# Simple Brute force script

Hi
I started making a project for fun and to learn something about brute forcing, I made a script for the client and the server and now the problem is that I don’t know how to make a script for actual brute forcing. I have a variable with the correct password, list of characters and password length. The problem is that I don’t know how to make a function that will make every possible combination out of it. If someone could explain it to me or give me a code example I would be very grateful.

1 Like

well you could make a list of each character and attempt to use every character for every spot… uh this is harder to explain than i thought XD

basically you can define a max size ( eg. 15 characters max ) and a table of each possible input ( different characters )

then somehow you would lineup all of the possibilities

something probably like:
aaaaaaaaaaaaaaa ( 15 a’s )
then legit figure out how to try every possibility
xd I would need some time to figure out how to get every possibility.

Thanks for replying, I’m stuck at the exact same step as you. I have the list and the loop I just don’t know how to make it work. Cause it has to loop through every character for character at index 1 in the password, then for index 2 and 3 (if it’s 3 characters long), but then it also has to change character at index 1 to let’s say a b and then loop through all the possible characters for index 2 and 3, and do that till character at index 1 has looped all the way and then do that for the next one and next one. I hope my message is readable and understandable.

we could probably keep a table of each varriation

like:

{
a,
aa,
ab,
}

and keep adding to this to find new possiblities

That’s what the brute force function has to figure out, I can’t just put all the possible combinations myself cause that ruins the point and will take a very long time with more complicated passwords.

ohh no i meant the code does this
let me make an example

Well you can make a recursive function

``````local bruteforce
function bruteforce(prefix, desiredlength)
prefix = prefix or “”
for _,ch in pairs(validCharList) do
if string.length(prefix) == desiredlength then
if pass then return pass end
else
local pass = bruteforce(prefix .. ch, desiredlength)
if pass then return pass end
end
end
end
``````

Something like that. I wrote it on mobile so I might have made a mistake though.

2 Likes

hehe yea thats what im thinking

Thank you for replying, I have a question. What is the prefix for/what should I put in?

It actually should be an empty string or nil. I should have made that variable last tbh. It just is so that the recursive function can pass info

Basically the function goes through every character in your list and calls the function again, but this time adds the start of the password to prefix so that the next function knows where the previous was at. Then it goes through every character again but adds it to prefix. It calls itself until it hits the desiredlength.

Thanks for explaining. I tried it
code:

``````local smallAlphabet = {"a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "Z"}
local bigAlphabet = {"A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z"}
local numbers = {"1", "2", "3", "4", "5", "6", "7", "8", "9", "0"}
local characterList = {}

local function makeCharacterList()
for i, letter in ipairs(smallAlphabet) do
table.insert(characterList, letter)
end
for i, Bletter in ipairs(bigAlphabet) do
table.insert(characterList, Bletter)
end
for i, number in ipairs(numbers) do
table.insert(characterList, number)
end
end

makeCharacterList()

return true
end
end

local function bruteforce(desiredlength)
local prefix = ""
for _,ch in ipairs(characterList) do
print(ch)
if string.len(prefix) == desiredlength then
local pass = testPassword(prefix .. ch)
if pass then
return pass
end
else
local pass = bruteforce(prefix .. ch)
if pass then
return pass
end
end
end
end

bruteforce(5)
``````

But it just lags a bit when I run it and then does nothing.
Also output if that helps with anything:

You have to leave prefix as the first parameter. It is used by the function, but only internally. Just put it as nil when you call.

The reason is the function calls itself and passes in prefix as the first parameter.

I added a print for the ch parameter in the loop and all it does it prints “a” and then the script gets exhausted even with a wait() in the loop.

You should do

``````print(prefix .. ch)
``````

instead which is the whole password. And if it’s going on forever then something is wrong. You should also print(string.length(prefix)). The length of prefix is how it determines to stop

Brute forcing is the slowest way to crack the password, and the only way at the same time. If it was just some number only password I would definetly use an for i loop. If it does contain letters you need to use random generated words, it can be found above but suggestion: you should ignore used password if it failed

Thank you so much, after finding out what’s wrong and fixing it (it called bruteforce function again but without the desiredlength). I got it to work!
Also if anyone else would come about this post here is the full script with a list of characters:

``````local smallAlphabet = {"a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "Z"}
local bigAlphabet = {"A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z"}
local numbers = {"1", "2", "3", "4", "5", "6", "7", "8", "9", "0"}
local characterList = {}

local function makeCharacterList()
for i, letter in ipairs(smallAlphabet) do
table.insert(characterList, letter)
end
for i, Bletter in ipairs(bigAlphabet) do
table.insert(characterList, Bletter)
end
for i, number in ipairs(numbers) do
table.insert(characterList, number)
end
end

makeCharacterList()

return true
end
end

local function bruteforce(prefix, desiredlength)
prefix = prefix or ""
for _,ch in ipairs(characterList) do
wait(0.001)
if string.len(prefix) == desiredlength then
print(prefix .. ch)
local pass = testPassword(prefix .. ch)
if pass then
print("Password Cracked: " .. prefix .. ch)
return pass
end
else
local pass = bruteforce(prefix .. ch, desiredlength)
if pass then
print("Password Cracked: " .. prefix .. ch)
return pass
end
end
end
end
bruteforce(nil, 5)
``````
3 Likes

The only thing I would suggest is actually flipping the variables prefix and desiredlength like I should have at the start. It’s really just a small improvement so you can call it with just the number instead of having to type nil or “” as the first parameter.

just fyi both of your z’s in your characters table are capitols