如何对暴力进行密码的所有排列? [英] How to make all of the permutations of a password for brute force?
问题描述
所以我试图制作一个暴力破解密码的程序.
首先,我编写了一个密码长度为1的程序.
password = input('What is your password?\n')
chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'
def brute_force():
for char in chars:
if char == password:
return char
print(brute_force())
然后我将其编辑为长度为2的密码.
def brute_force():
guess = [None, None]
for char in chars:
guess[0] = char
for char2 in chars:
guess[1] = char2
if ''.join(guess) == password:
return ''.join(guess)
最后,我对长度为3的密码进行了相同的操作.
def brute_force():
guess = [None, None, None]
for char in chars:
guess[0] = char
for char2 in chars:
guess[1] = char2
for char3 in chars:
guess[2] = char3
if ''.join(guess) == password:
return ''.join(guess)
如何将其概括为一个名为length的变量,其中包含密码长度的整数值?
您可以使用以下递归函数:
def brute_force(string, length, goal):
if not length:
if string == goal:
return string
return False
for c in chars:
s = brute_force(string + c, length - 1, goal)
if s:
return s
return False
您可以使用以下语法进行调用:
>>> brute_force('', 3, 'bob')
'bob'
>>> brute_force('', 2, 'yo')
'yo'
为什么这样做?
我们总是使用三个变量调用每个函数:string,length和goal.变量string保留当前的猜测值,因此在第一个示例中,string将是直到bob的所有内容,例如ab,bo等.
下一个变量length保持多少字符,直到string正确的长度.
下一个变量goal是我们刚刚通过并与之进行比较的正确密码.
在函数的主体中,我们需要首先检查length是0的情况(通过检查not length完成,因为0的结果为False).当我们已经有一个目标长度的字符串,而我们只是想检查它是否正确时,就是这种情况.
如果匹配,则返回字符串,否则返回False.我们返回解决方案或False,以向调用我们的函数(堆栈中的上方调用)表明我们找到了(或未找到)正确的密码.
我们现在已经完成了length = 0的情况,现在需要处理其他情况.
在这些情况下,目的是获取我们调用过的字符串,并循环遍历chars中所有字符的 all ,每次调用brute_force函数(递归)与我们被调用的字符串以及该字符(c)串联的结果.
这将创建一个类似情感的树,在其中检查每个直到原始length的字符串.
在调用下一个函数时,我们还需要知道如何处理length和goal变量.
好吧,要处理这些问题,我们只需要考虑下一个函数需要知道什么.它已经具有string(因为这是连接chars字符串中下一个字符的结果),并且length会减少一个,因为我们通过串联将一个字符添加到了string并且goal显然将是相同的-我们仍在搜索相同的密码.
现在我们已经调用了此函数,它将在每次进行的后续调用中从长度中减去一个,直到最终达到length == 0的情况.而且我们再次处于简单的情况下,已经知道该怎么做!
因此,在调用它之后,该函数将返回以下两项之一:False表示最后一个节点未找到密码(因此,当ab之类的内容到达末尾时会发生这种情况.我们对bob的搜索,因此在没有找到解决方案后返回了False),或者该调用可能返回了 actual 解决方案.
处理这些情况很简单,如果我们得到了实际的解决方案,我们只想将其返回到链上,而如果我们遇到了失败(False),我们只想返回False,这将表明我们上方的节点我们没有成功,并告诉它继续搜索.
所以现在,我们只需要知道如何调用该函数.我们只需要发送一个空的string和一个目标length和goal值,然后进行递归即可.
最后一件事是,如果您希望它变得更整洁,则可以将函数定义修改为:
def brute_force(length, goal, string=''):
...
并更改其中的递归调用.这样,您可以使用类似于brute_force(3, 'bob')的函数来调用该函数,而无需指定string应该以什么开头.这只是您可以添加的内容,但对于该功能正常工作不是必需的.
So I was trying to make a program that brute forces passwords.
Firstly, I made a program for a password of length 1:
password = input('What is your password?\n')
chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'
def brute_force():
for char in chars:
if char == password:
return char
print(brute_force())
Then I edited it for a password of length 2:
def brute_force():
guess = [None, None]
for char in chars:
guess[0] = char
for char2 in chars:
guess[1] = char2
if ''.join(guess) == password:
return ''.join(guess)
Finally I did the same for a password of length 3:
def brute_force():
guess = [None, None, None]
for char in chars:
guess[0] = char
for char2 in chars:
guess[1] = char2
for char3 in chars:
guess[2] = char3
if ''.join(guess) == password:
return ''.join(guess)
How could I generalize this for a variable called length which contains the integer value of the lenght of the password?
You can use the following recursive function:
def brute_force(string, length, goal):
if not length:
if string == goal:
return string
return False
for c in chars:
s = brute_force(string + c, length - 1, goal)
if s:
return s
return False
which you can call with syntax like:
>>> brute_force('', 3, 'bob')
'bob'
>>> brute_force('', 2, 'yo')
'yo'
Why does this work?
We always call each function with the three variables: string, length and goal. The variable string holds the current guess up to this point, so in the first example, string will be everything up to bob such as ab, bo etc.
The next variable length holds how many characters there are to go till the string is the right length.
The next variable goal is the correct password which we just pass through and is compare against.
In the main body of the function, we need to first check the case where length is 0 (done by checking not length as 0 evaluates to False). This is the case when we already have a string that is the length of the goal and we just want to check whether it is correct.
If it matches, then we return the string, otherwise we return False. We return either the solution or False to indicate to the function which called us (the call above in the stack) that we found the right password (or not).
We have now finished the case where length = 0 and now need to handle the other cases.
In these cases, the aim is to take the string that we have been called with and loop through all of the characters in chars, each time calling the brute_force function (recursive) with the result of the concatenation of the string we were called with and that character (c).
This will create a tree like affect where every string up to the original length is checked.
We also need to know what to do with the length and goal variables when calling the next function.
Well, to handle these, we just need to think what the next function needs to know. It already has the string (as this was the result of concatenating the next character in the chars string) and the length is just going to be one less as we just added one to the string through the concatenation and the goal is clearly going to be the same - we are still searching for the same password.
Now that we have called this function, it will run through subtracting one from the length at each of the subsequent calls it makes until it eventually reaches the case where length == 0. And we are at the easy case again and already know what to do!
So, after calling it, the function will return one of two things, either False indicating that the last node did not find the password (so this would occur in the case where something like ab reached the end in our search for bob so returned False after no solution was found), or, the call could return the actual solution.
Handling these cases is simple, if we got the actual solution, we just want to return that up the chain and if we got a fail (False), we just want to return False And that will indicate to the node above us that we did not succeed and tell it to continue its search.
So now, we just need to know how to call the function. We just need to send in an empty string and a target length and goal value and let the recursion take place.
Note one last thing is that if you wanted this to be even neater, you could modify the function definition to:
def brute_force(length, goal, string=''):
...
and change the recursive call within. This way, you could call the function with something just like: brute_force(3, 'bob') and wouldn't need to specify what string should start at. This is just something that you can add in if you want, but isn't necessary for the function to work.
这篇关于如何对暴力进行密码的所有排列?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
