Brute force - let's have a look

I recently issue the problem of a lost password on one of my own rar file. I so decided to attempt some of my most common password… None works… I was near of a simple deletion of my file and a lot of cry… Then i tried to brute force this…

What is brute force ?

In cryptography, a brute-force attack consists of an attacker submitting many passwords or passphrases with the hope of eventually guessing a combination correctly.

Thank you wikipedia! To be as concrete as possible, you take an amount of strings and you try each one. It’s like having a lot of keys on a key-ring and trying one by one to open a door… Boring!


It’s quite a simple try/guess and hope (like i did with common passwords)… So it’s not complicated but is time consuming… Let’s have a look on how much attempts it could theoretically take…

Theoretically, it can be expressed that way :

$$ A = N^M $$

where N is the size of the used alphabet and M is the size of the password (number of characters).

So if u use an alphabet of 26 characters (like the lowercase common alphabet) on a password of 10 chars, the maximum number of attemps will be :

$$ A = 26^{10} $$

So A = attemps… This is, of course, the worst case scenario possible…On Average, this will take the half number of attempts to find a lowercase password base on the classical alphabet… Still huge…

Brute force a rar file with python - a tiny example

Attention, i don’t encourage you to try this on production environment… Brute forcing is attacking a system which is illegal…

Here is a tiny snippet that let you test a brute force over a rar file:

#!/usr/bin/env python3

alphabet = "abcdefghijklmnopqrstuvwxyz"
path = "path/to/file"
for a in range(1,len(alphabet)+1):
    for b in itertools.product(alphabet,repeat=a):
        kf=os.popen("unrar t -y -p%s %s | grep 'All OK'"%(pass,path))
        if "All OK" in kf:
            print("Success:" + pass)

The code is easy no? Of course i simplify this as much as possible… We should, of course, verify that the file exist for example… This snippet can easily be improved… But it’s not the purpose here….

How to increase security over brute force?

Well this is quite obvious, a brute force attack take time, so you need to increase the max number of attempts to discourage the attacker. This can simply done by increasing the N and the M so, the size of the alphabet and the size of the password. N will increase if u use uppercase,lowercase,number, special characters. M will increase if your password become as long as possible.

Improve performances

As making a password is a human being thing (except if you use generate password only), most of the time used passwords have a union match with common words from languages. You’ll then gain time by using words from dictionary in place of generated words.

For example, English vocabulary count more or less 470000 words ( wikipedia you da best! ) which is (if you only use the 26 lowercase letters for alphabet) a big improvement. Better the list of common passwords is certainly a good dictionary to gain time.

comments powered by Disqus