Shortened dictionary and added basic and intermediate skeletons

dictionaries/base.txt

@@ -1,265 +1,32 @@
 abroad
-account
-acrobat
-across
-action
-actions
-actors
-adaptor
-adopted
-advisor
 afford
 airport
-alcohol
-allowed
-allows
-almost
-amazon
-amongst
-amount
-amounts
-analog
-anatomy
 anchor
 andorra
-angola
 another
-anthony
-antonio
-anybody
-anymore
-anyone
-apollo
-approve
-approx
-arizona
-arnold
-around
-artwork
-atomic
-auction
-auditor
-aurora
-author
-authors
-awesome
-balloon
-ballot
-bangkok
-boards
-boating
-bolivia
-bondage
-boolean
-bosnia
-brandon
-broader
-buffalo
-cameron
-cannon
-canyon
-capitol
-carbon
-carlos
-carroll
-cartoon
-casino
-casinos
-catalog
-caution
-chicago
-coaches
-coastal
 coated
-coating
-coleman
-collar
-combat
-command
-compact
-company
-compaq
-compare
-contact
-contain
-cottage
-courage
-creator
-croatia
-dakota
-dayton
-deborah
-dialog
-diamond
-diploma
-dollar
-dollars
-domain
-domains
-donald
-donate
-donated
-dosage
-douglas
-dragon
-ecuador
-erotica
-estonia
-factor
-factors
-factory
-famous
-fashion
-favors
-favour
-flavor
-floral
-florida
-footage
-formal
-format
-formats
-formula
-forward
-georgia
-glasgow
-global
-halfcom
-hampton
-handjob
-harbor
-harbour
-harmony
-harold
-holiday
-holland
-hotmail
-howard
-jackson
-jordan
-joshua
-journal
-karaoke
-korean
-labour
-laptop
-laptops
-latino
-layout
-lebanon
-leonard
-loaded
-loading
-locale
-locally
-locate
-located
-locator
-logical
-lolita
-madison
-madonna
-mailto
-marion
-minolta
-modular
-moldova
-monaco
-monday
-monica
-montana
-morgan
-mozilla
-narrow
-nation
-nations
-normal
-norman
-norway
-oakland
-obtain
-ontario
-operate
-optical
-optimal
-oracle
-orange
-organic
-orgasm
-orlando
-orleans
-ottawa
-overall
-passion
-pastor
-patrol
-payroll
-phantom
-playboy
-podcast
-poland
-pontiac
-popular
-portal
-postage
-postal
-potato
-program
-prozac
-radios
-rainbow
-random
-ratios
-raymond
-realtor
-reason
-reasons
-reload
-removal
-roland
 romance
-romania
-ronald
 rotary
 royalty
 salmon
-scholar
-scotia
-seafood
 season
-seasons
 senator
 shadow
-shadows
-shannon
-sharon
-slovak
 social
 solaris
-somalia
 station
 stomach
 storage
 tattoo
-taylor
-thomas
-throat
-tobacco
 tobago
 tomato
 toolbar
-toshiba
 totally
 totals
-toward
-towards
-toyota
 tractor
 upload
 various
 vocals
 voltage
 warrior
-watson
-weapon
-weapons
+

download_targets.sh

@@ -1,6 +1,6 @@
 #!/usr/bin/env bash
 
-bins=(basic1 basic2 basic3 intermediate1)
+bins=(basic1 basic2 basic3 intermediate1 intermediate2 intermediate3)
 
 rm -f targets/*
 

src/brute_intermediate.py

@@ -0,0 +1,85 @@
+#!python3
+from brutus import Binary
+
+def wordsFromFile(filePath):
+    """ Read lines from a file containing one word per line and return a list of the words
+    Args:
+        filePath: the absolute or relative path of the file to be read
+    Returns:
+        a list of the words from the file, stripped of whitespace
+    """
+    f=open(filePath,"r")
+    out=[]
+    for l in f.readlines():
+        w=l.strip()
+        if len(w)>0:
+            out.append(w.lower())
+    f.close()
+    return out
+
+def breakBinary(target, promptText, failText, guesses):
+    """" Break into the given target binary.
+    Assumes "intermeduate level binary, with dictionary words
+    Args:
+        target: path to the binary. e.g. "./bins/basic1"
+        promptText: text to look for in the output that signals a password is required. e.g. "Password:"
+        failText: text that indicates an attempt failed. e.g. "Password Incorrect"
+        guesses: list of words to try as passwords
+    Returns:
+        None: if no successful attempt was made
+        string: a successful password""" 
+
+    for g in guesses:        
+
+        #The actual attempt
+        b=Binary(target)
+        b.run()
+        success=b.attempt(promptText,g, failText)
+
+
+        if success:
+            print(f"The Guess '{g}' appears to be correct")
+            return g #Return the answer. No need to "break" because the return exits the function
+        else:
+            print(f"guess: {g} - Password incorrect!")
+    return None #If we get here, it means we didn't return earlier in the loop with a successful guess
+
+
+if __name__=="__main__":
+
+    #Load the dictionary
+    words=wordsFromFile("dictionaries/base.txt")
+
+
+    ### YOUR CODE HERE
+    ### Currently it passes in the plain words
+    ### Change the line "words2=words" so that the list "words2" contains your guesses
+    ### You need to create a word list that has the dictionary words in PLUS
+    ### 1. Each word with all 0-9 digits appended (so 'swordfish' would be 'swordfish0', 'swordfish1' etc.
+    ### 2. Each word turned into "l33t-5p34k"
+    ###    Each o becomes 0, each i becomes 1, each a becomes 4, each s becomes 5, each e becomes 3
+    ###    'swordfish' becomes '5w0rdf15h', for example
+    ###    You can assume case (upper/lower) will not need to be changed
+
+    words2=words
+
+
+    # Create a simple menu system to pick the binary we want to force
+    targets=[]
+    targets.append(["targets/intermediate1","Password:", "Password Incorrect"])
+    targets.append(["targets/intermediate2","Secret code:", "Auth Failure"])
+    targets.append(["targets/intermediate3","Enter Credentials:", "Invalid Credentials"])
+
+    print("Intermediate Binary Breaker")
+    print("Which binary do you want to brute force?")
+
+    for c in range(len(targets)):
+        print(f"{c}: {targets[c][0]}")
+
+    selection=int(input("Enter the number of the binary to be forced: "))
+
+    if 0 <= selection < len(targets):
+        target=targets[selection]
+        breakBinary(target[0],target[1],target[2], words2)
+    else:
+        print("Invalid selection")