Last active
July 2, 2024 22:45
-
-
Save VityaSchel/26667c55bd37c2df2e385fdb0507d58b to your computer and use it in GitHub Desktop.
Брутфорс кодового слова на zp.midpass.ru Запуск: bun run-this-with-bun-sh.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import crypto from 'node:crypto' | |
| // вместо 4 подставьте предполагаемую длину пароля | |
| const passwordLength = 4 | |
| // подставьте строку из localStorage -> DecryptTestMessage | |
| const encryptedText = 'U2FsdGVkX19qOI7LCQdLXzD9HpujeJl7mNCrTNMrVzqWCKd7IcjTdg==' | |
| function decrypt(password: Buffer) { | |
| let bytes = Buffer.concat([password, salt]) | |
| let keyBuffer = Buffer.alloc(0) | |
| while (keyBuffer.length < 16) { | |
| let hash = crypto.createHash('md5').update(bytes).digest() | |
| keyBuffer = Buffer.concat([keyBuffer, hash]) | |
| bytes = Buffer.concat([hash, password, salt]) | |
| } | |
| const key = keyBuffer.subarray(0, 8) | |
| const iv = keyBuffer.subarray(8, 16) | |
| const decipher = crypto.createDecipheriv('des-cbc', key, iv) | |
| let decrypted = decipher.update(data, 'binary', 'utf8') | |
| decrypted += decipher.final('utf8') | |
| return decrypted | |
| } | |
| const encrypted = Buffer.from(encryptedText, 'base64') | |
| const salt = encrypted.subarray(8, 16) | |
| const data = encrypted.subarray(16) | |
| function* russianLetterGenerator(length) { | |
| const letters = 'абвгдеёжзийклмнопрстуфхцчшщъыьэюя'.split('') | |
| const base = letters.length | |
| const indices = Array(length).fill(0) | |
| while (true) { | |
| yield indices.map(i => letters[i]).join('') | |
| for (let i = length - 1; i >= 0; i--) { | |
| if (indices[i] < base - 1) { | |
| indices[i]++ | |
| break | |
| } else { | |
| indices[i] = 0 | |
| } | |
| } | |
| if (indices.every(i => i === 0)) { | |
| return | |
| } | |
| } | |
| } | |
| const start = performance.now() | |
| const gen = russianLetterGenerator(passwordLength) | |
| let result = gen.next() | |
| let i = 0 | |
| while (!result.done) { | |
| const passwordText = result.value | |
| const password = Buffer.from(passwordText) | |
| try { | |
| if (decrypt(password) === 'DecryptTestMessage') { | |
| console.log('Пароль найден!', passwordText) | |
| process.exit(0) | |
| } | |
| } catch (e) { | |
| continue | |
| } finally { | |
| result = gen.next() | |
| i++ | |
| } | |
| } | |
| console.log('Пароль не найден') | |
| console.log(i, 'комбинаций за', performance.now() - start, 'мс') |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment