Tripcode decoder (696)

1 Name: Albright!LC/IWhc3yc 2004-11-15 08:25 ID:UYlEBzaw [Del]

I've been tinkering with Python all day today... it's pretty slick. Just for practice, I tried to cobble together a tripcode decoder that would let you have "real" words in your tripcode as !WAHa and Sling and others do, and it actually came out better than I thought it would be. I'm aware there's already a program that does this, but if memory serves me, it's Windows-only and in Japanese besides. My script is kind of dumb in the way it goes about things -- it basically just tears through random strings until it finds one that fits -- but I've tested it repeatedly and it seems to work. If you'd like to check it out, nab it here:

Of course, you may need to modify the hashbang line depending on where Python is on your machine, and don't forget those execute bits, people... Use "-h" for help.

First person to ask how to get this to run on Windows gets pointed and laughed at.

2 Name: Albright!LC/IWhc3yc 2004-11-15 08:26 ID:UYlEBzaw [Del]

If you just want to read the code without downloading and unpacking the file...

3 Name: Anonymous 2004-11-15 09:50 ID:bBA8/LRA [Del]


4 Name: !WAHa.06x36 2004-11-15 14:22 ID:lrsPgM4g [Del]

What you live or die by when doing this is the speed of your crypt() implementation. The default ones are often horribly slow. If you're only doing 4000 crypts per second, you'll have to wait a long time for those codes. Tripper+ uses the UFC crypt() implementation, and it pushes about 64000 crypts per second per gigahertz on an Athlon processor. I've used some assembly-optimized crypt() code from John the Ripper to get up to 110000 crypts per second per gigahertz.

I don't know how hard it is to interface those from Python, though. I see there's a Perl wrapper for the UFC code, so maybe somebody made one for Python, too.

5 Post deleted by moderator.

6 Post deleted by user.

7 Post deleted by user.

8 Post deleted by user.

9 Name: !WAHa.06x36 2004-11-15 20:35 ID:VCAzDJaA [Del]

The author of >>5 is DQN.

10 Name: Albright!LC/IWhc3yc 2004-11-15 21:04 ID:NCk61rhw [Del]

>>4: Hmm... Can't seem to find anything that ties Py and UFC together. I'll keep looking into it, although, to tell the truth, I don't care that much. :P Again, this was just coding practice.

> a syntax error when I try to compile it, both on Darwin and Ubuntu (Debian). Don't know enough about C to try to fix it...

11 Post deleted by user.

12 Name: Anonymous 2004-11-15 22:20 ID:Heaven [Del]

13 Name: Anonymous 2004-11-15 22:21 ID:Heaven [Del]

14 Name: !WAHa.06x36 2004-11-16 00:51 ID:VCAzDJaA [Del]

Man, this thread got hit hard by 100webspace's strange hiccups today.

15 Name: hotaru!hoTarufiRE!!YMy/5ZNE 2004-11-18 08:20 ID:z6ktBO9Q [Del]

>First person to ask how to get this to run on Windows gets pointed and laughed at.

lol cygwin wins it
but i think i'll stick to using my perl script since it's much faster (my perl script found 4 tripcodes matching 'abc' in about 2 seconds, while your python script took about 11 seconds to find one and then about 26 seconds to find another one... and about 107 seconds for the third one...

16 Name: !WAHa.06x36 2004-11-18 14:17 ID:FDWJfqSg [Del]

Are you using the UFC wrapper for that?

17 Name: hotaru!hoTarufiRE!!YMy/5ZNE 2004-11-18 15:55 ID:aD28FbYw [Del]

i wasn't, but then i saw your post and decided to try it... now it works much faster... (with ufc wrapper) (without ufc wrapper)

18 Name: Albright!LC/IWhc3yc 2004-11-18 17:25 ID:wzZMPgsQ [Del]

Last login: Wed Nov 17 23:34:30 on ttyp1
Welcome to Darwin!
Twelve:~ Albright$ bunzip2 /Users/Albright/Desktop/trip.bz2
bunzip2: /Users/Albright/Desktop/trip.bz2 is not a bzip2 file.
Twelve:~ Albright$

19 Name: Albright!LC/IWhc3yc 2004-11-18 17:26 ID:wzZMPgsQ [Del]

By the way, again, I'm not trying to attest my script is anything near teh fast, but could you get faster results with it if you ran it with the Windows port of Python natively instead of using Cygwin?

20 Name: !WAHa.06x36 2004-11-18 17:40 ID:LiL7AG0A [Del]

Cygwin is just a POSIX implementation for Windows, so it doesn't really give any significant performance hit.

21 Name: hotaru!hoTarufiRE!!YMy/5ZNE 2004-11-18 18:23 ID:zKAUYgGg [Del]

looks like the server is giving incorrect content-length headers again...
these should work:

22 Name: hk0gcgdz 2004-11-19 08:06 ID:8278XI9g [Del]

Some ideas:

1) Allow '1337' substitution (o == O == 0, 5 == s == S, |=l=1 etc.)
2) Force unmatched characters to be alpha, alphanum, num, etc.
3) Match anywhere (not just beginning)

So you end up building a regex from the command line parameters, then compile it, then use it to pick out matches.

Or maybe you should just add a "user-supplied regex" command line option. XD

23 Name: hk0gcgdz 2004-11-19 08:25 ID:hmO9hZ3g [Del]

Some ideas:

1) Allow '1337' substitution (o == O == 0, 5 == s == S, |=l=1 etc.)
2) Force unmatched characters to be alpha, alphanum, num, etc.
3) Match anywhere (not just beginning)

So you end up building a regex from the command line parameters, then compile it, then use it to pick out matches.

Or maybe you should just add a "user-supplied regex" command line option. XD

24 Name: Albright!LC/IWhc3yc 2004-11-19 09:27 ID:wzZMPgsQ [Del]

>Or maybe you should just add a "user-supplied regex" command line option. XD

Are you talking to me, or hotaru? Hotaru's script does seem to support this. However, I haven't been able to test it, as I can't get the feckin' Crypt::Passwd module to install on my machine... seems to fail at the "make test" step. :(

I hate Perl. I really do. Do all you Perl folk also start your cars by turning a big crank in front of the engine? Bah...

25 Name: ZMatt!Yog9oDD6VU 2004-11-19 12:08 ID:EjUWeF0A [Del]

Where's a link to an internet-based tripcode whatever thing? I want a cooler tripcode and can't be arsed installing Python (mainly because it hasn't finished downloading yet :/ ).

26 Name: Anonymous 2004-11-19 15:40 ID:Heaven [Del]

27 Name: Anonymous 2004-11-19 15:42 ID:Heaven [Del]

>>26 is not "internet-based", by the way, but it's a program you can run on your windows machine without any problems. It's in Japanese, but you do not have to know the language to play with it a little. After that you will understand how it works on your own pretty quickly.

28 Name: hotaru!hoTarufiRE!!YMy/5ZNE 2004-11-20 09:48 ID:BuL5HaKg [Del]

i have a web-based script...
you'll have to find your own web server to run it on, tho

29 Name: Albright!LC/IWhc3yc 2004-11-20 13:49 ID:5eGaTGcA [Del]

hotaru: I'm noticing that your script always tries strings that are exactly eight characters long. (Mine randomly builds strings between three and twelve characters long.) Was there any particular reason you chose eight? Have you ever come across a tripcode you tried to generate, but you couldn't find any string of exactly eight characters that would work?

30 Name: !WAHa.06x36 2004-11-20 15:28 ID:30ViAF5A [Del]

If you're building strings of random lengths like that, you're going to test the same three-character codes a lot of times if you let it run for any length of time. Usually it's better to pick a fixed length. The length to pick depends on how specific a result you are looking for. A good rule of thumb is to use one or two characters more than the string length you are searching for. If you are using any more complex conditions for your search, it gets trickier, and you might need to either go through the combinatorial maths to figure out an optimal length, or just pick a sufficiently long one.

31 Name: Anonymous 2004-11-20 19:02 ID:Heaven [Del]

32 Name: Albright!LC/IWhc3yc 2004-11-20 21:26 ID:p1v3LWlA [Del]

That code seems to require this code...

Even still, I kept getting errors about "error: `for' loop initial declaration used outside C99 mode". I had to tweak the code a bit...

But after all that, it worked... though I don't like how it counts matches in the middle or end of the hash (instead of the beginning) as a match. Thanks, anonymous... Why did you sage for that?

33 Name: Albright!LC/IWhc3yc 2004-11-20 21:33 ID:p1v3LWlA [Del]

Hmm... Also, it seems to have a glitch where, when the string it's testing begins with a single quote ', all of the output hashes are the same... When searching for "dog"...

#'3/  !I5SZO7dog6
#'3/" !I5SZO7dog6
#'3/$ !I5SZO7dog6
#'3/% !I5SZO7dog6


#'=!  !4e7lRoFDog
#'=!" !4e7lRoFDog
#'=!$ !4e7lRoFDog
#'\I  !tVdOGttIJU
#'\I" !tVdOGttIJU
#'\I$ !tVdOGttIJU

and so on... I don't think ' is a valid character for tripcodes anyway, is it?

34 Name: hotaru!hoTarufiRE!!YMy/5ZNE 2004-11-21 10:07 ID:yo3Qunkg [Del]

also, the standard unix crypt() only uses the first 8 characters of whatever string you use... so anything after the first 8 characters doesn't matter...

35 Name: hotaru!hoTarufiRE!!YMy/5ZNE 2004-11-22 09:47 ID:OD8rTulA [Del]

i'm pretty sure ' is a valid character for tripcodes... any character in the range ' ' to '~' except '#' and '!' should be valid... i'm not sure about characters lower than ' ' or higher than '~', tho...
i have a new version of my perl script now... it's at
quite a bit smaller and a little faster than before...

36 Name: ZMatt!Yog9oDD6VU!!aRZgdgyL 2004-11-23 08:50 ID:05cSsZAw [Del]

I have the coolest tripcode ever, now ;D

37 Name: Mr VacBob!JqK7T7zan. 2004-11-27 06:59 ID:+gwvpPCg [Del]

Someone using my software? Amazing!

This is a side-effect of a basic design flaw in tripcodes:

  1. Since they use UNIX DES hashing via crypt(), only the first eight characters of input are counted.
  2. Tripcode inputs are run through htmlspecialchars(). This turns ' into ". Being six characters long, this doesn't leave much more room. My code isn't smart enough to detect this and happily goes through all the combinations.

I've seen inputs for gimmick tripcodes on 2ch that used higher ASCII and ShiftJIS. I think any input is acceptable as long as you can send it in an HTML form and it doesn't trigger secure mode on Shiichan or Kareha.

38 Name: Mr VacBob!JqK7T7zan. 2004-11-27 07:00 ID:+gwvpPCg [Del]

Oh, yes, and compile with '-std=c99' to enable ISO C99 mode and have it actually work.

39 Name: ZMatt!Yog9oDD6VU!!eSzG9Jlz 2004-11-27 07:30 ID:E0KrmnyA [Del]

I used tripper+, that japanese one.

40 Name: ZMatt!Yog9oDD6VU!!eSzG9Jlz 2004-11-27 07:32 ID:E0KrmnyA [Del]

Doesn't seem to work. Bah

41 Name: Anonymous 2004-11-27 14:24 ID:Heaven [Del]

Secure tripcodes are generated differently, the whole point of them is to not be able to be brute-forced like that. Use a normal tripcode if you want a novelty one.

42 Name: Mr VacBob!JqK7T7zan. 2004-11-27 17:08 ID:Heaven [Del]

Technically, the whole point of them is to not be able to be brute-forced by other than the site owner. I could brute-force on (lol), WAHa could do it here, WTSnacks or Lucid could on 4chan, etc.

43 Name: !WAHa.06x36 2004-11-28 00:16 ID:Heaven [Del]

As a matter of fact, I did brute-force myself a secure tripcode on iichan.

44 Name: !WAHa.06x36 2004-11-28 00:19 ID:hcX7lmwA [Del]


Incidentially, I process tripcodes before I do the (perl equivalent of) htmlspecialchars(). I must admit that I've forgotten what futaba does (which is the one I've copied), and I've never seen the original 2ch source.

45 Name: Mr VacBob!JqK7T7zan. 2004-11-28 02:14 ID:mtFHSA2A [Del]

I didn't check Futallaby, but Shiichan and 2ch itself do htmlspecialchars first. You can try it yourself by posting on 2ch (the English boards or News4VIP probably wouldn't notice) as #> or something along those lines.

46 Name: !WAHa.06x36 2004-11-28 03:26 ID:EB1/zP0g [Del]

Maybe I should change that, then.

Incidentially, you don't happen to have any idea where to get the 2ch source code?

