|
|
|
google unix.com
|
|||||||
| Forums | Register | Forum Rules | Links | Albums | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
| Security Discuss UNIX and Linux computer and network security, cybersecurity, cyberattacks, IT security, CISSP, OWASP and more. |
More UNIX and Linux Forum Topics You Might Find Helpful
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Password Strength Analyser and Generator library 1.3.0.1 (Default branch) | iBot | Software Releases - RSS News | 0 | 05-29-2008 11:00 PM |
| date generator | BG_JrAdmin | UNIX for Dummies Questions & Answers | 2 | 06-22-2006 04:52 PM |
| Password Generator | Perderabo | Security | 13 | 10-02-2004 11:34 AM |
| Screen Generator for C++ on AIX | byrdr | High Level Programming | 0 | 08-23-2002 03:50 PM |
| Load Generator for Web | momo | UNIX for Advanced & Expert Users | 1 | 05-15-2002 06:40 PM |
 |
Powered by 
|
|
|
LinkBack | Thread Tools | Search this Thread | Rate Thread | Display Modes |
|
|
12-18-2004
|
|||||
|
|||||
|
swordfish --- a password generator
Here is my new password generation script. The attachment, swordfish.txt, is in dos format. Remember that you need to use dos2unix or flip or something to get it into unix format. The script is self documenting. It has an extensive help system built-in. And you can run: swordfish "set LineLength=75" "help user_guide" to get a complete user guide. Here is a sample run to show some of the features: Code:
$ ./swordfish >>}###@>---- format +s +x 10 password statistics are on password expansions are on 10 passwords will be generated per template >>}###@>---- CvccEnnn Template EEEEEEEE has 2,992,179,271,065,856 possibilities Template CvccEnnn has 3,982,230,000 possibilities YisdG633 YANKEE india sierra delta GOLF six three three DehtK503 DELTA echo hotel tango KILO five zero three Hickt465 HOTEL india charlie kilo tango four six five SeydP384 SIERRA echo yankee delta PAPA three eight four Fakt0554 FOXTROT alpha kilo tango zero five five four FexrS395 FOXTROT echo x-ray romeo SIERRA three nine five Bamwv220 BRAVO alpha mike whiskey victor two two zero XumtF501 X-RAY uniform mike tango FOXTROT five zero one HilbS790 HOTEL india lima bravo SIERRA seven nine zero Xijsw021 X-RAY india juliet sierra whiskey zero two one >>}###@>---- Last edited by Perderabo; 12-19-2004 at 03:49 PM.. |
|
12-18-2004
|
|||||
|
|||||
|
If I do this: Code:
$ ./swordfish
>>}###@>---- define X=(n{ABCDEF})
>>}###@>---- XXXXXX
0F5C7E
9833F3
9713BE
1EBE49
195969
>>}###@>----
I can generate random hexadecimal numbers. Password generators are very close to being random number generators. So it is fair to ask a password generator to pass tests intended for a random number generator. I did this: Code:
$ ./swordfish "define X=(n{ABCDEF})" "format 1000000" "X<80>" > hex.txt
This command took 13711 seconds.
$
At that point I had one million lines of hexadecimal numbers, each 80 characters in length. This is exactly the input format needed by the asc2bin program of the diehard test suite. I ran diehard on the data file, selecting all 15 tests. The data passes all 15 tests. The results are attached. Last edited by Perderabo; 07-06-2005 at 09:41 AM.. Reason: Fix typo |
|
07-25-2006
|
||||
|
||||
|
need help. when i tried running the sworfish from the same folder that it is residing i could get the passwords working perfectly fine. However, when i tried running it from a different path by giving the absolute path i get the below mentioned warning message. i also tried running it through the shell scripts i tried a cd to the folder and then launched using the command ./swordfish.txt some times this works and some times it fails can some one help me understand why is it failing some times?
Quote:
|
|
07-25-2006
|
|||||
|
|||||
|
I will post a new copy of swordfish making these changes: Code:
In the weak_start_tigershark function: the line in green is new.
function weak_start_tigershark
{
typeset -i i final duration
((final=SECONDS+2))
while((SECONDS < final)) ; do
i=$RANDOM
done
((Carry=0))
((X0=$$))
((X1=RANDOM))
((X2=RANDOM))
((X3=RANDOM))
((DEBUG)) && echo weakstart X3=$X3 X2=$X2 X1=$X1 X0=$X0 Carry=$Carry
Sum=0
((Stigershark=Stigershark+1))
return 0
}
In the Main section: The lines in red go away:
if [[ $Entropy = $ZeroEntropy ]] ; then
echo "********************************" >&2
echo "* *" >&2
echo "* Warning: Entropy is zero! *" >&2
echo "* *" >&2
echo "********************************" >&2
echo generating weak entropy... >&2
weak_start_tigershark
status_tigershark
entropy_generator 1 array
echo Entropy = ${Entropy}
NeedMoreEntropy=1
fi
It is too early in the program to call status_tigershark since linecount has not be initialized and also it is sending unsolicted output to stdout. And that "echo Entropy" should have been directed to stderr as well. The remaining error message should be enough to call attention to the fact that swordfish is not operating in an optimum manner. And the user can always turn on debug mode for more output. Yes, my intent is that swordfish be invoked always in the same directory. swordfish maintains an entropy file which is random data used to initialize the internal random number generator. But the first time the random number generator is called, there won't be an entropy file. So swordfish will initialize the RNG from /dev/urandom or /dev/random. If neither of those is available then swordfish is stuck with no decent source of initial random numbers. So it invokes the internal ksh RANDOM routine to get a few random numbers and it uses its current PID for one more random number. It first spends a couple of seconds burning off some of KSH's random numbers so it is not as bad as it might otherwise be. But it still complains about the situation. This is what is happening to you. Even HP-UX finally implemented /dev/random in 11.23. What OS are you using without a /dev/random? If you really want to call swordfish from arbitrary directories, you could change the line: ENTROPYFILE=swordfish.ent to be an obsolute path to your entropy file. But remember, if other people can read your entropy file, they might be able to predict the passwords it will generate. |
|
09-14-2007
|
||||
|
||||
|
swordfish error
Hi,
I use your tool on Solaris 10, only i get this error. [machine:user]$ ./swordfish >>}###@>---- format +s +x 10 ./swordfish[39]: !X0 && !X1 && !X2 && !X3 && !X4 && !Carry : bad number password statistics are on password expansions are on 10 passwords will be generated per template |
|
| Bookmarks |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
Hybrid Mode
