+ 1

How to make a password dictionary which has all the letter combinations with given length?

https://code.sololearn.com/cJ04deMSJ4bY/?ref=app I have this generator, but it's very basic, too basic. I want to make a program in which I can choose what character types I wanna use(abc, ABC, 123, @#$). I don't need help with that though. But I want to be able to input a minimum length, a maximum length and then it will do all of the possible combinations with my character list(this is the part where I need help) and make it into a .txt file. I want the program to go like: min char count: 4 max char count: 8 list contains, lowercase, uppercase, numbers aaaa, aaab, aabb, abbb, aaac...aU28#%p0 So..how?

30th Dec 2019, 8:19 AM
Ville Nordström
Ville Nordström - avatar
16 odpowiedzi
+ 2
Here's a start.. but the list is already huge using just lowercase.. import string mylist = [] mystring = string.ascii_lowercase for a in mystring: for b in mystring: for c in mystring: for d in mystring: mylist.append(a + b + c + b) print(mylist) print("aaaa" in mylist) print("zzzz" in mylist) print("Size of list =", len(mylist)) # 456976 4-letter words... using just lowercase. # also...have a look at: mylist2 = ["".join(x) for x in itertools.product(mystring, repeat=4)] print(len(mylist2)) print("aaaa" in mylist2) print("zzzz" in mylist2) edit:- you can also do:- mylist = [a+b+c+d for a in mystring for b in mystring for c in mystring for d in mystring]
30th Dec 2019, 6:54 PM
rodwynnejones
rodwynnejones - avatar
+ 3
It sounds like the function permutations might help you. (Will take quite a while for larger lists though.) https://www.hackerrank.com/challenges/itertools-permutations/problem
30th Dec 2019, 9:24 AM
HonFu
HonFu - avatar
+ 3
So..it seems like Python probably isn't the best language for this type of stuff.. Both of your anwsers are good, but I do want the perfect combination generator which can indeed make those 1 million totally unique character combinations. Ipang I'll definitely use that string method, it's a must. And HonFu , I don't know if that helps with the size of the strings though. Sure, it might work for 8 character strings too, but the amount of code that's put into it seems a little, much.
30th Dec 2019, 9:38 AM
Ville Nordström
Ville Nordström - avatar
+ 2
rodwynnejones yeah, we'll see where this goes. Because if you take my idea and make the password list with length of 4-12, it's way over 20 million pssswords. That single file would need it's own hard-drive and would probably crash the computer by existing. So we'll see if tech improves enough to make a 20mil password brute force attack possible or if people just start using like 20 character passwords which would just put us back in the situation we are in right now.
30th Dec 2019, 8:22 PM
Ville Nordström
Ville Nordström - avatar
+ 1
Maybe split the character combinations into specific types? Create one string for each type of character: Uppercase alpha, lowercase alpha, digits, and special characters During the creation of the password, generate a random number between 1 - 4. When the random number is 1, you choose and add a random character from uppercase string. When it's 2, you choose and add random character from lowercase string. Do the same on number 3 to add special character and 4 - to add digits. This way each password character is more or less random. You can of course use one list of string instead of 4 string as I described. The concept is pretty much the same : )
30th Dec 2019, 8:53 AM
Ipang
+ 1
Good luck CR34TUR3 👍
30th Dec 2019, 9:42 AM
Ipang
+ 1
I'm sorry, but it's not practical to create such a dictionary, it's easier to just generate the passwords on the spot than storing them. Besides, it's impossible to generate them all: you have 27 lowercase, 27 uppercase, 10 digits and ~20 specials: that's ~84 possible characters. For a 4 letters password that would mean 84^4 - perhaps doable, but for 6 letters not so much anymore, and for 8 I'm ready to bet against it with pretty much confidence. Btw, permutations are not of use because letters can repeat in a password. In fact, an algorithm for generating passwords should be easier than generating permutations. But impossible timewise.
30th Dec 2019, 12:36 PM
Selin Genkur
+ 1
Yeah, Kali has this tool called Crunch or something like that. It does exactly what I want my python code to do. But it indeed creates those 5 million passwords so the cracking process itself is basically impossible. Atleast with modern tech lol
30th Dec 2019, 1:22 PM
Ville Nordström
Ville Nordström - avatar
+ 1
I don't think it's a silly idea (your method..that is). Nowerdays... we are discouraged from using actual "words" as password and use random sequence of characters. I've used a similar method (years ago) to crack open an MS excel spreadsheet using VBA. ....but obviously..I must discourage from trying to "illegally" carry out a "bruteforce attack" on anything..
30th Dec 2019, 8:15 PM
rodwynnejones
rodwynnejones - avatar
0
Selin Genkur What do you think I should do? I want a program which can execute a brute force attack. And yes, I know that there would be over 1 million combinations even with leaving special characters or numbers out. So you have better ideas? Should I just drop this idea all together and just grab a password list from the internet and learn to actually execute those attacks?
30th Dec 2019, 12:41 PM
Ville Nordström
Ville Nordström - avatar
0
CR34TUR3 I once read a book, Digital fortress, by Dan Brown. The ideea there was that a distributed system, with millions of microprocessors, can crack about any password. I say go ahead and make the algorithm for generating passwords, although with less possible characters, so that you see it finishing in a reasonable time. Because it's a satisfying exercise, at least for me it was. And perhaps think of a way of splitting the work on more than one computer - I never did that, but would be interesting. Oh, and perhaps think of a way of generating passwords that you know some things about them, like, say, the first letter is from the left side of the keyboard, or something like that - but that's kinda masochistic, I never tried to do that, being discouraged by the futility of it, considering what I said before.
30th Dec 2019, 1:08 PM
Selin Genkur
0
Selin Genkur Dan Brown isn't really gonna help me haha Buth I don't really get what you mean by that. So I should not create a program that generates the passwords, but at the same time you are talking about that exact thing
30th Dec 2019, 1:12 PM
Ville Nordström
Ville Nordström - avatar
0
I mean, it's interesting to try. I did, even though I was aware of the results. Just don't be too disappointed 🤔 I've already been disappointed by existing password crackers, not one of them ever cracked for me a password longer than 4-5 letters. Perhaps I didn't have enough patience, I was only trying them out of curiosity. If I ever really needed one, like I said, it never worked :/
30th Dec 2019, 1:19 PM
Selin Genkur
0
rodwynnejones Yeah, I'm starting to realize that this whole idea was a little silly and stupid. Maybe I should just copy a 100k word dictionary from a random website and just use it in a bruteforce attack program.
30th Dec 2019, 7:00 PM
Ville Nordström
Ville Nordström - avatar
0
rodwynnejones and yeah, I would not do anything illegal btw.
30th Dec 2019, 8:23 PM
Ville Nordström
Ville Nordström - avatar
0
The kind of generator youre thinking of is impossible.
31st Dec 2019, 10:24 PM
Steven
Steven - avatar