47 Name: Mr VacBob!WOpA5qkXmk 2004-11-28 03:45 ID:mtFHSA2A [Del]

I have no idea; I just verified by posting.

(Also, this would be a novelty tripcode "!FLYEt.NIEA" if htmlspecialchars() was run)

48 Name: Anonymous 2004-11-28 10:06 ID:Heaven [Del]


Email RIR6?

49 Name: ZMatt!qj8VmbO0Bs 2004-11-30 07:47 ID:TGMLJ1pA [Del]

I guess I gotta change my normal tripcode then.

50 Name: hotaru!hoTarufiRE!!YMy/5ZNE 2004-12-01 07:25 ID:ylf1peNw [Del]

i just finished this...

it's the first program i've ever written in c... the .exe requires cygwin1.dll to run...

51 Name: Mr VacBob!JqK7T7zan.!!GoZhDTQ8 2004-12-01 08:08 ID:CxFPwK7g [Del]

I think the best way to go about this would be to follow RainbowCrack's example... generate every possible tripcode and store it in a database, and then search it. Since you know that 2ch-style tripcodes have to be eight characters or less, you can check every possibility.

I haven't checked how much disk space or CPU time that would take, though.

52 Name: !WAHa.06x36 2004-12-01 14:52 ID:BTFJoCjQ [Del]

Using just A-Z, a-z, 0-9 and two more to pad out to 64 characters means (2^6)^8 = 2^48 tripcodes. Each one needs 12 bytes of storage if you sort them listed by hash (6 bytes if you keep them listed by password, but that makes for really slow searches), so 3072 terabytes. Using only lowercase a-z takes 2.3 terabytes, or a little bit less if you encode your data a bit more cleverly.

53 Name: Mr VacBob!JqK7T7zan.!!GoZhDTQ8 2004-12-02 18:59 ID:9RsflJ5w [Del]

I think I'll just stick to brute-force, then. Maybe steal a faster crypt() from Jack The Ripper.

54 Name: hotaru!hoTarufiRE!!YMy/5ZNE 2004-12-03 06:35 ID:sisHlcZQ [Del]

interesting idea...
i now have a list of all tripcodes 0-4 characters in length...
one file for each length... the one with the 4 character tripcodes took a little over an hour to generate on my 733mhz pentium 3 machine (using a perl script), and it takes about 5 minutes to grep the whole file...

55 Name: Albright!LC/IWhc3yc 2004-12-03 07:57 ID:Pk0J1OZw [Del]

I have a list of all tripcodes 0 characters in length too. I'll post it below:

How big is that four character file? Just curious.

56 Name: hotaru!hoTarufiRE!!YMy/5ZNE 2004-12-03 08:18 ID:sisHlcZQ [Del]

the file of 0 character tripcodes has jPpg5.obl5 (the tripcode you get if you put # with nothing after it in the name field) in it...
the 4 character file is 1.16gb... 675mb when compressed with bzip2...
it probably could be a bit smaller if i listed them in a better format than hash = password

57 Name: !WAHa.06x36 2004-12-03 15:05 ID:P5q07b3w [Del]

Incidentially, the 0-character tripcode is wrong in Wakaba and Kareha - it doesn't match the futaba one (haven't checked 2ch, though). The next release will update the tripcode code to fix this.

58 Name: Albright!LC/IWhc3yc 2004-12-04 04:05 ID:0Z811dIQ [Del]

>>56: Oh, that's right... the script appends characters (".H" or something) to the end of codes before it hashes 'em... so a blank trip is never truly blank... My bad.

59 Name: !WAHa.06x36 2004-12-04 14:49 ID:qOOXfxEw [Del]


The funny thing is, the algorithm appends two characters ("H."), but then uses the second and third characters, thus making a zero-character tripcode technically invalid. Of course, it does generate SOMETHING anyway, and it appears this differs between languages due to different handling of strings, no doubt. Appending "H.." instead seems to get the same behaviour as the futaba script, at least.

60 Name: Mr VacBob!JqK7T7zan.!!GoZhDTQ8 2004-12-04 22:25 ID:jzuk7SQA [Del]

It appends "H." to the salt, which is different behavior than doing it to the actual hash. Look at tripcode_2ch() in tripper.c; as far as I know, I get it right.

61 Name: hotaru!hoTarufiRE!!YMy/5ZNE 2004-12-05 10:28 ID:IUq7v1kQ [Del]

hmm... crypt("",".") in perl and crypt . "" both return "..Qfnkquv7jY2" (same as using ".\0" as the salt), unix_std_crypt("",".") (ufc crypt in perl) returns "..X8NBuQ4l6uQ" (same as using ".." for the salt), and openssl passwd -salt . "" returns ".AmEwFrvDWaHo" (same as using ".A" for the salt)...

62 Name: !WAHa.06x36 2004-12-05 15:34 ID:m+tr9DUA [Del]

"..X8NBuQ4l6uQ" is what Futaba uses. I just checked 2ch, and they don't allow 0-character trips. I changed the salt postfix string in the development versions of Wakaba and Kareha to "H.." to match the Futaba generator.

63 Name: Mr VacBob!JqK7T7zan.!!GoZhDTQ8 2004-12-06 06:41 ID:Heaven [Del]

I just rewrote Shiichan's tripcoding algorithm after realizing what was so good about the name#trip#securetrip setup. I couldn't get zero-character tripcodes to work (mostly because I don't understand regexes well enough), so I've just banned them from use.

64 Name: !XBAKaQNcx2 2004-12-12 01:05 ID:iAgUVe+p [Del]

Can anyone shed a light on the differences between tripper and tripper+, or what the C, R, H and T checkboxes or second input box do?

65 Name: Anonymous 2004-12-12 14:05 ID:Heaven [Del]


I think C forces the tripcode you want to be case-sensitive
and H forces the expression you want to appear in it to be
at the beginning of the tripcode.

66 Name: !MUSu.23y56 2004-12-12 22:01 ID:RTCsqMi7 [Del]

lol tripcodes

67 Name: Mr VacBob!YK1JwahaGE!!47oS1MzU 2004-12-12 23:12 ID:Heaven [Del]


68 Name: Mr VacBob!JqK7T7zan.!!47oS1MzU 2004-12-12 23:13 ID:Heaven [Del]

That would've worked better if everyone's secure trip hadn't just changed.

69 Post deleted by moderator.

70 Name: !WAHa.06x36 2004-12-20 08:46 ID:MVB/jndB [Del]


Get lost, kid.

71 Name: mvb!2r2Ga7GHRc!!HT0hvgf8 2004-12-25 12:45 ID:Heaven [Del]

Testing tripcode bug... this is #' and should NOT trigger secure trips, but does on shiichan4.

72 Name: Mr VacBob!JqK7T7zan.!!47oS1MzU 2004-12-25 12:46 ID:zmyPR2UZ [Del]

Like I thought. ' -> htmlspecialchars -> ' -> # triggers securetrips. Oh well, not high priority bug.

73 Name: lolocaust!rsvcwx6Axc 2004-12-25 14:46 ID:Heaven [Del]

There's a lot of special characters that trigger secure trips, also on Kareha/Wakaba.

74 Name: Mr VacBob!JqK7T7zan.!!47oS1MzU 2004-12-25 14:57 ID:Heaven [Del]

Second quote should be & #039;.

75 Name: !WAHa.06x36 2004-12-25 15:15 ID:9FxtyHbA [Del]


Probably only under Shift_JIS. Pretending Shift_JIS is ASCII leads to problems with the double-byte encodings. I'll try to work on a fix for that.

76 Name: lolocaust!rsvcwx6Axc 2004-12-25 15:39 ID:Heaven [Del]

> Probably only under Shift_JIS

I think there have also been some under utf-8. I am going to screw around with that and report back later, though.

77 Name: BlackMage 2004-12-25 17:13 ID:DoXQB1U2 [Del]

i set up a sandbox if anyone wants to test anything
configs are almost identical to the ones used in nubchan /b/

feel free to spam with attempts to break anything

78 Post deleted by user.

79 Name: !WAHa.06x36 2004-12-27 16:01 ID:DYoF6ImE [Del]


Oh, also, in Wakaba and Kareha you can avoid this by using "!" as the tripcode marker instead. "name!'" should not trigger secure trips.

80 Name: !WAHa.06x36 2004-12-29 17:53 ID:Heaven [Del]

Also also, it will be fixed in the next version.

81 Name: !v2vUrhpqjU!!RN/xck3o 2005-01-30 05:25 ID:6n6854lu (Replies) [Del]

i wanted to say that.

82 Name: Mr VacBob!JqK7T7zan. 2005-02-15 01:22 ID:ak/2J+l7 (Replies) [Del]

I'm working on adding WAHa's RC4 tripcodes to my searcher. I've so far created something that runs and prints out some tripcodes (with -DWAKABARC4), but not the right ones. I'm sure I'll get to that eventually, though.

83 Name: !WAHa.06x36 2005-02-15 06:07 ID:CIk4F2TC (Replies) [Del]


You can test it against - SECRET is "fuck" there.

84 Name: !WAHa.06x36 2005-02-15 08:32 ID:KlxGiIAh (Replies) [Del]


At a quick glance, I'd say your problem is that you should be discarding the 256 first bytes of the RC4 output. The tripcode is generated from bytes 256-261.

85 Name: hotaru!hoTarufiRE!!H0csnvz2 2005-02-15 09:45 ID:RWL1c0/D (Replies) [Del]

> You can test it against - SECRET is "fuck" there.
shouldn't "##a" be "!!axTADlL+" if SECRET is "fuck"?

86 Name: !WAHa.06x36 2005-02-15 09:49 ID:KlxGiIAh (Replies) [Del]


Oops, my bad: it's "FUCKME".

87 Name: Mr VacBob!JqK7T7zan. 2005-02-15 20:01 ID:9V7poBsx (Replies) [Del]

Like I thought, I screwed up a bunch of stuff in the rc4() function. I've updated that archive with one that actually works and comes with a build script.

./tripperc4 <search substring> <wakaba secret word>

88 Name: hotaru!hoTarufiRE!!H0csnvz2 2005-02-15 21:21 ID:6yutBUSS (Replies) [Del]


hotaru@firefly> ./               < ~/My Documents/trip/vacbob/tripper >
In file included from tripper.c:33:
crypt.c: In function `crypt':
crypt.c:519: error: `_PASSWORD_EFMT1' undeclared (first use in this function)
crypt.c:519: error: (Each undeclared identifier is reported only once
crypt.c:519: error: for each function it appears in.)
tripper.c: In function `testeverytripoflength':
tripper.c:180: warning: comparison between pointer and integer
tripper.c: In function `testeverytripoflength':
tripper.c:180: warning: comparison between pointer and integer
/cygdrive/c/DOCUME~1/hotaru/LOCALS~1/Temp/ccXQSSQZ.o(.text+0x59f):tripper.c: undefined reference to `_strcasestr'
collect2: ld returned 1 exit status
tripper.c: In function `testeverytripoflength':
tripper.c:180: warning: comparison between pointer and integer
/cygdrive/c/DOCUME~1/hotaru/LOCALS~1/Temp/cca0ySOr.o(.text+0x39a):tripper.c: undefined reference to `_strcasestr'
collect2: ld returned 1 exit status

hotaru@firefly> _ < ~/My Documents/trip/vacbob/tripper >

89 Name: Mr VacBob!JqK7T7zan. 2005-02-15 21:47 ID:9V7poBsx (Replies) [Del]

Oh, that part of the code was relying on pwd.h defining _PASSWORD_EFMT1. I just removed that since 2ch trips never use extended crypt(); I reuploaded the archive.

What kind of gimped libc doesn't have strcasestr()? I don't know of any simple replacement for that, but changing CFLAGS to
will make it compile with strstr(), at least.

90 Name: hotaru!hoTarufiRE!!H0csnvz2 2005-02-16 10:48 ID:kEA3G1WU (Replies) [Del]

91 Name: hotaru!hoTarufiRE!!H0csnvz2 2005-02-16 11:24 ID:kEA3G1WU (Replies) [Del]


trip [-c] <regex>
triprc4 [-c] <SECRET> <regex>
tripsha1 [-c] <salt> <regex>

rc4crack attempts to brute force the SECRET string using a known secure tripcode... brute forcing a SECRET string longer than 4 characters would probably take longer than you would want to wait, though...

92 Post deleted by user.

93 Name: Fashnek!JW.umfash. 2005-03-03 13:12 ID:irA3iXtQ [Del]


The (C) is indeed for case sensitive.

The first blank is to be filled with a string that should go at the BEGINNING of the tripcodes. Check the (H) box.

The second blank is to be filled with a string that should go at the END of the search (when the (T) box is checked).

For searches where string placement doesn't matter, either blank can be used. Don't use both blanks simultaneously unless at least one of the blanks underneath is checked.

