Path: csiph.com!v102.xanadu-bbs.net!xanadu-bbs.net!feeder.erje.net!eu.feeder.erje.net!newsfeed.xs4all.nl!newsfeed2.news.xs4all.nl!xs4all!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail
MIME-Version: 1.0
In-Reply-To: <CAPTjJmqy+k-bNNMmH9bfwyX+q8C=6JWFTSb=34jrLWvtgK6m=w@mail.gmail.com>
References: <0a4ae59b-fff8-40dd-b264-823ea596ad82@googlegroups.com> <52940dbe$0$11089$c3e8da3@news.astraweb.com> <mailman.3215.1385438789.18130.python-list@python.org> <2a8225b8-da33-4db4-b83b-dcbd8a619f6c@googlegroups.com> <l72616$82k$1@ger.gmane.org> <CAMp65DUjvuprx1H2apoV6yPyGpZL=S=5jsjTAv6M=1gOMYffkw@mail.gmail.com> <CAPTjJmqy+k-bNNMmH9bfwyX+q8C=6JWFTSb=34jrLWvtgK6m=w@mail.gmail.com>
Date: Tue, 26 Nov 2013 15:13:43 +0000
Subject: Re: Cracking hashes with Python
From: "TheRandomPast ." <wishingforsam@gmail.com>
Cc: python-list@python.org
Content-Type: multipart/alternative; boundary=f46d043bdf6a22de8f04ec15ed2c
Precedence: list
Newsgroups: comp.lang.python
Message-ID: <mailman.3245.1385479197.18130.python-list@python.org>
Lines: 194
NNTP-Posting-Host: 2001:888:2000:d::a6
Xref: csiph.com comp.lang.python:60520

--f46d043bdf6a22de8f04ec15ed2c
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: quoted-printable

Thanks. I'll take that on board and let you know how I get on.

Thanks for all your help.


On Tue, Nov 26, 2013 at 2:46 PM, Chris Angelico <rosuav@gmail.com> wrote:

> On Wed, Nov 27, 2013 at 1:18 AM, TheRandomPast .
> <wishingforsam@gmail.com> wrote:
> > This is my code. I hope it looks better? I'm sorry if it doesn't. I'm
> trying
> > to get the hang of posting by email :)
>
> There are no BBCode tags here, so [code] doesn't help you at all.
> Other than that, looks good. Though if you're going to annotate your
> code, please mark your comments with a hash; that way, we can simply
> copy and paste your code and run it, which is a huge help. (In this
> case, I can see what's going on without running it, but that's not
> always true. Sometimes my crystal ball is faulty.)
>
> > wordlist =3D open('C:/dictionary.txt')
> > try:
> >     words =3D wordlist
> > except(IOError):
> >     print "[-] Error: Check your  path.\n"
> >     sys.exit(1)
>
> This now is functional but completely useless. You can drop this whole
> block of code.
>
> > words =3D open('C:/dictionary.txt')
> > print "\n",len(words),"words loaded=85" (This line now throws up an err=
or
> > where it wasn't before: TypeError: object of type 'file' has no len()
>
> The problem is that you've left out the readlines() call, so you now
> aren't looking at a list, you're looking at the file object itself.
> But take heart! A file object is iterable, so as long as you don't
> mind losing this line of status display, it'll all work.
>
> > for word in words:
> >     hash =3D hashlib.md5(word[:-1])
> >     value =3D hash.hexdigest()
>
> This is all very well, but you actually don't do anything with the
> hash and the value. Tip: This would be a good place to stash them all
> somewhere so you can look them up quickly.
>
> Side point: You're currently assuming that each word you get is
> terminated by exactly a single newline. It'd be clearer to, instead of
> slicing off the last character with the smiley [:-1] (not sure what
> that represents - maybe he has a pen lid sticking out of his mouth?),
> try stripping off whitespace. Strings have a method that'll do that
> for you.
>
> > if hashes =3D=3D value:
> >     print "[+] Password is:"+word,"\n"
> >     sys.exit(0)
>
> This is where you'd look up in what you've stashed, except that at no
> point before this do you query the user for the hash to look up.
>
> I recommend you think in terms of an initialization phase, and then a
> loop in which you ask the user for input. That would be the most
> normal way to do things. As it is, there's no loop, so having an
> "exit" option is actually fairly useless.
>
> By the way, are you also learning about Python 3, or are you
> exclusively studying Python 2? Python 2 is now a dead end; no new
> features are being added to it, and it's to be supported with some bug
> fixes for a while, and then security patches only after that;
> meanwhile, Python 3 just keeps on getting better. We're now able to
> play with a beta of 3.4 that adds a bunch of fun stuff above 3.3
> (which added a veritable ton of awesomeness over 3.2), and there are
> features slated for 3.5 after that. Even if your course is teaching
> only the old version, it'd be good for you, as a programmer, to
> explore the differences in the new version; the sooner you get your
> head around the difference between Unicode strings and collections of
> bytes, the easier your life will be, and Py3 makes that distinction a
> lot clearer than Py2 did.
>
> ChrisA
> --
> https://mail.python.org/mailman/listinfo/python-list
>

