Mastering the Art of Brute Force: A Comprehensive Guide and Cheat Sheet

Brute force is a type of algorithmic approach used in computer science to solve problems by exhaustively trying all possible solutions. In this method, the system tries every possible combination of inputs until the correct output is found.

Brute force is typically used when other more efficient algorithms fail to solve a problem, or when the problem space is relatively small. Brute force is a general technique that can be applied to many different types of problems, including password cracking, cryptography, and combinatorial optimization.

In this cheat sheet, we will explore the basic concepts of brute force, how it works, and the different techniques and algorithms used to optimize its performance. We will also provide best practices for implementing brute force algorithms and avoiding common pitfalls.

Brute Force Basics

Brute force is a simple and straightforward approach to problem-solving that involves trying every possible solution until the correct answer is found. The key advantage of this approach is that it is guaranteed to find the correct answer, as long as the problem space is small enough to exhaustively search.

However, brute force algorithms can be very slow and resource-intensive, especially for large problem spaces. This is because they require a lot of computational power and memory to process all possible solutions. As a result, brute force algorithms may not be practical for certain types of problems or for large data sets.

One important distinction to note is that brute force algorithms are different from other types of algorithms that use heuristics or rules to eliminate certain solutions from consideration. Brute force algorithms, on the other hand, consider every possible solution without any preconceived biases or assumptions.

Despite its limitations, brute force remains a useful technique in computer science, especially for certain types of problems where other algorithms have failed or where the problem space is small enough to make exhaustive search practical.

How Brute Force Works

Brute force algorithms work by systematically trying every possible solution to a problem until the correct one is found. This approach is typically used when other more efficient algorithms are not available or are too complex to implement.

To understand how brute force works, let’s consider an example of a password cracking algorithm. Suppose you have a password-protected file and you want to crack the password. One way to do this is to use a brute force algorithm that tries every possible combination of characters until the correct password is found.

The brute force algorithm starts by trying a single character as the password. If that doesn’t work, it tries all possible combinations of two characters, then three, and so on until the correct password is found. This process continues until the password is cracked or all possible combinations have been tried.

While brute force is a simple and effective approach, it can be very slow and resource-intensive, especially for large problem spaces. For example, cracking a password with 8 characters using a brute force algorithm that considers all possible combinations of upper and lower case letters, numbers, and symbols would require trying over 218 trillion combinations.

To improve the performance of brute force algorithms, various optimization techniques can be used, such as reducing the size of the problem space by eliminating redundant or invalid solutions, or using parallel processing to search for solutions more quickly.

Brute Force Techniques

There are several techniques that can be used to optimize the performance of brute force algorithms. Here are some of the most commonly used techniques:

1. Pruning: This technique involves eliminating redundant or invalid solutions from the search space to reduce the number of solutions that need to be evaluated. For example, in a password cracking algorithm, you can eliminate passwords that don’t meet certain criteria, such as length or character requirements.
2. Memoization: Memoization is a technique that involves storing the results of previous calculations so that they can be reused later. This can help to reduce the number of calculations that need to be performed and speed up the overall algorithm.
3. Heuristics: Heuristics are rules or strategies that can be used to narrow down the search space and eliminate certain solutions from consideration. For example, in a chess game, a heuristic might involve prioritizing moves that put the opponent’s king in check.
4. Parallel Processing: Parallel processing involves dividing the problem into smaller sub-problems that can be processed simultaneously by multiple processors or threads. This can help to speed up the overall algorithm and reduce the time needed to find a solution.
5. Branch and Bound: Branch and Bound is a technique that involves breaking the problem into smaller sub-problems and evaluating each sub-problem separately. The solutions from each sub-problem are then combined to find the final solution. This technique can help to reduce the size of the problem space and speed up the overall algorithm.

It’s important to note that the effectiveness of these techniques will depend on the specific problem being solved and the size of the problem space. In some cases, brute force algorithms may still be too slow or resource-intensive to be practical, even with optimization techniques.

