Add chunk support

2026-04-17 04:25:46 +00:00 · 2021-05-31 15:15:42 +02:00
parent c397b3640e
commit 31ab515a01
5 changed files with 76 additions and 8 deletions
--- a/src/Bruteforce.py
+++ b/src/Bruteforce.py
@@ -7,7 +7,7 @@ charset = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789{}_!?"

 # bruteforces a single character, sandwiched between the known parts.
 # Returns the most promising string.
-def BruteforceChar(bm, knownPrefix, knownSuffix):
+def BruteforceChar(bm, knownPrefix, knownSuffix, chunksize):
    # keyFragment is the variable were we store our found-to-be-correct chars
    keyFragment = ""

@@ -19,11 +19,11 @@ def BruteforceChar(bm, knownPrefix, knownSuffix):
    # the resulting score is the base for the next round of guessing, hopefully with a single solution better than the score of knownPrefix + keyFragment + impossibleChar.
    # please also note that this will massively fail if the "impossible" character is part of the flag, at the very position it was tested on ... have fun detecting that
    bm.ResetBreakpoints()
-    TryInput(knownPrefix + keyFragment + "^" + knownSuffix)
+    TryInput(knownPrefix + keyFragment + "^" * chunksize + knownSuffix)
    refScore = bm.PopScore()

    # iterate over every character in the charset
-    for c in charset:
+    for c in generateCharset(chunksize):
        # generate full input string
        inp = knownPrefix + keyFragment + c + knownSuffix

@@ -33,7 +33,7 @@ def BruteforceChar(bm, knownPrefix, knownSuffix):
        score = bm.PopScore()
        
        # yay, that's a hit
-        if score > refScore:
+        if score > refScore or bm.HitWin():
            keyFragment += c
            found = True
            break
@@ -45,9 +45,9 @@ def BruteforceChar(bm, knownPrefix, knownSuffix):
 # Bruteforce calls BruteforceChar until:
 # - BruteforceChar was unable to increase the score using any character in the charset, OR
 # - the "win" breakpoint is hit :)
-def Bruteforce(bm, knownPrefix, knownSuffix):
+def Bruteforce(bm, knownPrefix, knownSuffix, chunksize):
    while True:
-        res = BruteforceChar(bm, knownPrefix, knownSuffix)
+        res = BruteforceChar(bm, knownPrefix, knownSuffix, chunksize)
        if res is False:
            # no character from the given charset matched. :(
            EnableLogging()
@@ -78,3 +78,11 @@ def Bruteforce(bm, knownPrefix, knownSuffix):
                return knownPrefix + knownSuffix


+# generateCharset returns an iteratable object (string or set) to be used by the bruteforce function.
+# the chunksize is the amount of characters to stuff into an entry
+def generateCharset(chunksize):
+    c = charset
+    for i in range(chunksize - 1):
+        c = [ a + b for a in c for b in charset ]
+    return c
+