As for the (R) checkbox, I can't figure out what it does. It seemed at first to limit the characters used for tripcodes, but that doesn't seem to be the case. Perhaps it just eliminates the extra features in order to speed up the search.

94 Name: !WAHa.06x36 2005-03-03 13:56 ID:Heaven [Del]

(R) sounds like (R)egexp.

95 Name: Fashnek!JW.umfash. 2005-03-03 15:11 ID:irA3iXtQ [Del]

Ha, you're right, WAHa. That would explain why searching with a period didn't necessarily find periods. :)

Also - the original "tripper" only searches the last 8 digits of tripcodes. tripper+ does 10-digit tripcodes that most boards use. That's the only difference.

I only discovered this after searching over 24 hours using tripper and then realizing that my tripcodes had two extra characters at the end. :P For instance, this tripcode shows as ".umfash." in tripper, but if it was found in tripper+, it would show the full "JW.umfash."

I simply changed my Wakaba implementation (which I love, by the way) to just use the last 8 characters because I didn't really feel like generating a new batch. ;)

96 Name: Anonymous 2005-03-04 19:26 ID:tLsR/hf7 [Del]

Here's my take on a tripcode searcher:

Should be quite fast as it keeps the salts for a while, which allows UFC-crypt to utilise it's optimisations better. No support for regexps or such fancy stuff, though.

97 Name: Mr VacBob!JqK7T7zan. 2005-03-05 20:50 ID:Heaven [Del]

I updated mine again; no extreme changes, but I removed almost all the pointless memcpy calls, so it's much faster.

98 Name: Anonymous 2005-03-06 12:47 ID:Heaven [Del]

Updated. Less waste of cycles, benchmark mode and logging of results.

99 Name: hotaru!hoTarufiRE!!H0csnvz2 2005-03-07 20:50 ID:wvwyZe9i [Del]

it only finds tripcodes where the search string is at the beginning of the tripcode ;_;

>it keeps the salts for a while, which allows UFC-crypt to utilise it's optimisations better.

i thought of doing that, but never got around to it...

100 Name: hotaru!hoTarufiRE!!H0csnvz2 2005-03-07 20:51 ID:wvwyZe9i [Del]

also, 100GET!

101 Name: Anonymous 2005-03-08 15:20 ID:Heaven [Del]

Added optional case insensitive mode and optional searching of strings in the whole string.

103 Name: !rjM99frkZs!!csy+/y5x 2005-04-01 02:49 ID:gLTSfIiG [Del]


104 Name: !TIMECOPCTU 2005-04-01 02:50 ID:gLTSfIiG [Del]

another board bug.
tripcode passwords with # are allowed, ex:


name lame, trip #tes#tes
(by proper 2ch)

105 Name: !WAHa.06x36 2005-04-01 07:23 ID:+ylNb3/V [Del]


Would you like some cheese with that whine?

106 Name: Anonymous 2005-04-01 09:08 ID:KEXkW94X [Del]

if you're the developer of this software, after reading that reply all i have to say at this point is go fuck yourself.

107 Name: !EFBt/pII5Y 2005-04-01 10:01 ID:Heaven [Del]

lol my tripcode password is '####' and it works here...

108 Name: !WAHa.06x36 2005-04-01 10:02 ID:+ylNb3/V [Del]

I saw you complaining on 4chan, and now you're complaining in here. Nobody cares that your customized hyper-special customized tripcodes don't work right, as secure tripcodes are in fact a useful feature.

109 Name: 107!EFBt/pII5Y 2005-04-01 10:03 ID:Heaven [Del]

hint: !

110 Name: !biaaaa.oRg 2005-04-01 10:18 ID:cX3yZOTe [Del]

itt you have a stupid tripcode

111 Post deleted by user.

112 Name: !BENSHIRlEY 2005-04-01 11:32 ID:fmijiWlI [Del]


113 Name: !TIMECOPCTU 2005-04-02 02:31 ID:gLTSfIiG [Del]

lol, fag.
see the difference is it works on 2ch, so i kind of expect it to work here too.

114 Name: !WAHa.06x36 2005-04-02 08:09 ID:fmijiWlI [Del]

Well since you articulate your sentiments so eloquently, let me just remove this feature that people enjoy and use so you can think you're on another site, how about that?

115 Name: Anonymous 2005-04-04 09:18 ID:KEXkW94X [Del]

the fuck what?

116 Name: !WAHa.06x36 2005-04-04 09:57 ID:+ylNb3/V [Del]

Not too bright, are you? Now get the fuck out of this thread already.

117 Name: Mr VacBob!JqK7T7zan. 2005-04-06 02:00 ID:gPRrl7HR [Del]

By request, I wrote a dictionary generator. It needs a system with fgetln(), though. Porting to glibc and getline() wouldn't be too hard, but I'm not interested enough.

Same URL as always.

118 Name: Anonymous 2005-04-06 04:29 ID:gLTSfIiG [Del]

>>116 typical whiteboy nerd pretending to be a jap while masturbating to shitty anime.

119 Name: !WAHa.06x36 2005-04-06 06:14 ID:Heaven [Del]

Oh come on, that's pathetic. Surely you can do better than THAT. Try again.

120 Name: Anonymous 2005-04-06 07:19 ID:Heaven [Del]

timecop is DQN

121 Name: Mr VacBob!JqK7T7zan. 2005-04-06 13:28 ID:Heaven [Del]

oh timecop-chan -_-

122 Name: Anonymous 2005-04-08 13:08 ID:bD7Iclvo [Del]


123 Name: IntensityBill!Vw8I404DyQ 2005-04-25 22:00 ID:IcmSFcAU [Del]

Does anyone think getting Tripper+ translated into English would be useful? 'Cause I'm working on it some, though I don't know any Japanese.

124 Post deleted by user.

125 Name: Anonymous 2005-06-13 12:20 ID:79B7MBfE [Del]


>Name: !WAHa.06x36 2004-11-15 14:22
>I've used some assembly-optimized crypt() code from John the Ripper to get up to 110000 crypts per second per gigahertz.

out of curiosity, was that in a "finding a cute tripstring" (wild discovery) or a "breaking some trips" (targeted discovery) context?
also, was it with the "normal" or the "bitslice" code from john?
and, was it done by cramming a tripcode-format specification into john, or by transplanting john crypto into a tripcode-specific framework?

126 Name: !WAHa.06x36 2005-06-13 15:48 ID:fmijiWlI [Del]

I'm not too familiar with what the "bitslice" and "normal" code is. What I did was take the version of the DES code that generates results that are padded and out-of-order, and transformed those back to the normal format in base64, and used that to make a small utility that searched for specific substrings and output them. Even with the overhead of the conversion, it was nearly twice the speed of any other DES code. If I was trying to crack specific tripcodes, I could do the conversion in the other direction just once and make it even faster, but I didn't find that very interesting.

So, wild discovery, and using the john code in my own program.

127 Name: Anonymous 2005-06-13 16:15 ID:79B7MBfE [Del]

ah, interesting.
that sounds very much like you used the bitslice code, the output is 64bit binary there, does not include the salt, and it looked like converting it back would be possible.
"bitslicing" is class III vooodoo that treats one N-bit CPU like N 1-bit CPUs. john has a (already somewhat optimized) "normal" DES implemtation (that generates 128bit output with the salt mangeled in), and a even more insane bitslice one that does 32 or 64 crypt()-like operations "in parallel".

some stats, 1GHz athlon, custom framework (based on 4brute.c) doing targeted discovery on about 4k targets, kcps == kilo crypt()-equivalent-operations per second, including comparison, and measured against process user-time (not wallclock. so its equivalent to johns "virtual" rate.):

'John 1.6.38 / 64/64 BS MMX' => 279kcps (this is the "bitslice" version)
'OpenSSL 0.9.7e 25 Oct 2004' => 71kcps
'John 1.6.38 / 48/64 4K MMX' => 64kcps (this is the "normal" one)
'UFC-crypt 1c, 1.9 03/02/92' => 37kcps
'glibc2.3.4 slackware crypt' => 30kcps

this session taught me some things i didnt really expect:
1) forget ufc-crypt unless you have prehistoric hardware.
2) openssl fcrypt() is a very good starting point.
3) at 279kcps, the framework spends 10-15% of the cputime on generating the next input plaintext and comparing output against targets. and that is after some serious optimization in those areas. was more like 60% before that.

128 Name: !WAHa.06x36 2005-06-14 03:55 ID:fmijiWlI [Del]

How were you choosing the salt on those? Some algorithms take a big performance hit every time you change the salt, so to get them to perform well, you want to arrange your lookups to do many lookups with the same salt in a row.

129 Name: Anonymous 2005-06-14 05:01 ID:79B7MBfE [Del]

for the bitslice code to be really useful i had to run it on N sets with the same salt at once, which in case of the odd "salt derived from plaintext" tripcodes made me buffer up candidate-plaintexts mapping to the same salt, only activating the real backend when a salt-bank is full.

in case of john-bitslice the banksize is 64 (didnt have much choice there), for all other backends i was using 128 (thats the "max keys per crypt" johns non-bitslice des code was using).

(exception to the "only fire full banks" is the "endgame" phase when the plaintext-generator says "i am done" and there are partially full banks to purge, but that is pretty much irrelevant for the total performance on a run of several Mcrypt().)

as a sidenote, openssl performance seem to be the same even with not-sorted-by-salt use, but i guess it just initializes by salt every time, even if you pass it the same one again on next call.

Searching through: 0123456789abcdef
Number of users scanned: 4129
Exiting after 4581298448 crypt, 35442 inner, 71582993 salts, 22 found
'John 1.6.38 / 64/64 BS MMX' => Real: 26626s, 172kcps
'John 1.6.38 / 64/64 BS MMX' => Virt: 18416s, 248kcps

that was on a duron900 that does a lot of other things all the time.
4.3 Gcrypt run through the bitslice code, changing salts 68M times.
35442 fcrypt() run through openssl in response to the john-crypt giving a 29bit confidence match, 22 actually were full matches.

35420 openssl fcrypt() "wasted" sounds like much, until you realize its (even assuming a worst-case with some swapping) still less than 2 seconds total on a 7hour+ run, so i dont give a damn.

68M salt-changes also sounds like much, but profiling said its responsible for less than 3% of the cpuload, so again i dont give a damn.

130 Name: Anonymous 2005-06-16 14:43 ID:+NnntG2W [Del]

so, i couldnt help myself and wasted even more time on it.

here some more highly unrepresentative stats of different systems, all using the john-bitslice code:

Penti-M 1600MHz 1024kB 526kcps 328cpspMHz
Duron 895MHz 64kB 248kcps 277cpspMHz
Athlon 1009MHz 256kB 279kcps 276cpspMHz
Pentium 233MHz 52kcps 223cpspMHz
Penti-4 2000MHz 512kB 406kcps 203cpspMHz
Celeron 2400MHz 256kB 436kcps 181cpspMHz

3rd column is second level cache size.
4th is raw "kilo-crypt() per second", virtual.
5th is "crypt() per second per MHz"
the insanely high score of the Pentium M, and the insanely low ones for the Pentium4 and P4Celeron indicate that version of the code was working on data-sets between 512kB and 1MB.
the Duron with the tiny cache scoring second seemed odd, but if i am trashing through the whole cache anyways, second-most-important feature is ram speed, and that machine is using dual-port DDR.

the pentium 233 using johnbs pushing almost twice the crypt()s the athlon1000 did with UFC amused me. unless i was using some kind of "wrong (version of) UFC", it seems that optimizations done 13+ years ago do not consider modern hardware. shocking.
(so unless you are running a cracking cluster with 15 year old RISC machines, dont bother with UFC)

did some improvements in the comparison framework to reduce the activity-relevant ramsize, in particular some lookup tables where i traded ram for speed earlier, got me another 10% or so, depending on the cachesize. trying this on the 512kB machine is still pending, this will be most interesting, i dont think i got it small enough for the 256kB cache to be enough. (thats where i am seeing 5-10% improvement, depending on how many targets i feed it.)