Common Brute Force Algorithms

There are several common brute force algorithms that are frequently used to solve different types of problems. Here are a few examples:

1. Brute Force Password Cracking: This algorithm involves trying every possible combination of characters until the correct password is found. The algorithm can be optimized by using techniques such as pruning, memoization, and parallel processing.
2. Brute Force Cryptanalysis: This algorithm involves trying every possible key or plaintext until the correct one is found. The algorithm can be optimized by using techniques such as frequency analysis, precomputation, and parallel processing.
3. Brute Force Combinatorial Optimization: This algorithm involves trying every possible combination of solutions until the best one is found. The algorithm can be optimized by using techniques such as branch and bound, heuristics, and parallel processing.
4. Brute Force Search: This algorithm involves trying every possible solution until the correct one is found. The algorithm can be optimized by using techniques such as pruning, memoization, and parallel processing.

It’s important to note that the effectiveness of these algorithms will depend on the size of the problem space and the specific problem being solved. In some cases, brute force algorithms may not be practical or may require significant optimization to be effective.

Create your own Dictionaries

Creating dictionaries is an important step in using brute force algorithms to solve certain types of problems. A dictionary is a collection of words or phrases that can be used to generate possible solutions to a problem. Here are some steps to follow when creating your own dictionaries:

1. Crunch:

Numeric: This dictionary includes all possible combinations of numeric characters (0-9).

Alpha: This dictionary includes all possible combinations of lowercase and uppercase letters (a-z and A-Z).

AlphaNumeric: This dictionary includes all possible combinations of numeric and alphabetic characters.

Special Characters: This dictionary includes all possible combinations of special characters such as symbols and punctuation marks.

• Numeric: 0000, 1234, 9999
• Alpha: aaaaa, ZZZZZ, abcdefg
• AlphaNumeric: abc123, 123abc, P@ssw0rd
• Special Characters: !@#$%^&*, ().;:[]

2. Cewl:

Personal Information: This dictionary includes words and phrases related to a specific individual, such as their name, birthdate, and address.

Company Information: This dictionary includes words and phrases related to a specific company, such as their name, industry, and location.

Common Words: This dictionary includes common words and phrases that are frequently used in passwords and passphrases, such as “password”, “123456”, and “letmein”.

• Personal Information: JohnDoe, 04/22/1980, 123 Main St.
• Company Information: AcmeCorp, Technology, San Francisco
• Common Words: password, 123456, letmein

3. CUPP:

Custom Words: This dictionary includes custom words and phrases that are specific to a target individual or organization, such as pet names or project code names.

Social Engineering: This dictionary includes words and phrases that are commonly used in social engineering attacks, such as “urgent” or “important”.

• Custom Words: fluffy, projectX, blackcat
• Social Engineering: urgent, important, update

4. Pydictor:

Custom Wordlists: This dictionary includes custom wordlists that can be created based on specific criteria, such as length, complexity, or common patterns.

Language-specific Wordlists: This dictionary includes wordlists that are specific to a particular language, such as English or Spanish.

• Custom Wordlists: mywordlist1, mywordlist2, mywordlist3
• Language-specific Wordlists: english.txt, spanish.txt, french.txt

5. Wordlists:

Default Wordlists: This dictionary includes default wordlists that come with many password cracking tools, such as rockyou.txt or common-passwords.txt.

Miscellaneous Wordlists: This dictionary includes wordlists that are not specific to any particular category, such as the EFF wordlist or the Nmap wordlist.

• Default Wordlists: rockyou.txt, common-passwords.txt, english.txt
• Miscellaneous Wordlists: EFF wordlist, Nmap wordlist, cracking-station.txt

6. Hashcat:

Rules-based Wordlists: This dictionary includes wordlists that are generated using rules-based algorithms that modify existing words and phrases to create variations, such as capitalization, substitutions, and appending or prepending characters.

Rules-based Wordlists: leet-speak variations of common passwords, appending years or special characters to common phrases

7. Fuzzing:

Fuzzing Wordlists: This dictionary includes wordlists that are specifically designed for fuzzing attacks, where input data is intentionally modified in unexpected ways to test for vulnerabilities.

Fuzzing Wordlists: variations of input data, such as extra spaces, misspellings, or repeated characters

8. Rainbow Tables:

Rainbow Table Databases: Instead of a traditional dictionary, rainbow tables use precomputed data to speed up the cracking process. This category includes precomputed rainbow tables that can be used with rainbow table attacks.

