Brute force script in Python 3.2

python python-3.x passwords brute-force
Yegers picture Yegers · Jul 6, 2012 · Viewed 60.6k times · Source

I'm a beginner in writing code and I've started with Python because it seemed the neatest and the easiest to start with (I currently have Python 3.2). Now I've read some online books and so on about coding in python, I've made some small programs and that's it.

But then I wanted to make a program that could brute-force a random password like:

PassWord = random.randint(0,9999)

I made something that could try random passwords:

import random
PassWord = str(random.randint(0,9999))
Trial = ' '
while Trial != PassWord:
    Trial = str(random.randint(0,9999))
    print(Trial)
    if Trial == PassWord:
        print('The password is: '+PassWord)
        input()

But that's not really a brute-force attack, it's more trying to randomly guess a password. I think a Brute-Force attack is first tries all possibility's with 1 digit then 2, 3 and so on. But I have no clue and knowledge how to do this.

I would really appreciate if someone would say how to create a program that first checks all possibilities with 1 digit and if possible, in the right order (0,1,2,3 and so on), then 2,3 and 4 digits.

Then I could work around on it, and learn more about Python.

Answer

Jon Clements picture Jon Clements · Jul 6, 2012

Code first:

from itertools import product

chars = '0123456789' # chars to look for

for length in range(1, 3): # only do lengths of 1 + 2
    to_attempt = product(chars, repeat=length)
    for attempt in to_attempt:
        print(''.join(attempt))

itertools.product produces a Cartesian join of its input(s) - in this case, it's being 'joined' to itself. So in the first iteration, each single character is printed. Then in the next iteration, because of repeat=length (and length is now == 2), generates '00', '01', etc... It's worth trying it and seeing the output to understand it better.

This also means you can throw in letters (uppercase/lowercase), and change the upperbound in the range function.

It's certainly not going to break the world of code-breaking, but should give you an idea of the flexibility of Python and the tools available to you.

I'll leave you to check the passwords match and break out the loop.

Related questions

Convert bytes to a string

I'm using this code to get standard output from an external program: >>> from subprocess import * >>> command_stdout = Popen(['ls', '-l'], stdout=PIPE).communicate()[0] The communicate() method returns an array of bytes: >>> …

Read More
Best way to convert string to bytes in Python 3?

There appear to be two different ways to convert a string to bytes, as seen in the answers to TypeError: 'str' does not support the buffer interface Which of these methods would be better or more Pythonic? Or is it …

Read More
How to install pip with Python 3?

I want to install pip. It should support Python 3, but it requires setuptools, which is available only for Python 2. How can I install pip with Python 3?

Read More