131 Name: !WAhA.2piT6 2005-06-16 15:07 ID:+NnntG2W [Del]

regarding dictionary generators, i found there is little need to write any, since john has a -stdout option. very handy.
even without any wordlists, just using character-probability/distribution lists and making up words, this is far more effective than the raw bruteforce tries 4brute implements.
the benchmarking-list is about 6800 tripcodes grabbed from various boards, and using "john -i -stdout | 4brute-johnbs -i", 1GHz of cpu find solutions for more than 1000 of those within a minute.

but to not just be a smelly-creepy cracker, i did some work in the direction of wild-discovery ("searching for cute tripcodes"), but without reversing the output of johns code. example, i want to find something beginning with a certain 4-5 char prefix, like /^waha\W/i ... which is just 32 different prefixes after all, upper-and-lowercase combinations for the four letters plus . or / behind it. at the same time, those 5 chars are 30bit worth of target, 5bit (32 strings) of which are considered "hits". so, i mongled the matching code in a way that allows it to just match prefixes, and handed it a list of those 32 possible prefixes i might like as targets. plus "random starting point of 8 char length" as input.

assuming an even distribution, the 30-5 bit suggest i should find a solution about every 33.5 million attempts. here output from a run of ~350 Million tries:

4brute using 'John 1.6.38 / 64/64 BS MMX'
Starting search from "sG+ym_8u"
Limit set to: 350000000
Searching through (randomised): ucWZXdw(P]Eb2gC_I7[/Q3MFKS$G`N}yql0jTm!Yz +UJa#5r89eh*D-:Ais)fOHtBRpvL.1x{k6V4no
Number of users scanned: 32

"WahA.DY8KI" == Gx "3Gxwm_8u" for WahA.aaaaa
"wAha.RNmpE" == .. "_}!Qu_8u" for wAha.aaaaa
"WaHA/D5Jq." == cY "j]Y0u_8u" for WaHA/aaaaa
"wAHA/GeRU." == R8 "NR8vu_8u" for wAHA/aaaaa
"WahA.7NzhI" == 9d "w9d{u_8u" for WahA.aaaaa
"WaHA/GE/Ng" == MU "hMU3c_8u" for WaHA/aaaaa
"WAhA.S/aOs" == bO "AbOac_8u" for WAhA.aaaaa
"wAHa/HPJco" == GC "KGC8c_8u" for wAHa/aaaaa
"WAhA.EyH8c" == l2 "ll2jX_8u" for WAhA.aaaaa
"WAhA/5Fmuw" == hC "+hCWd_8u" for WAhA/aaaaa
"Waha.D1AzY" == .M "G-MWd_8u" for Waha.aaaaa
"WAhA.2piT6" == K9 "LK9_d_8u" for WAhA.aaaaa
"WaHa/0qPHI" == xl "hxl7w_8u" for WaHa/aaaaa
"wAHA.jhgAw" == .x "x-xF(_8u" for wAHA.aaaaa

Exiting after 350059520 crypt, 14 inner, 4267664 salts, 14 found
'John 1.6.38 / 64/64 BS MMX' => Real: 1513s, 231kcps
'John 1.6.38 / 64/64 BS MMX' => Virt: 1308s, 267kcps

so, 25 minutes for finding 14 solutions. the 14 here is above average, i had other runs that coughed up only 8 hits in 350M tries. this run was on my trusty duron900 again, and as the difference between the "real" and "virtual" time indicates, 4brute only got about 85% of the cpu during the time.

132 Name: Anonymous 2005-07-09 15:22 ID:Ec1t+rtx [Del]

Yes, that would be useful

133 Name: !WAhA.2piT6 2005-07-11 22:28 ID:oUlFbLf5 [Del]

I am your arch nemesis!

134 Name: Mr VacBob!JqK7T7zan. 2005-07-14 12:30 ID:i4n2YcZU [Del]

I updated my code again, now it compiles on Cygwin because I wrote my own strcasestr()!

In the process, I discovered a gcc optimization bug, but it doesn't cause miscompilation so it's not that bad.

Also, I think that at one point I tried dropping in hotaru's ufcrypt to replace the rather slow one I'm using, and it gave different (wrong) results for some tripcodes.

135 Name: hotaru!hoTarufiRE 2005-07-14 17:15 ID:LFk2KXfd [Del]

i've been playing around with the bitslice code from john the ripper... and i'm wondering... how the heck do i get a normal hash out of it? i see DES_bs_get_hash() returns an int, and i'm guessing i probably want to do something with that, but i have no idea what...

136 Name: !WAHa.06x36 2005-07-14 17:32 ID:fmijiWlI [Del]

What John does is take a hash, and turn it into a bitslice, and then compares the bitslices. That's the faster way, but for searching for strings in tripcodes, you need the hash. What you do is take the algorithm for changing a hash to a bitslice and invert it.

137 Name: hotaru!hoTarufiRE 2005-07-14 18:34 ID:bfDUjL3f [Del]

>take the algorithm for changing a hash to a bitslice and invert it.

i don't think i can do that...

138 Name: hotaru!hoTarufiRE 2005-07-16 05:46 ID:wvwyZe9i [Del]

i updated mine...
i fixed it so it doesn't crash after a few minutes of searching now... and i made some other changes... i tried dropping in openssl's fcrypt(), but it gave wrong results and i don't really feel like trying to figure out what's wrong with it right now, so i'm still using ufc-crypt...
same url as before...

139 Name: Anders!BwSuuOflg. 2005-07-31 05:17 ID:1gPAmSOW [Del]

Can you please provide source code for your test application?


140 Name: Anders!BwSuuOflg. 2005-07-31 10:06 ID:1gPAmSOW [Del]

hotaru, your site doesn't work, can you put your code on another host or email it to me ( ?


141 Name: Anders!BwSuuOflg. 2005-07-31 10:20 ID:1gPAmSOW [Del]

Actually, the site does work, just not the .tar.gz links... If you can make these available somehow I'd be glad.


142 Post deleted by user.

143 Name: Mr Ivy Clack!2MrZvyKLak 2005-08-01 17:45 ID:77fWiEes [Del]

How do I get this to run on Windows? It's not working.

144 Name: !WAHa.06x36 2005-08-01 18:34 ID:fmijiWlI [Del]


I'd really rather people did not link to programs for doing cracking of actual tripcodes. It's a fun academic exercise, but there's no legitimate use for those.

145 Name: Anders!BwSuuOflg. 2005-08-01 18:35 ID:mE1MCLqX [Del]

i didn't figure out how to use john's crypt(), tried linking the object with my code then changing the calls...

146 Name: Anders!BwSuuOflg. 2005-08-01 18:44 ID:mE1MCLqX [Del]

anyone who got 4brute.c compiling btw?

i get:

anders@home:~$ gcc -O3 -o 4brute 4brute.c -lssl
4brute.c:65: error: syntax error before '(' token
4brute.c:65: error: syntax error before 'const'

147 Name: Anonymous 2005-08-01 18:45 ID:DKhKKB25 [Del]


yeah, right.
i see that in >>5 ...
so a 70cpspMHz cracker is ok, but a 270cpspMHz derived form of it that can actualy do free search as well is not?

that makes sooo much sense.

148 Name: !WAHa.06x36 2005-08-01 18:51 ID:fmijiWlI [Del]

Eh, I should remove that one too. It got left behind back in the day.

149 Name: Anders!BwSuuOflg. 2005-08-01 19:03 ID:mE1MCLqX [Del]

i fixed the 4brute/4tripper source


150 Name: Anonymous 2005-08-02 06:10 ID:DKhKKB25 [Del]

heya. if you are interested in the version that is about 4-5 times faster even at regex-like pattern matching for finding "cute" tripcodes (see >>127 >>129 >>130 >>131 ), feel free to visit #tma on ... :)

151 Name: Anonymous 2005-08-03 08:35 ID:UnB2GT53 [Del]


but, of course, "there's no legitimate use" for this.

note that 4cute is just a quickly slapped-together CGI frontend for a souped-up 4brute that is pretty much unchanged since the link to it got deleted here for being "evil" two days ago.

(i did add a "exit after finding N solutions" commandlineoption, fixed some typos, added two things to the Usage() output, and shuffled around some defines. which are not exactly any changes to the main functionality, just touching up code i had not open in an editor for some weeks.)

152 Name: !WAHa.06x36 2005-08-03 09:33 ID:fmijiWlI [Del]


No need to be ironic, you know damn well what I meant earlier.


153 Name: Anonymous 2005-08-03 09:51 ID:Ck/IPhf+ [Del]

Of course there is need to be ironic about something like this.
Thats way better than me being pissed off about it.

4cute is a proof-of-concept frontend, obviously designing userinterfaces is not my strong point.
and of course its keeping a local copy of the results, in the very same format used by 4dist, so i dont end up wasting cputime on cracking 8char cutetrips i supplied myself.

of course, anyone interested and having a x86 mmx cpu could just go grab the source, and waste their own cpu cycles on generating whatever amount of cutetrips they want.
if they were allowed to know where the source is.
not that it is hard to find without the direct link.
which just confirms again that "no legitimate use" is not exactly true, and deleting the link is pretty pointless.

154 Name: !WAHa.06x36 2005-08-03 11:35 ID:fmijiWlI [Del]


You are wilfully misinterpreting what I said (I am being generous here and not assuming you are too dumb to read what I said). I said, and I quote, "I'd really rather people did not link to programs for doing cracking of actual tripcodes." Your 4cute does not do that, and has nothing to do with the discussion. It seems to do much the same as anything else in this discussion, none of which I had a problem with. Why are you assuming I'd have a problem with yours if I didn't with everybody else's?

155 Name: Anonymous 2005-08-03 12:05 ID:Ck/IPhf+ [Del]

its the very same program you deleted the link to, with your little "no legitimate use" comment.
just run from a perl CGI that feeds it with four commandline options, and wraps its output in some html.
so either there is a legitimate use for 4brute, or 4cute isnt one either.
cant have it both ways.

156 Name: !WAHa.06x36 2005-08-03 12:31 ID:fmijiWlI [Del]


I never said there weren't legitimate uses for your program, I said there was no legitimate use for cracking tripcodes. I understand your program does that, which is why I didn't want a link to it. All you'd be doing is supplying script kiddies with tools. Make a version that doesn't do that, and I won't mind you linking it.

157 Name: Anonymous 2005-08-03 12:57 ID:Ck/IPhf+ [Del]

And how is that supposed to work?
ship it with a "complete" list of "known to be used" tripcodes and make it not output these? yeah, right.
include an AI that evaluates cuteness rating of supplied targets? sure.

of course, in any case of "exit_if_not_political_correct_target();" or other artificial "policy" limits, i would have to start shipping it closed source too.
because else people might comment out that call.

4brute generates plaintexts (or reads them from a pipe), crypt()s them in a tripcode way, and compares the results.
how is it supposed to know what are "good" or "bad" targets for a comparison?

if i take any of the "good" tripcode generators in this thread, tell it to use an alphanumeric charset, begin with one char length and rotate-enlarge, and run it to find me stuff that matches /^WAHa\./, how long would it take to find !WAHa.06x36 ?

seriously, whats the difference between a "bad_cracker" and a "good_generator | grep" ?

158 Name: !WAHa.06x36 2005-08-03 13:12 ID:fmijiWlI [Del]

How many people do you see using Tripper++ for cracking? It just doesn't work, because it only uses randomized long strings for input. It also has no facilities for doing birthday attacks.

159 Name: Anonymous 2005-08-03 13:34 ID:Ck/IPhf+ [Del]

... which of course only works because its a closed-source GUI-thing?
better delete those links to "Mr VacBob"s tools too, those are evil opensource commandline hackery.

oh, and either you dont understand what a "birthday attack" is or you are assuming i dont know and want to confuse me by using the term? because i fail to see how an "any to any" attack with free choice of targets is related to the current topic.

i repeat: whats the difference between a "bad_cracker" and a "good_generator | grep" ?

160 Name: !WAHa.06x36 2005-08-03 14:00 ID:fmijiWlI [Del]

Birthday attack in the sense of having many targets. Not entirely correct usage, I guess, but eh.

And stop trying to pick a fight, OK? There's a pretty obvious difference between making a tool that can be used out-of-the-box for cracking tripcodes, and one that can be modified to do it with some work. If you're a good enough programmer to modify it, chances are you could make it from scratch anyway.

Of course, releasing something that is a lot faster than all the others is a bit of a problem, since most people wouldn't develop that on their own. You may have noticed I did a lot of the same as you did, but chose not to release it because it didn't feel it was for the common good.

161 Name: !WAHa.06x36 2005-08-03 14:03 ID:fmijiWlI [Del]

Now for some less faggy discussion:

I noticed your code said it was comparing against 32 candidates to do a case-insensitve match for 5 characters. I don't remember exactly how the bitslice data was laid out, so I am not enitrely sure it would work, but I'd think you'd get away much easier with a single bitmasked comparison.

162 Name: Anonymous 2005-08-03 19:31 ID:mE1MCLqX [Del]

I strongly disagree. Even if it does use UFC crypt() or John's bitslice stuff, the legitimacy is the same... It's just faster.