Rainbow Table Databases: Ophcrack rainbow tables, Cain and Abel rainbow tables, RainbowCrack rainbow tables

9. Social Media:

Social Media Wordlists: This dictionary includes words and phrases related to social media, such as usernames, hashtags, and popular phrases.

10. Geography:

Geographic Wordlists: This dictionary includes words and phrases related to specific geographic locations, such as city names, landmarks, and popular tourist destinations.

Default Credentials

Search in google for default credentials of the technology that is being used, or try these links:

• https://github.com/ihebski/DefaultCreds-cheat-sheet
• http://www.phenoelit.org/dpl/dpl.html
• http://www.vulnerabilityassessment.co.uk/passwordsC.htm
• https://192-168-1-1ip.mobi/default-router-passwords-list/
• https://datarecovery.com/rd/default-passwords/
• https://bizuns.com/default-passwords-list
• https://github.com/danielmiessler/SecLists/blob/master/Passwords/Default-Credentials/default-passwords.csv
• https://github.com/Dormidera/WordList-Compendium
• https://www.cirt.net/passwords
• http://www.passwordsdatabase.com/
• https://many-passwords.github.io/

Wordlists

• https://github.com/danielmiessler/SecLists
• https://github.com/Dormidera/WordList-Compendium
• https://github.com/kaonashi-passwords/Kaonashi
• https://github.com/google/fuzzing/tree/master/dictionaries
• https://crackstation.net/crackstation-wordlist-password-cracking-dictionary.htm

Online cracking databases

• https://www.onlinehashcrack.com/ (Hashes, WPA2 captures, and archives MSOffice, ZIP, PDF…)
• https://crackstation.net/ (Hashes)
• https://md5decrypt.net/ (MD5)
• https://gpuhash.me/ (Hashes and file hashes)
• https://hashes.org/search.php (Hashes)
• https://www.cmd5.org/ (Hashes)
• https://hashkiller.co.uk/Cracker (MD5, NTLM, SHA1, MySQL5, SHA256, SHA512)
• https://www.md5online.org/md5-decrypt.html (MD5)
• http://reverse-hash-lookup.online-domain-tools.com/

Check this out before trying to brute force a Hash.

Best Practices for Brute Force

While brute force algorithms can be effective in solving certain types of problems, there are some best practices that should be followed to ensure their proper use and minimize any potential negative impacts. Here are some of the best practices for brute force:

1. Use Brute Force as a Last Resort: Before resorting to brute force, explore other more efficient algorithms that may be better suited to the problem you are trying to solve. Brute force algorithms can be slow and resource-intensive, so it’s important to consider alternative solutions first.
2. Limit the Problem Space: Reduce the size of the problem space by eliminating redundant or invalid solutions using techniques such as pruning or heuristics. This can help to reduce the time and resources needed to find a solution.
3. Use Memoization: Store the results of previous calculations to avoid having to recalculate them in the future. This can help to reduce the number of calculations needed and speed up the overall algorithm.
4. Use Parallel Processing: Divide the problem into smaller sub-problems and process them simultaneously using multiple processors or threads. This can help to speed up the overall algorithm and reduce the time needed to find a solution.
5. Use High-Performance Computing Resources: If the problem space is too large to be processed efficiently on a single machine, consider using high-performance computing resources such as clusters or cloud-based services.
6. Respect Security and Privacy: Ensure that the use of brute force algorithms respects security and privacy concerns. For example, brute force password cracking should only be used with permission from the system owner and within legal and ethical boundaries.

By following these best practices, you can use brute force algorithms effectively and responsibly, while minimizing any potential negative impacts.

Conclusion

In conclusion, brute force attacks are a common method used by attackers to gain unauthorized access to systems and applications. Brute force attacks involve systematically trying all possible combinations of usernames and passwords until the correct combination is found.

There are many different types of brute force attacks, including dictionary attacks, hybrid attacks, and rainbow table attacks. Each type of attack has its own strengths and weaknesses, and the specific type of attack used will depend on the characteristics of the password or passphrase being targeted.

To defend against brute force attacks, it’s important to implement strong password policies, including requiring complex passwords and enforcing regular password changes. Other defenses may include implementing account lockout policies, rate limiting, and multi-factor authentication.