CryptApp/DesCryptTest/Program.cs at master · StephanieZ/CryptApp · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
using System;
using System.Diagnostics;
using System.IO;
using System.Linq;
using System.Threading.Tasks;
using System.Xml.Schema;
using CryptSharp;

namespace CryptApp
{
  public class Program
  {
    static DesCrypt cCrypt = new DesCrypt();
    const string salt = "..";
    public static int maxLength = 4;
    public static int count = 0;
    private static object jsLock = new object();


    static void Main(string[] args)
    {

      // maximum security AIX required a minimum of 4 chars in passwords, DES limits total password length to 8 chars

      // for all 4 char strings
      CompareAllPasswords("", 0);

      // for all 5 char strings
      maxLength = 5;
      CompareAllPasswords("", 0);

      // for all 6 char strings
      maxLength = 6;
      CompareAllPasswords("", 0);

      // for all 7 char strings
      maxLength = 7;
      CompareAllPasswords("", 0);

      // for all 8 char strings
      maxLength = 8;
      CompareAllPasswords("", 0);

    }


    public static void CompareAllPasswords(string password, int length)
    {
        length += 1;

      foreach (var c in DesCrypt.Ascii64)
      {
        count++;
        if (length == maxLength &&
            length == (password + c).Length &&
            count >= Math.Pow(10, maxLength))
        {
          try
          {
            count = 0;
            Task.Run(() => ComparePassword(password + c));
          }
          catch
          {
            //if we fail to start some passwords, no biggie, just skip them until memory is availble again.
          }

        }

        if (length < maxLength)
        {
          CompareAllPasswords(password + c, length);
        }
      }
    }

    private static void ComparePassword(string password)
    {

      string outputFile = "passwordComparison.log";

      //as it turns out, the standard out isn't threadsafe.
      lock (jsLock)
      {
        var cCryptString = cCrypt.Descrypt(password, salt);

        var oldCheckPassword = Crypter.CheckPassword(password, cCryptString);

        var jCompareProcess = new Process
        {
          StartInfo = new ProcessStartInfo
          {
            FileName = "node",
            Arguments = $"..\\..\\app.js {password} {salt}",
            UseShellExecute = false,
            RedirectStandardOutput = true,
            CreateNoWindow = true
          }
        };

        jCompareProcess?.Start();

        jCompareProcess?.WaitForExit();

        var jCryptString = jCompareProcess.StandardOutput.ReadLine();


        File.AppendAllText(outputFile, password + '\n');
        File.AppendAllText(outputFile, jCryptString + '\n');
        File.AppendAllText(outputFile, cCryptString + '\n');
        if (string.CompareOrdinal(jCryptString, cCryptString) == 0)
        {
          File.AppendAllText(outputFile, "A password check succeeded\n");
          if (!oldCheckPassword)
          {
            File.AppendAllText(outputFile, "The only algorithm would have failed");
          }
        }
        else
        {
          File.AppendAllText(outputFile, "A password check failed\n");
        }


      }

    }
  }
}