163 Name: Anonymous 2005-08-04 04:28 ID:Ck/IPhf+ [Del]

actualy, due to the "first character of crypt output cut off" aspect of tripcodes, you could in theory do a birthday-style attack on it, to find a pair of plaintexts that result in the same tripcode.
and if i make you use one of those, i could post with the other.
too bad no one would realize what clever hackish thing i have done, so they wont give me head for it, so its pointless. ;)

my comparison is doing a two-layered hashed check, then a full recheck using openssl.
first it grabs 12-16 bit (a #define, actualy, thats one of the things i changed yesterday) of the bitslice output, and looks it up in a table.
and only if it has any targets in that table-slot it fetches another 16-20 bit (well, 32-$firstmatch) bit, and compares those to the targets in the slot discovered in step one.
and if there is a match in this step, it runs openssl on the plaintext, and compares it char by char to the may-be-a-match.

sounds bad?
Exiting after 1000000485 crypt, 565 inner, 41 salts, 0 found
565 times it hit the openssl inner-stage comparison, and none of it was a true match. gasp
but wait, openssl does more than 70000 crypt per second on this hardware, so its ... even assuming a 2x overhead for it not being in cpu cache or whatever, its less than 200ms of a 1 Gcrypt() batch taking more than an hour total. so its pretty insignificant.

in exchange, the comparison doesnt really slow down even with a lot of match targets. the default target limit is set to 4096, and the mask for stage 1 to 16 bit. that gives me a nice 1:16 rate of its-not-a-match detection right in the first stage.
it could even be scaled up quite a bit (at least to 24 bit, and an equally increased maxtargs), but at that point the ram footprint grows and grows and grows, and since i am allocating all the lookup tables statically...

how is that relevant for the case-insensitive comparison? a 5-char-alpha case-insensitive prefix has 32 possible variants. instead of doing that 1:32 step in the comparison stage for every single of the very many tried crypt()s, i do it before even firing up the crypter, by generating all those possible 32 targets.
what? two of the chars have l33tmode alternatives? thats 72 variants. scary.
what? you want only 4-char case-insensitive alpha prefix? that means full 64 options for char5, giving 1024 variants. bring it on.

oh, i forgot. for matching 5char prefixes, i only have 30bit at all to match, so the stage-2 comparison has 4x less reliability. but, of course thats nonsense, because if all 30 bits match, its a match in stage-3 for sure.

the "where are the bits hiding in johns format" for the individual tripchars is in 4brute-johnbs.h ... those defines are not used anywhere, but i kept them there just in case i ever need them again. it does not say which bit is which, so figuring out which one to ignore for case-insensitive direct matching would be another run of "see which bit flips".

i prefer the current system that stands up to whatever the user may throw at it, even if its leet-mode substitutions, which would be moderately hard to do bitmasked.
rethinks ... aeh, and since we are matching base64 targets here, it wont really work at all, because case-insensitive bitmatching works with ascii, but not base64.
but the idea was good! :)

164 Name: Anonymous 2005-08-04 04:33 ID:Ck/IPhf+ [Del]

would SOMEONE please run benchmarks comparing UFC and openssl crypt() speed?
and by someone, i dont mean me, and not anyone using my code?
my benchmarks (somewhere earlier in this thread) indicated that UFC was really, really bad.
it may have had a point in 1992 (when it was last updated) on 30MHz RISC machines, but i really, really fail to see any use for it today.

but, who knows, perhaps i did something really wrong, or was using an outdated variant, or whatever.
so, please, someone do some benchmarking.
and i dont mean the benchmark included in ufc, because that compares ufc against the libc crypt(), which indeed is the only thing worse than UFC in my tests.

well, or use the benchmark in ufc, and cram in the openssl crypt() so it uses the same framework for testing.

165 Name: !WAHa.06x36 2005-08-04 05:36 ID:Xsh6IP2+ [Del]

> aeh, and since we are matching base64 targets here, it wont really work at all, because case-insensitive bitmatching works with ascii, but not base64.

Ah, damn, that's right. Oh well!

166 Post deleted by moderator.

167 Post deleted by moderator.

168 Name: hotaru!hoTarufiRE 2005-08-17 18:58 ID:89leVugs [Del]

169 Name: Anonymous 2005-08-17 19:06 ID:lBDf0uoN [Del]

I did some testing on a Pentium M with 1.6GHz. Time for 5,000,000 iterations, changing the salt every 500,000 iterations:

OpenSSL DES_crypt(): 45.144s
UFC-crypt crypt(): 37.078s

170 Name: Anonymous 2005-08-18 05:47 ID:eX8HShYC [Del]

interesting. can i get the code you used somewhere?

i just did some benchmarking again too, not using the sodomized 4brute as framework, but the "speeds.c" that comes with ufc. runs the crypt() for 10sec cpu time, reports number of done cycles. no saltchanges at all. it has defines for ufc and libc, i added a ossl variant.
Results from my trusty Duron900 (64kB cache):

  • 37956.700000 crypt(libc)s per second.
  • 49705.200000 fcrypt(UFC)s per second.
  • 71742.300000 DES_fcrypt(ossl)s per second.

code here:
the speeds.c and Makefile are modified to add ossl.

this agrees with the numbers i had for 4brute using different backends.
perhaps i am using somethings that calls itself ufc, but really is outdated, wrong, or so?
from patchlevel.h: "UFC-crypt, patchlevel 1c, @(#)patchlevel.h 1.9 03/02/92"

from the README (most people reading this probably dont know any of those except the 386. ;):

  • Tested on 680x0, 386, SPARC, MIPS, HP-PA, Convex, Cray, Pyramid and IBM RS/6000 systems as well as with gcc on IBM PS/2(DOS) and Linux on a 386 PC.

but, the README contains also a possible reason for the sucky performance i am seeing:

  • Requires 165 kb for tables.

165 > 64. uh-oh.
let me guess, the Penti-M has 1MB cache?
goes to find something with bigger cache to rerun benches

171 Name: Anonymous 2005-08-18 06:13 ID:eX8HShYC [Del]

athlon1000, 256kB

  • 40874.800000 crypt(libc)s per second.
  • 54356.900000 fcrypt(UFC)s per second.
  • 79682.900000 DES_fcrypt(ossl)s per second.

pentiumII 266, 512kB, 2.4.31 SMP

  • 10205.200000 crypt(libc)s per second.
  • 4692.900000 fcrypt(UFC)s per second.
  • 2039.100000 DES_fcrypt(ossl)s per second.

pentiumII 266, 512kB, SMP

  • 11079.100000 crypt(libc)s per second.
  • 12916.800000 fcrypt(UFC)s per second.
  • 19783.000000 DES_fcrypt(ossl)s per second.

(note that the first P2 run only confirms that the linux 2.4.x SMP scheduler sucks frozen goats through nanotubes, with 2.6.x its right back in the pattern seen on the other hosts)

so, it does not seem to be just the size of the cpu cache.
makes me more interested in seeing the code used in >>169 ...

172 Name: Anonymous 2005-08-19 10:55 ID:ow0r33ci [Del]

Hrm, i dont quite see the use of cracking tripcodes if you cant post.
I wonder if there is a working proxy server somewhere...

173 Name: Anonymous 2005-08-19 11:54 ID:MrUgRgsr [Del]

I used my code from >>96 and compiled with -DBENCHMARK and an increased number of iterations. For OpenSSL I just changed crypt() zu DES_crypt(), included the necessary header file and linked against OpenSSL.

174 Name: Anonymous 2005-08-22 07:54 ID:9XEZ4djh [Del]

uhm, most of them are supposed to also work on 4chan, wakaba, kareha ...

are you using the same "UFC" as >>170 / >>171 ?
as in, something that got last updated 13 years ago?

175 Name: 173 2005-08-22 08:29 ID:Ujxsq7mR [Del]

My UFC readme tells me: 2.14 3/6/92

176 Name: Anonymous 2005-09-11 15:32 ID:rTVkJKUB [Del]

Some Japanese tripcode searchers, not tested and stolen from

  • @Œ©’m‚ç‚ʍ‘‚̃gƒŠƒbƒp[i‚—@
  • @Trip-Mona@@@@@@@@@@@
  • @‚¤‚Æ‚è‚Á‚ρ` (for Un*x)@@@
  • @‚Æ‚è‚Á‚ρ[ for Mac@@@@@@
  • @r*8@@@@@@@@@@@@@@@
  • @mty@@@@@@@@@@@@@@@

177 Name: Anonymous 2005-09-12 04:56 ID:JjilS79s [Del]

hello thar. Why doesn't my tripcodes work? I'm using tripper+ but I don't know how to configure the options because my computer won't show Japanese characters...

178 Name: Mr VacBob!JqK7T7zan. 2005-09-12 17:52 ID:g2MKZY9P [Del]

‚Æ‚è‚Á‚ρ[ is 26% faster than mine on my G3. I suppose I should find a faster crypt, but I remember UFC not giving correct output in some case.

179 Name: Anonymous 2005-09-13 07:12 ID:SVCYKYBK [Del]

afaik, john has bitslice-des code for fruity platforms.
you could take a stab at adapting the 4brute++ code, but i dont even want to think about what parts of it might be endianess-sensitive.

updating the x86 DESBS code to some newer extensions than MMX would be a pretty heroic task for some highly motivated young coder. :)

180 Name: Anonymous 2005-09-13 11:08 ID:JjilS79s [Del]

Hi. Can someone here please explain why my tripcodes doesen't work?

According to a program called tripper+, "#/te&brvbar;4M&frac14;A" will generate tripcode: "!aWrYyYlkcw".

But when I tested it on Sandbox, i got "!nbn1dFk5FA"

Why won't it work?

181 Name: !WAHa.06x36 2005-09-13 11:28 ID:Heaven [Del]

Because it's full of non-ASCII characters that will get parsed differently depending on which board you post it on, especially if you use HTML entities instead of the actual characters. If you want tripcodes that work everywhere, stick to plain ASCII characters only.

182 Name: Anonymous 2005-09-13 12:56 ID:9BUh8eYi [Del]

MMX registers are already 64 bits and have NOT AND and such. The only optimization that comes to mind would be vectorizing and doing two at once in SSE2 128bit registers

183 Name: Anonymous 2005-09-14 06:05 ID:7k3V/cGb [Del]

i am not so sure you know what bitslicing means. ;)

basicly it means using a CPU with N bit registers as N CPUs with 1 bit registers.
some operations (like DES) can profit from that a lot.
johns DESBS code does 64 "crypt() equivalent operations" in parallel on MMX, or 128 on altivec.

so porting this to newer extensions like SSE(2) would probably get another performance increase by a factor of 1.5-2 ...

but its hard to say without trying it since this stuff is getting really non-intuitive already. (direct influence of ram-speed on the performance, or the retarded linux 2.4.x SMP scheduler eating 70% of the performance, just to name two cute examples.)

184 Name: Anonymous 2005-09-14 18:37 ID:9BUh8eYi [Del]

SSE lacks the instructions to do the needed operations on its 128 bit registers, out of all of the additional instruction sets I can think of SSE2 is the only one that fit (I only know x86 chipsets). Maybe I didn't state it cleary, but I said you would not be likely to gain more than just being able to do two times as many as once. Not exactly something that is going to bring something that is currently an unreasonable search to feasability.

185 Name: Mr VacBob!JqK7T7zan. 2005-09-14 18:51 ID:fNHWCfUo [Del]

Altivec could certainly do it; it's much better than any x86 SIMD. Too bad it's only on the G4 and up. I could manage 32 bits at once, I guess.

186 Name: Anonymous 2005-09-14 20:32 ID:9BUh8eYi [Del]

For those curious of the AltiVec performance, a PowerPC G5 1.8 GHz
currently achieves the following:

Benchmarking: Traditional DES [128/128 BS AltiVec]... DONE
Many salts: 1103K c/s real, 1105K c/s virtual
Only one salt: 910566 c/s real, 910566 c/s virtual

The latest Pentium 4's aren't quite there yet (with MMX code).
Although SSE support for JtR is coming, preliminary testing shows that
it won't achieve this much speedup.

I would indent the quote but I am scared of markdown, straight from the horses mouth though (solar)

187 Name: Anonymous 2005-09-15 16:37 ID:1gPAmSOW [Del]

Your site doesn't work... It only redirects me to stuff like

188 Name: Anonymous 2005-09-16 10:21 ID:DdHqIbOT [Del]

100webspace is DQN.
this should work...

189 Name: Anonymous 2005-09-17 09:02 ID:5diG1p2P [Del]

well, it might be enough to shut up those fruituser claims about hardware superiority, considering they are less than factor 2 ahead while using 2x width. ;)

but, seeing how the biggest change in john 1.6.39 is adding a macosx-x86-mmx-cc build target, i guess apple will be shipping real computers before john grows SSE2 support. :)

190 Name: Anonymous 2005-09-18 17:55 ID:82Gg/HUk [Del]

Some instructions for using this would be nice.