--f46d043bdf6a22de8f04ec15ed2c
Content-Type: text/html; charset=windows-1252
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">Thanks. I&#39;ll take that on board and let you know how I=
 get on.<div><br></div><div>Thanks for all your help. =A0</div></div><div c=
lass=3D"gmail_extra"><br><br><div class=3D"gmail_quote">On Tue, Nov 26, 201=
3 at 2:46 PM, Chris Angelico <span dir=3D"ltr">&lt;<a href=3D"mailto:rosuav=
@gmail.com" target=3D"_blank">rosuav@gmail.com</a>&gt;</span> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex"><div class=3D"im">On Wed, Nov 27, 2013 at 1:=
18 AM, TheRandomPast .<br>
&lt;<a href=3D"mailto:wishingforsam@gmail.com">wishingforsam@gmail.com</a>&=
gt; wrote:<br>
&gt; This is my code. I hope it looks better? I&#39;m sorry if it doesn&#39=
;t. I&#39;m trying<br>
&gt; to get the hang of posting by email :)<br>
<br>
</div>There are no BBCode tags here, so [code] doesn&#39;t help you at all.=
<br>
Other than that, looks good. Though if you&#39;re going to annotate your<br=
>
code, please mark your comments with a hash; that way, we can simply<br>
copy and paste your code and run it, which is a huge help. (In this<br>
case, I can see what&#39;s going on without running it, but that&#39;s not<=
br>
always true. Sometimes my crystal ball is faulty.)<br>
<div class=3D"im"><br>
&gt; wordlist =3D open(&#39;C:/dictionary.txt&#39;)<br>
&gt; try:<br>
&gt; =A0 =A0 words =3D wordlist<br>
&gt; except(IOError):<br>
&gt; =A0 =A0 print &quot;[-] Error: Check your =A0path.\n&quot;<br>
&gt; =A0 =A0 sys.exit(1)<br>
<br>
</div>This now is functional but completely useless. You can drop this whol=
e<br>
block of code.<br>
<div class=3D"im"><br>
&gt; words =3D open(&#39;C:/dictionary.txt&#39;)<br>
&gt; print &quot;\n&quot;,len(words),&quot;words loaded=85&quot; (This line=
 now throws up an error<br>
&gt; where it wasn&#39;t before: TypeError: object of type &#39;file&#39; h=
as no len()<br>
<br>
</div>The problem is that you&#39;ve left out the readlines() call, so you =
now<br>
aren&#39;t looking at a list, you&#39;re looking at the file object itself.=
<br>
But take heart! A file object is iterable, so as long as you don&#39;t<br>
mind losing this line of status display, it&#39;ll all work.<br>
<div class=3D"im"><br>
&gt; for word in words:<br>
&gt; =A0 =A0 hash =3D hashlib.md5(word[:-1])<br>
&gt; =A0 =A0 value =3D hash.hexdigest()<br>
<br>
</div>This is all very well, but you actually don&#39;t do anything with th=
e<br>
hash and the value. Tip: This would be a good place to stash them all<br>
somewhere so you can look them up quickly.<br>
<br>
Side point: You&#39;re currently assuming that each word you get is<br>
terminated by exactly a single newline. It&#39;d be clearer to, instead of<=
br>
slicing off the last character with the smiley [:-1] (not sure what<br>
that represents - maybe he has a pen lid sticking out of his mouth?),<br>
try stripping off whitespace. Strings have a method that&#39;ll do that<br>
for you.<br>
<div class=3D"im"><br>
&gt; if hashes =3D=3D value:<br>
&gt; =A0 =A0 print &quot;[+] Password is:&quot;+word,&quot;\n&quot;<br>
&gt; =A0 =A0 sys.exit(0)<br>
<br>
</div>This is where you&#39;d look up in what you&#39;ve stashed, except th=
at at no<br>
point before this do you query the user for the hash to look up.<br>
<br>
I recommend you think in terms of an initialization phase, and then a<br>
loop in which you ask the user for input. That would be the most<br>
normal way to do things. As it is, there&#39;s no loop, so having an<br>
&quot;exit&quot; option is actually fairly useless.<br>
<br>
By the way, are you also learning about Python 3, or are you<br>
exclusively studying Python 2? Python 2 is now a dead end; no new<br>
features are being added to it, and it&#39;s to be supported with some bug<=
br>
fixes for a while, and then security patches only after that;<br>
meanwhile, Python 3 just keeps on getting better. We&#39;re now able to<br>
play with a beta of 3.4 that adds a bunch of fun stuff above 3.3<br>
(which added a veritable ton of awesomeness over 3.2), and there are<br>
features slated for 3.5 after that. Even if your course is teaching<br>
only the old version, it&#39;d be good for you, as a programmer, to<br>
explore the differences in the new version; the sooner you get your<br>
head around the difference between Unicode strings and collections of<br>
bytes, the easier your life will be, and Py3 makes that distinction a<br>
lot clearer than Py2 did.<br>
<br>
ChrisA<br>
<span class=3D"HOEnZb"><font color=3D"#888888">--<br>
<a href=3D"https://mail.python.org/mailman/listinfo/python-list" target=3D"=
_blank">https://mail.python.org/mailman/listinfo/python-list</a><br>
</font></span></blockquote></div><br></div>

--f46d043bdf6a22de8f04ec15ed2c--