shows admirable skill and understanding of the overall Python language(which is a hell of a lot more than I've got). However, the program itself does seem to take an inordinately long time to guess correctly even a very 'simple' password. It's not my wish to put anybody down...I deeply appreciate anybody who sticks with learning 'how to code'...in fact, I'm trying to do the same thing myself. I wonder how the program might have performed if I had simply typed in as the password: abc...without the 123 part at the end? Maybe, I'll stop it, and, try, again. OK, so it cracked the 'abc' password...in 9218 tries and 1 second. That's approximately 1217046 guessed passwords per second! So, I guess, it does work in certain specific cases.

Or, is it possible I might have typed the password wrong the first try...let me try entering: abc123, again. Hmm...the same result as before, apparently...55 million passwords guessed so far...

RilGames (0)

@paulramnora u have done this to me... why did u do this

lynnlo (44)

@paulramnora
this doesn't use rainbow tables, in regular cracking we... I mean the crackers will use a rainbow table that'll check for common passwords like password password123 acdefg 12345678 Pa$$w0rd first and get the accounts that's the least secure in most cases getting the secure accounts are not worth the computing resources to bf.

HenryZelonka1 (86)

@tharlynnhtetong
That's why it's called "brute force."

CodingCactus (3090)

@hg0428 it's brute force, if it was quick, then everyone's account would be hacked

LilWolfy (59)

That would be REALLY sad... 😔 @CodingCactus

minx28 (391)

Hi! This is a cool project and I really like the use of colour. However, in places, there are major issues with the code: in under 10 minutes, I cut your 323 lines of code down to 259, with several lines becoming much shorter and easier.
The key to this is the string module:

import string

This module has several highly useful constants:

print(string.ascii_lowercase)
print(string.ascii_uppercase)
print(string.digits)
print(string.punctuation)
print(string.printable)
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
0123456789
!"#$%&\'()*+,-./:;<=>[email protected][\\]^_`{|}~
0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!"#$%&\'()*+,-./:;<=>[email protected][\\]^_`{|}~

I went through your code and replaced instances of "abcdefghijklmnopqrstuvwxyz" with string.ascii_lowercase for example.
The other thing I did was the section where you detect if certain groups of characters are in the password. You did

if "A" in password or "B" in password...

I changed this to

if any([char in password for char in string.acii_uppercase]):

The any function requires a list and if any of the items in the list are True, it returns True. The [char in password for char in string.acii_uppercase] creates a list: each item is True of False, depending on whether each character in string.ascii_uppercase is in the password. This means that if any of the upper case letters are in the password, our any() returns True. I did the same thing with the lowercase, digits and punctuation bits, the punctuation one being particularly satsisfying because previously you had individual if statements for each separate character.
Hope you found this comment useful, please upvote!
-minx

ScratchyGamer31 (2)

Attempting to crack password via CyanCoding's BFPC...

This could be a while. Feel free to leave this page open while you use the computer.

2 billion, 495 million passwords guessed so far...

epicman702 (217)

@ScratchyGamer31
2 trillion, 495 billion, 135 million passwords guessed so far...
I never got that far...

itbarsoum (49)

Password Password

I typed in the password Password and we're currently at 800 million passwords and going...

TobyS (56)

"Import replit" doesnt work anymore. Idk why

PYer (3506)

Its crazy! Years (maybe 1 or 2) later your project is still on top! It is even still getting views. look at the one comment before me. in new of course, and that was 1 month ago! If you look at the most recent reply, it is 3 days ago. Since me posting this of course, on own bradstreets comment? I have no idea how you did this, this is really cool though.

AJDevelopment (72)

I'm the 990th upvote

DanielGreynold1 (2)

danm you got yourself hella clout

PyCoder01 (55)

@CyanCoding I thought you weren't active to this day

IsaacRoot (4)

I put in my actual school password and DANG it must be good because it has been hours and the program still hasn't guessed it!

CyanCoding (1814)

@IsaacRoot That's a sign of a good password! Hopefully, it would take a computer years to guess your password. The longer the password, the more secure!

armindont (0)

@CyanCoding can I use this to crack a password I don't know I want to get into a friend's scratch account as a joke but I don't know his password is their a way for me to use this to crack it?

CyanCoding (1814)

@armindont Sorry, this is for educational purposes only and shouldn't be used on other's passwords without their permission.

armindont (0)

@CyanCoding I know but is it possible

maxyang (120)

Petition to get this to 1000 cycles

RayhanADev (808)

Let’s get this to 1000 upvotes people!

RayhanADev (808)

@CyanCoding “I am inactive on Repl.it” lmao xD.

CyanCoding (1814)

@RayhanADev I use repl.it like once a week for small tests only but this is a comment I could get behind so I decided to respond😂

RayhanADev (808)

@CyanCoding noice xD! Seriously wish you came around the community more often though. I can tell you are an og lol.

maxyang (120)

@CyanCoding aw man that sucks... But I noticed you changed your bio so you don't have the "I am inactive on repl.it" part, are you gonna come back?

RayhanADev (808)

@maxyang lmao ;P. We’re close, only 38 more upvotes!

RayhanADev (808)

@maxyang did you know cyancoding would have 797 cycles without this project?

CyanCoding (1814)

@RayhanADev Nobody would know me if I didn't have this program hahaha

RayhanADev (808)

@CyanCoding wow, thats really sad xD.

proryan (20)

I can't believe this project has 918 upvotes

GeumjuKim (5)

1 billion 500 million now......

GeumjuKim (5)

1 billion 100 million now...

GeumjuKim (5)

500 million now
wut

ThisUserTaken (233)

Woahhhh So many upvotes

tankerguy1917 (54)

this is awesome. i put in 1 as the password, and it took 54 ties, with 618832 guesses a second. really good. great job CyanCoding.

RahulChoubey1 (60)

Let's hit 900 upvotes!

RahulChoubey1 (60)

just smash your keyboard to make an infinite wait device