191 Name: Mr VacBob!JqK7T7zan. 2005-09-18 21:14 ID:0otZ6SCc [Del]

>>189 doesn't seem to understand much :(
In the G5's case it's entirely CPU bound... I would look into running scalar and AltiVec at the same time, and why jtr's altivec code uses signed numbers.

But since I don't have one, I don't really care. I will see if I can make the non-DES parts parallelizable easily without making it really unreadable. SHA1 is supposedly AltiVecable as well; RC4 doesn't look like it is, though.

192 Name: !WAHa.06x36 2005-09-19 06:02 ID:fmijiWlI [Del]

RC4 runs like a dream on 8-bit microcontrollers, though.

193 Name: Anonymous 2005-09-19 21:20 ID:DdHqIbOT [Del]

to search for a tripcode you just do
trip [regex]
trip -c [regex]
where [regex] is the regular expression you want to match. if you don't supply a regular expression it uses .* (matches all tripcodes). if you use -c it does case sensitive matching.

194 Name: !WAHa.06x36 : 2006-02-15 15:37 ID:eNejbUCU [Del]

Restoring from the Google cache again:

215 Name: !WAHa.06x36 : 2006-02-09 05:15 ID:eNejbUCU [Del]


Because Wakaba and Kareha are set up so you get the same results as at 2ch and Futaba. You ask me, that means 4chan's tripcodes are broken.

216 Post deleted by moderator.

217 Post deleted by moderator.

218 Post deleted by moderator.

219 Name: Anonymous : 2006-02-10 14:57 ID:Heaven [Del]

Not to mention that 4chan's cookie code mangles things badly. Last I checked wakaba isn't the same as 2ch in every aspect. IIRC using an html entity you get the html entity instead of the actual character on 2ch, where it is converted first here. I'm also puzzled why some tripcodes are not the same. Shouldn't aaaaaaa) and aaaaaaa¿ result in the same tripcode? Since DES uses a 56 bit key only the lower 7 bits of every character is used.

220 Name: !WAHa.06x36 : 2006-02-10 15:50 ID:Heaven [Del]


Remember, the tripcode parsing is done in Shift_JIS.

221 Name: Anonymous : 2006-02-11 15:04 ID:daRDBpvC [Del]

wakaba and kareha convert &, <, >, ", ', and , into html entities, 0ch (the 2ch script) doesn't.
0ch replaces ŠÇ\` with hŠÇ\h, ŠÇf¼ with hŠÇf¼h, íœ` with híœh, Ÿ` with ž`, and š` with ™`.
futaba replaces ŠÇ\` with "ŠÇ\", íœ` with "íœ", Ÿ` with ž`, &amp; with &, and , with ,.
note that 0ch and futaba use different double quote characters (h and ")...

222 Name: Anonymous : 2006-02-11 15:09 ID:daRDBpvC [Del]
lol wakabamark...
let's try this again...
ŠÇ\ -> hŠÇ\h
ŠÇf¼ -> hŠÇf¼h
íœ -> híœh
Ÿ -> ž
š -> ™

ŠÇ\ -> "ŠÇ\"
íœ -> híœh
Ÿ -> ž
&amp; -> &
Post too long. Click to view the whole post or the thread page.

223 Name: Anonymous : 2006-02-11 15:10 ID:daRDBpvC [Del]

> , -> ,

okay, the first one should be & # 4 4 ;
that was with Formatting: None... bug?

224 Name: !WAHa.06x36 : 2006-02-11 18:01 ID:Heaven [Del]


Bug, yes, but in HTTP. There's no way to tell if a user typed a numerical entity, or if the browser auto-converted a character outside the current charset to an entity.

195 Name: Anonymous : 2006-02-17 20:22 ID:4DdZPMko [Del]

Wow those posts got screwed up..
anyways. Someone asked if it is impossible to crack a tripcode if you use an 8 character random string in aprevious life of this thread. The answer is no, if you really care about being the only one with the tripcode you should use a secure tripcode (name#trip#secure). This is the third and shittiest version of this post I have made. I shall not make another one.

196 Name: !WAHa.06x36 : 2006-02-17 21:36 ID:Heaven [Del]


I think the NSA has been attacking this thread to stop this information from getting out!

197 Name: Anonymous : 2006-02-18 03:58 ID:4DdZPMko [Del]

Damn bastards cannot leave DES alone! Why bother making the S-boxes resistant to differtial cryptology 15 years before anyone knows about it and then suggest a reduced keysize.. AND THEN hide the information that tripcodes are about as secure as a plastic lock!

198 Name: Anonymous : 2006-03-05 13:58 ID:VwchEjOn [Del]

does anyone have a copy of 4brute-johnbs?

199 Name: !WAHa.06x36 : 2006-03-05 16:33 ID:Heaven [Del]

Not on this board.

200 Name: Anonymous : 2006-03-07 01:28 ID:Heaven [Del]

Someone really should make a post(somewhere) of all of the technical details of tripcodes. I keep forgetting to verify (and wel.l redo as they are totally fucked up) >>221-222 and list any other inconsitencies. I'm sure I'll eventually get around to it or someone else will do it for me.
Also, is it still 200GET if it isn't the first time?

201 Name: Anonymous : 2006-03-07 16:56 ID:F/Zusv+8 [Del]


> this should work...

Error! Could not locate remote server

202 Name: hotaru : 2006-03-07 23:49 ID:Heaven [Del]

yeah... my "dynamic" ip never changes, so the dynamic dns never gets updated, so it expired...
i'm working on setting up a new server, i'll post a link here when i'm done.

203 Name: Potato : 2006-04-13 09:40 ID:2uF14587 [Del]

I like potatoes.

204 Name: Anonymous : 2006-05-17 08:07 ID:KDKASRee [Del]

the best thing to do is look at the actual 0ch/futaba code to see what they do...


205 Name: Anonymous : 2006-05-17 14:14 ID:Heaven [Del]

206 Name: !evHPL0.Jzg : 2006-05-18 01:25 ID:G8pNJ2bo [Del]


207 Name: !XO4pLzfguw : 2006-05-20 22:40 ID:Heaven [Del]


208 Name: Anonymous : 2006-05-22 15:32 ID:q5nsewOw [Del]

>>205 tor routing system, looks like.

209 Name: !WAHa.06x36 : 2006-05-22 16:01 ID:Heaven [Del]


This is not a tripcode testing thread. Use the testing thread over at /sup/ if you really need to.

210 Name: Mr VacBob!JqK7T7zan. : 2006-06-27 00:23 ID:JFHvDw9e [Del]

A friend has been running tripper2ch on his Macbook looking for "MUSASHI" tripcodes for so long it's reached eight character inputs.

All the hoorj bitslice sse stuff up there is way past my ability to care about this, but maybe I should multithread it or look into OpenMP.

(and, man, the Darwin crypt.c I'm using is awful. I still won't change it to something that's wrong, but maybe at least I'll use Free/OpenBSD'sc)

211 Name: Mr VacBob!JqK7T7zan. : 2006-06-27 00:24 ID:JFHvDw9e [Del]

Hey, why can't I use an ellipsis if I post from inside the thread!


212 Name: Anonymous : 2006-06-27 06:43 ID:KDKASRee [Del]

4brute-johnbs-p5 (that's the prefix-matching one) + john 1.7.2 (Bitslice DES assembly code for x86-64 making use of the 64-bit mode extended SSE2 with 16 XMM registers has been added for better performance at DES-based crypt(3) hashes with x86-64 builds on AMD processors.) = 1211kcps on my 1.6GHz machine :)

213 Name: Mr VacBob!JqK7T7zan. : 2006-06-27 21:40 ID:JFHvDw9e [Del]

I'm sorry to say that no human being can follow all those prepositions.

214 Name: Anonymous : 2006-06-28 18:23 ID:Heaven [Del]

>>212 Was that even english?

215 Name: EleoChan!EhVtXXdTd6 : 2006-06-28 19:38 ID:Heaven [Del]

I feel inadequate and want to take a computer science class.

216 Name: dmpk2k!hinhT6kz2E : 2006-06-28 21:30 ID:Heaven [Del]

Don't worry. People who take computer science classes feel inadequate in the grand scheme of things too.

217 Name: !tCjnBrMXJQ!!CBusuONe : 2006-07-28 20:04 ID:bub3rlhP [Del]

i use tripmona

218 Name: Mr VacBob!JqK7T7zan. : 2006-08-16 20:15 ID:O3Zsn0FH [Del]

I think I'm going to rewrite mine so it uses OpenMP, because OpenMP is pretty cool.

Also I guess it should support modern wakaba and be endian-safe on shiichan. Even though I'm the only one that uses shiichan's.

219 Name: Anonymous : 2006-08-21 11:12 ID:6+cz6mUx [Del]

I am running Tor, but how do I make it (or Privoxy?) aware of .tor domains?

220 Name: Anonymous : 2006-08-21 20:43 ID:KDKASRee [Del]

221 Name: anon!caRDAn9Ewg : 2006-09-15 22:30 ID:rdjvWTyc [Del]

Someone explain the process for generating tripcodes anyway.

I'm goofing around teaching myself php and want to make a tripcode test script for the hell of it.

222 Name: Albright!LC/IWhc3yc : 2006-09-16 09:59 ID:a2om6aN1 [Del]

That'd be re-inventing the wheel. Here's the (slightly poorly-written) snippet of code from Thorn that generates 2ch-style trips:

if ($pos!==false) {
//2ch-style tripcodes...
//More or less stolen from Futallaby
else {

223 Name: anon!21anon4H3U : 2006-09-16 12:56 ID:Heaven [Del]

The point of re-inventing the wheel is that you understand it better and aren't just copying stuff you saw other people do. As it is I can't make heads or tails of your code.

224 Name: Albright!LC/IWhc3yc : 2006-09-18 01:34 ID:a2om6aN1 [Del]

To tell the truth, I have a hard time following it too. Why? Because (as the comments say) it was lifted with few modifications from another (open-source) PHP image board script. And the guy who wrote that probably transcribed it from another image/message board script written in Perl. So I didn't reinvent the wheel either. But you know what? It works.

I'll write it out a bit


Take the second and third characters of the trip key with "H." appended to the end of it. This is the "salt."


Replace characters that don't match the regular expression [^\.-z] (basically, non-ASCII characters) with a period.


Replace a bunch of characters that are ASCII but not letters with letters. Remember that "\\" in this case is an escaped "\".


The trip code is the last ten characters of the result of a standard UNIX encryption function, with the trip key and the salt as input.

Wanna rewrite that in your own code? Have fun.

225 Name: !WAHa.06x36 : 2006-09-18 04:53 ID:Heaven [Del]

To get it entirely right, you should probably apped "H.." instead of "H.". Also, you should convert from whatever charset you are using to Shift_JIS before doing anything else.

226 Name: Albright!LC/IWhc3yc : 2006-09-18 10:12 ID:Heaven [Del]

Would conversion to Shift-JIS really make a difference, seeing as it's only working with ASCII characters anyway?

227 Name: WAHa.06x36!H2DERX1Q7c : 2006-09-18 12:57 ID:Heaven [Del]

It's not only working with ASCII characters. It's working with the full 8-bit bytes.

For instance, #kami doesn't work if you don't convert to Shift_JIS, and furthermore, tripcodes will change depending on the charset of the board.

228 Name: !WAHa.06x36 : 2006-09-18 12:58 ID:Heaven [Del]

...and now, it's not working here. Seems I've got some fresh new bugs to sort out.

229 Post deleted by user.

230 Name: Albright!AOhZ6OjO7w : 2006-09-20 19:26 ID:a2om6aN1 [Del]


<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "">
<html xmlns="" lang="en" xml:lang="en">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
@header('Content-type: text/html; charset=utf-8');
if (function_exists("mb_internal_encoding")) {
//This server will support multi-byte strings. Unicodey goodness!
<p><?php echo("<strong>".$name."</strong>!".$trip); ?></p>
<form method="post" enctype="multipart/form-data" action="index.php">
<input type="text" size="20" name="nombre" /><input type="submit" />

This'll go into Thorn 2.

231 Post deleted by moderator.

233 Post deleted by moderator.

234 Post deleted by moderator.

235 Post deleted by moderator.

236 Post deleted by moderator.

237 Name: Mr VacBob!JqK7T7zan. : 2006-12-27 20:43 ID:pdYGsqpr [Del]

Now endian-safe, slightly slower on icc, much faster on gcc.

Switched to FreeBSD crypt() because it's much shorter. Unfortunately also much more bottlenecked in one random-access array lookup that goes to main memory. Didn't switch to the JTR code WAHa sent me because it would ruin my beautifully short program.

Also I forgot to add modern wakaba trips but I'll do it sometime.

This crypt isn't reentrant :(

238 Post deleted by moderator.

239 Post deleted by moderator.

240 Post deleted by moderator.

241 Name: Anonymous : 2007-01-08 20:36 ID:Heaven [Del]

freebsd crypt() is faster than openssl crypt on my laptop (turion, 64-bit freebsd), but it's slower on the machine i'm using now (pentium 3, 32-bit freebsd)... i wonder why?

242 Name: !SpoyguowHY : 2007-01-30 15:14 ID:bDIsisqc [Del]

This thread has blown my mind.

243 Name: Anonymous : 2007-03-10 22:58 ID:xUjE//AS [Del]


I'm an internet dumbass and a computer illiterate; how do I even run that program?

244 Name: Anonymous : 2007-03-11 10:14 ID:Heaven [Del]

245 Name: Anonymous : 2007-03-12 10:29 ID:Heaven [Del]

I am by no means a linux/unix expert, but I assume that you compile it by running "" script and run the executable from the command line?

246 Name: Anonymous : 2007-03-27 14:14 ID:FJyWesxi [Del]

yeah no problem if it would even build on my end

tripper.c:23:28: error: mach/mach_time.h: No such file or directory
tripper.c:23:28: error: mach/mach_time.h: No such file or directory
In file included from tripper.c:28:
sha1.c: In function earray_swapf:
sha1.c:96: warning: implicit declaration of function ehtonlf
tripper.c:23:28: error: mach/mach_time.h: No such file or directory
tdict.c: In function emainf:
tdict.c:108: warning: implicit declaration of function efgetlnf
tdict.c:108: warning: assignment makes pointer from integer without a cast
/tmp/ccQVniCX.o: In function `main':
tdict.c:(.text+0xcce): undefined reference to `fgetln'
collect2: ld returned 1 exit status

247 Name: Anonymous : 2007-03-28 07:29 ID:S0jb7OoQ [Del]



I'm not going to bother rewriting tdict to use getline() just because glibc is crazy though :(

248 Name: Anonymous : 2007-03-31 08:16 ID:tuBmA1gg [Del]


249 Name: Ilsambärd!YEAH.5Mbyc : 2007-04-05 12:56 ID:eUQeiaBZ [Del]

hay guyz, wuts goin on in dis tread?

I'd kill or die for a windows version of a decent tripcode decoder. Failing that, instructions for an idiot. I like YEAH but I'd like to make more. This was a pain in the ass to get.


250 Name: !oTLVIPr/s. : 2007-04-06 07:28 ID:7o1GNZZJ [Del]

251 Name: Anonymous : 2007-04-06 15:05 ID:qJHsHfeE [Del]

FBI has deleted all links... how sad

252 Name: whack!m1DHNJT5H. : 2007-04-06 18:58 ID:qJHsHfeE [Del]

aww man, got a linux version?

254 Name: whack!m1DHNJT5H. : 2007-04-08 08:17 ID:qJHsHfeE [Del]

why, thank you kind sir

255 Name: Anonymous : 2007-04-28 21:51 ID:JmAOTejb [Del]


So.. how does this work? All I get is a command prompt spamming with tripcodes and what they convert into, but doesn't seem to dump anywhere that I can see.

256 Name: Anonymous : 2007-04-29 09:53 ID:Heaven [Del]

trip <string> to find tripcodes containing <string> (case insensitive)
trip -c <string> to find tripcodes containing <string> (case sensitive)

there's also, which supports regexes.

257 Name: Anonymous : 2007-05-09 02:07 ID:cJf0cKNN [Del]

What? Where do I put that?
In a txt file or something?

258 Name: Anonymous : 2007-05-09 05:14 ID:Heaven [Del]

lol, wow

259 Name: Anonymous : 2007-05-09 05:30 ID:Heaven [Del]


  1. press windows key+r
  2. type cmd
  3. press enter
  4. ???
  5. profit!!!

260 Name: Anonymous : 2007-05-10 15:49 ID:338suRr9 [Del]

This shit's useful ~desu

261 Post deleted by user.

262 Name: Anonymous : 2007-05-20 12:23 ID:aEvVXGs6 [Del]

trip -c <ROFLCOPTER>

263 Name: Ted!c0RBin.rN. : 2007-05-20 18:03 ID:G8Du7Gan [Del]


Thanks, dude!

264 Name: Anonymous : 2007-06-04 02:04 ID:Ha6vCBxW [Del]

I found a tripcode that I've been looking for with Tripper+. However, it uses a non-standard character, "¼". Is there something that will convert that character into either kanji or a standard numeral or letter?

Thanks in advance.

265 Name: Anonymous : 2007-06-04 06:11 ID:IqpFg6Cr [Del]

¼ = U+00BC
0xBC in Shift-JIS = U+FF7C (
U+FF7C = ¼

266 Name: !SEXwNEvaDA : 2007-06-04 06:16 ID:Heaven [Del]

oh, and now i know how to make this tripcode work ^^

267 Name: Anonymous : 2007-06-04 11:54 ID:Ha6vCBxW [Del]

Thanks a lot. Unfortunately, my trip's still not working, though.

268 Name: !SEXwNEvaDA : 2007-06-04 20:39 ID:Heaven [Del]

it might have other characters you need to convert...
or if it has any of the characters that are converted to html entities (i think just ,<>"'&) it might not work at all... i'm not sure if tripper+ handles those correctly...

269 Name: Anonymous : 2007-06-05 09:35 ID:Ha6vCBxW [Del]

There's a ~ and / in it, but I don't think those would pertain to HTML entities.

270 Name: Anonymous : 2007-06-05 11:37 ID:Heaven [Del]

where are you trying to use it? if it doesn't contain any of the characters mentioned in >>268 and you've converted any characters that aren't the same in unicode and shift-jis it should work on wakaba and kareha boards.
futallaby and shiichan (at least the versions used on 4chan) are apparently horribly broken wrt tripcodes.

271 Name: Anonymous : 2007-06-05 12:07 ID:Ha6vCBxW [Del]

I've tried at 4chan. Haven't here, yet.

272 Name: !SEXwNEvaDA : 2007-06-05 12:36 ID:Heaven [Del]

ok, apparently such tripcodes can be made to work on 4chan.
you just have to set the character encoding to shift-jis before you post.

273 Name: Anonymous : 2007-06-05 16:43 ID:wPcVChyI [Del]

> futallaby and shiichan (at least the versions used on 4chan) are apparently horribly broken wrt tripcodes.

they're interpreted as utf-8, except on /sjis/ where they aren't. official policy is to not fix this because we hate people who use tripcodes.

274 Name: test!!LURmbEuJ : 2007-06-07 14:52 ID:7vWVVPZ3 [Del]

sage lol

275 Name: Anonymous : 2007-06-08 03:56 ID:Heaven [Del]

> This board is not for testing your tripcodes.

276 Name: Anonymous : 2007-06-08 05:43 ID:Heaven [Del]

perhaps a link to the test thread should be added

277 Name: Anonymous : 2007-06-08 13:21 ID:+gCVmaWL [Del]

>>276 Or even the Sandbox.

278 Name: Anonymous : 2007-06-08 22:18 ID:KPBDP2dN [Del]

Trip works alright, but do any other generators that run under Windows do strings that aren't 8 characters long? Seems like it's pretty limited by that, and it repeats them pretty often.

279 Name: Anonymous : 2007-06-09 03:55 ID:Heaven [Del]

280 Name: f : 2007-06-14 14:06 ID:wNoBU66K [Del]

281 Name: Anonymous : 2007-06-14 20:36 ID:Heaven [Del]

282 Post deleted by user.

283 Name: !MoE/BDanU2 : 2007-06-17 21:37 ID:Heaven [Del]

well, this one has no html entities...

284 Name: YOUSUCK!3GqYIJ3Obs!!wdmn48Oq : 2007-07-18 10:12 ID:9JGyosan [Del]


285 Name: !P00O0Z0YiU : 2007-07-23 13:28 ID:zG3MLb23 [Del]

seeking 4brute-johnbs.... or some better glue for x86-sse.S (etc)

I've had some luck using OpenSSL's crypt, but I'm struggling to get the right bits in and out of john's bitslicing DES code.

286 Name: Anonymous : 2007-07-23 19:24 ID:Heaven [Del]

Have a look at vectripper. It's written for OS X but it uses john.

287 Name: Anonymous : 2007-07-24 08:22 ID:Heaven [Del]

> seeking 4brute-johnbs

you won't get it on this board.

288 Name: !P00O0Z0YiU : 2007-07-24 08:51 ID:zG3MLb23 [Del]

... indeed. After reading through the entire thread, and seeing this place's visibility on google, I can understand why nobody is just going to hand over the code to me...oh well. I'm making progress hacking something together. VecTripper's source hurts my eyes so I'm just sticking to peekin' through John. Reinventing the wheel sucks by the way...

289 Name: Anonymous : 2007-07-26 05:41 ID:Heaven [Del]

you could try asking on some other board...

290 Name: Anonymous : 2007-08-14 07:29 ID:3giPZ9Bi [Del]

I noticed an odd property of tripcodes (well, crypt actually): the last character will always be one of [.26AEIMQUYcgkosw] -- one of every fourth character in the overall character set.

291 Name: !WAHa.06x36 : 2007-08-14 09:18 ID:Heaven [Del]


DES output is 64 bits. It is encoded into a string consisting of characters from a set of 64, meaning each character encodes 6 bits. The output is 11 characters long, which adds up to 66 bits, the two last of which thus go unused. A loss of two bits means every fourth character is used.

292 Name: Anonymous : 2007-08-18 19:31 ID:Heaven [Del]

Hmm. Maybe it'd've been better to substr($crypted, 2, 10) to get more useful bits? Oh well, too late now.

293 Name: Anonymous : 2007-08-24 15:36 ID:FzFoCV2o [Del]

Anybody have a link to hotaru's tripcode program? I've tried tripper+, but it can't find the same ones his did.

294 Name: Anonymous : 2007-08-25 04:16 ID:Heaven [Del]

295 Post deleted by moderator.

296 Post deleted by moderator.

297 Post deleted by moderator.

298 Post deleted by moderator.

299 Post deleted by moderator.

300 Name: Anonymous : 2007-10-18 17:09 ID:s2ocIXbt [Del]

So I've found one I liked, but it uses a "‘". However I'm too dumb to actually understand how to find it in that list. /r/ help

301 Name: Anonymous : 2007-10-19 02:03 ID:Heaven [Del]

That's already a Shift-JIS character. Since only the lower seven bits matter, you can usually find the ASCII character it matches with the high bit removed, but unfortunately for you ‘ corresponds to " (a quotation mark) -- and quotes get mangled in tripcodes.

At least for Wakaba/Kareha based boards, you can just switch the page's charset to Shift-JIS before posting and it'll work.

302 Name: !WAHa.06x36 : 2007-10-19 04:32 ID:Heaven [Del]

No, Wakaba and Kareha both automatically convert tripcodes to Shift-JIS no matter what the charset. If you start changing it manually, you're more likely to break it than anything else.

303 Name: Storlek!desu/4y/Xg : 2007-10-19 07:55 ID:Heaven [Del]

>>302,11 [first three messages]

In both of those I left the encoding alone on the first post, and switched to SJIS afterward.

I also have three test installations of both Wakaba and Kareha on three separate systems, and none of them convert the character sets correctly.

304 Name: Anonymous!E90LKeZvx2 : 2007-10-19 16:30 ID:s2ocIXbt [Del]

So what am I doing wrong here? It's not matching with what it said it should change to. D:

305 Name: Anonymous!E90LKeZvx2 : 2007-10-19 16:33 ID:s2ocIXbt [Del]

Also, excuse my stupidity, I am >>300

306 Name: !WAHa.06x36 : 2007-10-19 18:08 ID:Heaven [Del]


I'm not sure what you're trying to do, but the test case works exactly as it should - #‚‹‚‚‚‰ becomes !yGAhoNiShI.

307 Post deleted by moderator.

308 Post deleted by moderator.

309 Name: !WAHa.06x36 : 2007-10-19 20:07 ID:Heaven [Del]


Do not test tripcodes in here. If you really have to, use the test thread.

311 Name: Anonymous : 2007-10-21 18:34 ID:o7z1Y0zM [Del]

Python-fag here, this seems to work fairly decently for ASCII tripcodes, seeing as Albright's original Python version is nowhere to be found, so it's based on the Thorn PHP version he posted earlier.

This code probably sucks and is slow.

def tripcode(trip):

if len(trip) > 0:
salt = trip[1:3] + "H.."
kill_non_ascii = re.compile("[^\.-z]")
salt = kill_non_ascii.sub('.', salt)
replace_dict = {
":" : "A",
";" : "B",
"<" : "C",
"=" : "D",
">" : "E",
"?" : "F",
"@" : "G",
"[" : "a",
"\\" : "b",
"]" : "c",
"^" : "d",
"_" : "e",
"`" : "f",
for line in replace_dict:
salt = salt.replace(line, replace_dict[line])
trip = trip.encode('shift_jis', 'replace')
salt = salt.encode('shift_jis', 'replace')
result = crypt(trip, salt)[3:]
result = ""
return result

312 Name: Anonymous : 2007-10-21 22:23 ID:Heaven [Del]


def get_tripcode(pw):
pw = pw.encode('sjis', 'ignore') \
.replace('"', '&quot;') \
.replace("'", ''') \
.replace('<', '&lt;') \
.replace('>', '&gt;') \
.replace(',', ',')
salt = re.sub(r'[^\.-z]', '.', (pw + 'H..')[1:3])
salt = salt.translate(string.maketrans(r':;=?@[\]^_`', 'ABDFGabcdef'))
return crypt.crypt(pw, salt)[-10:]

313 Name: Anonymous : 2007-10-22 05:42 ID:eY1W+jH6 [Del]

import re,string,crypt
def get_tripcode(pw):
pw = pw.encode('sjis', 'ignore') \
.replace('"', '&quot;') \
.replace("'", '\'') \
.replace('<', '&lt;') \
.replace('>', '&gt;') \
.replace(',', ',')
salt = re.sub(r'[^\.-z]', '.', (pw + 'H..')[1:3])
salt = salt.translate(string.maketrans(r':;=?@[\]^_`', 'ABDFGabcdef'))
return crypt.crypt(pw, salt)[-10:]

314 Name: Anonymous : 2007-10-22 06:21 ID:eY1W+jH6 [Del]

Horribly in-efficient and shitty code for seeing how many tripcodes per second your machine can push. Needs the shit optimizing out of it.

import re,string,crypt,time,math
def get_tripcode(pw):
pw = pw.encode('sjis', 'ignore') \
.replace('"', '&quot;') \
.replace("'", '\'') \
.replace('<', '&lt;') \
.replace('>', '&gt;') \
.replace(',', ',')
salt = re.sub(r'[^\.-z]', '.', (pw + 'H..')[1:3])
salt = salt.translate(string.maketrans(r':;=?@[\]^_`', 'ABDFGabcdef'))
return crypt.crypt(pw, salt)[-10:]
def ts(): return int(time.time())
end = ts() + 60
i = p = 0
while ts() < end:
p = 0
end2 = ts()+1

while ts() < end2:
lol = "%d tc/s" % (p)
#print("\b") * len(lol)
print "%d tripcodes generated in 60 seconds\nAverage rate: %d tripcodes per second\n" % (i,int(math.ceil(i/60))) 

My comp is 0.9GhZ (lolol), and with this script I get around 1500 tc/s

315 Name: Anonymous : 2007-10-22 06:21 ID:eY1W+jH6 [Del]

With this script however, I get over 9000 tripcodes a second

function tripcode($plain)
$salt = substr($plain."H.", 1, 2);
$salt = ereg_replace("[^\.-z]", ".", $salt);
$salt = strtr($salt, ":;<=>?@[\\]^_`", "ABCDEFGabcdef");
return substr(crypt($plain, $salt), -10);
$end = time()+60;
$p=0;$end2 = time()+1;
echo $p." tc/s";
echo str_repeat("\x08",strlen($p)+5);
echo "$i tripcodes generated in 60 seconds\nAverage rate: ".round($i/60)." tripcodes per second\n";

316 Name: Anonymous : 2007-10-22 08:07 ID:Heaven [Del]

An interpreted python script that wasn't intended to crack tripcodes is slow at cracking a tripcode? Holy shit, Batman.

That's why all the decent tripcode searchers are written in C.

317 Name: Anonymous : 2007-10-22 10:27 ID:eY1W+jH6 [Del]

I wish I had the wherewithal to learn C ;_;

318 Name: Anonymous : 2007-10-22 14:40 ID:o7z1Y0zM [Del]


319 Name: Anonymous : 2007-10-22 15:00 ID:o7z1Y0zM [Del]

You could possibly use Psyco or similar JIT compiler to boost your speed by a significant margin. It's pretty surprising how much faster PHP is, after all it's not a real programming language ;-)

320 Name: Anonymous : 2007-10-22 16:44 ID:Heaven [Del]

You're still comparing that PHP code to a function in Python that's designed to produce correct tripcodes, and isn't intended for speed in the first place. If you're going to start benchmarking languages, at least do so competently.

321 Name: Anonymous : 2007-10-25 09:27 ID:Heaven [Del]

forgive my lack of understanding on this topic, but is it possible to have any tripcode you want, given enough time/resources/whatever?

322 Name: Anonymous : 2007-10-25 14:01 ID:Heaven [Del]

>>321 here
Sorry, retarded question

What I meant was: I've seen a few trips containing whole 8 letter words, uncanny matches to the poster's name, other things like that. I've used trip.exe and found that the list of trips output for a certain criteria is finite, so my more appropriate question is: is it possible to get EXACTLY the trip you want? if so how?

323 Name: Anonymous : 2007-10-25 16:31 ID:ik0jQ1Dy [Del]

It's very unlikely that you could just find an 8 character tripcode that's exactly the one you want it to be, it would possibly take years and years of processing time to find an exact match.

However it might be possible to randomly generate tripcodes and match them against a list of dictionary of 8 letter words, hence you could find full words and then change your name to match the new tripcode. Still wouldn't be very fast though.

324 Name: Anonymous : 2007-10-25 19:20 ID:Heaven [Del]

different runs of trip.exe will produce different repeating lists of tripcodes because windows doesn't have random() and it's rand() sucks.

325 Name: Anonymous : 2007-10-26 09:41 ID:Heaven [Del]

>different runs of trip.exe will produce different repeating lists of tripcode

Interesting, I am running two instances of trip.exe right now, searching for matches to the same string and I'm getting the exact same output from them both.

326 Name: Anonymous : 2007-10-26 10:27 ID:Heaven [Del]

wait, cancel that

327 Name: Anonymous : 2007-10-26 12:31 ID:Heaven [Del]

If you started them at the same time, that will be the case since the random number generator is seeded by the time in seconds.

328 Name: Anonymous : 2007-10-27 23:18 ID:Heaven [Del]

Lol, you guys are smart. (Seriously. Not trolling. Some people's knowledge here really impresses me.)

329 Name: !0841327956 : 2007-10-28 13:11 ID:eY1W+jH6 [Del]

C:\>trip.exe | grep -P \d{10}
`Eqppj9l = 1354773682
eyd!{P0V = 0841327956
I560v;3t = 8550610352
`Eqppj9l = 1354773682
eyd!{P0V = 0841327956
I560v;3t = 8550610352

This took ~4hrs to generate. (lol intel celeron)

330 Name: !0841327956 : 2007-10-28 13:14 ID:eY1W+jH6 [Del]

What I'm trying to say is that trip.exe PRNG is terribly cyclic: The more complex the search string, the more likely the PRNG will run around in circles.

331 Name: !WAHa.06x36 : 2007-10-28 13:19 ID:Heaven [Del]

Instead of using rand(), which does suck horribly, just use this:

return s1^s2^s3;

332 Name: !pilcoypuck : 2007-10-29 03:05 ID:eY1W+jH6 [Del]


333 Name: !WAHa.06x36 : 2007-10-29 14:36 ID:Heaven [Del]


Tausworthe random number generator, generates quality 32-bit random integers with a cycle of something like 2^88, extremely fast and simple. Seeding is left as an excercise to the reader, I just set s1, s2 and s3 to the seed times various large integers.

334 Name: Anonymous : 2007-10-29 14:38 ID:Heaven [Del]

Nice. Never could get my head 'round bitwise operators, though...

335 Name: Anonymous : 2007-10-29 14:52 ID:Heaven [Del]

How does it compare to the Mersenne Twister?

336 Name: Anonymous : 2007-10-30 00:30 ID:Heaven [Del]

Cycle of 2^88? So that is not a linear shift feedback whatchamacallit then?

Oh, of course. There are three variables, so the longest possible cycle isn't 2^32, it's 2^96...

337 Name: !WAHa.06x36 : 2007-10-30 09:17 ID:Heaven [Del]


I know it's faster, and the state is much, much smaller, but I'm not sure how it stacks up quality-wise. It's supposed to be a viable competitior, though, and it's certainly good enough for pretty much all casual uses.

338 Name: Anonymous : 2007-10-30 14:14 ID:Heaven [Del]

here's a better one:

return z1^z2^z3^z4;

339 Name: Anonymous : 2007-11-03 21:25 ID:j7QDWlDK [Del]

Just out of curiosity (I'd like to compare it to the work I'm doing now). How many kilo-crypts per second (kcps) are people getting right now with faster processors out such as a 2.6 ghz core 2 conroe?

340 Name: Anonymous : 2007-11-04 04:47 ID:Heaven [Del]

897 mhz/7.15945 kcps

 ___           ___      
/\_ \ /\_ \
\//\ \ ___\//\ \
\ \ \ / __`\\ \ \
\_\ \_/\ \L\ \\_\ \_
/\____\ \____//\____\
\/____/\/___/ \/____/

341 Name: Anonymous : 2007-11-04 04:56 ID:Heaven [Del]

Killed non-essential process, 'optimised' my code, now I can get 8.9kcps. VICTOLY.

342 Name: Anonymous : 2007-11-04 05:24 ID:Heaven [Del]


I hate to rain on your parade there, but I used to get ~100 on similar hardware.

343 Name: Anonymous : 2007-11-04 13:14 ID:Heaven [Del]


344 Name: Anonymous : 2007-11-04 15:37 ID:j7QDWlDK [Del]

339 here.
I'm managing 520kcps with what I wrote in a couple hours, but that doesn't really say much.

345 Name: Anonymous : 2007-11-05 19:50 ID:Heaven [Del]

Powerbook G4, roughly 900kcps.

346 Name: cake : 2007-11-06 08:57 ID:vy4ixYa5 [Del]


347 Name: Anonymous : 2007-11-06 14:14 ID:Heaven [Del]

348 Name: Anonymous : 2007-11-07 07:12 ID:Heaven [Del]

13Megcps with Playstation3!

349 Name: Anonymous : 2007-11-07 07:49 ID:Heaven [Del]

at last, it's good for something.

350 Name: Anonymous : 2007-11-08 23:51 ID:Heaven [Del]

1 million jiggawatts with bolt of lightning

351 Post deleted by moderator.

352 Name: Anonymous : 2007-11-27 11:33 ID:YgFpvOll [Del]

I've been running 3 simultaneous instances of trip.exe for ~40 mins now, and got 31 trips matching a case sensitive 5 character string. Quad core's aiiiite.
More notably though, Vista (which I'm using) gives me completely unique results which is nice.

353 Name: Anonymous : 2007-11-27 13:27 ID:Heaven [Del]

> More notably though, Vista (which I'm using) gives me completely unique results which is nice.


354 Name: sage : 2007-11-27 13:50 ID:YgFpvOll [Del]

355 Name: Anonymous : 2007-11-27 18:02 ID:Heaven [Del]

a better PRNG was added to trip.exe after >>324, Vista shouldn't make any difference.

356 Name: Anonymous : 2007-12-08 22:36 ID:mYs9wcbh [Del]


> Where's a link to an internet-based tripcode whatever thing?
if you have a fast processor and run it in a decently fast browser like opera or safari it might actually be fast enough to be useful.
on my computers here it's horribly slow in firefox (freebsd and windows xp), slightly better in konqueror (freebsd) and IE 7 (windows xp), and almost fast enough to be useful in opera (freebsd and windows xp) and safari (windows xp). and these machines are all more than 2 years old.

357 Post deleted by moderator.

358 Name: Anonymous : 2007-12-27 20:51 ID:Heaven [Del]

0.4cps on my phone!
And 0.7cps on my DS ite with the DS browser!

359 Name: Anonymous : 2007-12-29 09:12 ID:Heaven [Del]

should try it on a ps3...

360 Name: Anonymous : 2008-01-11 14:24 ID:Heaven [Del]

To tie this thing into a current conspiracy theory of mine, since you're all talking about tripcode searchers...

Densha Otoko's trip code was nm4g8qV1Cg.

How long would it have taken, realistically, for someone to crack it in 2004? I'm interested in learning at what point it would no longer be plausible for someone to step forward and claim to be him, citing the tripcode as evidence.

361 Name: Anonymous : 2008-01-11 14:25 ID:Heaven [Del]

(reposted without sage)

To tie this thing into a current conspiracy theory of mine, since you're all talking about tripcode searchers...

Densha Otoko's trip code was nm4g8qV1Cg.

How long would it have taken, realistically, for someone to crack it in 2004? I'm interested in learning at what point it would no longer be plausible for someone to step forward and claim to be him, citing the tripcode as evidence.

362 Name: RT!!5/uvvYDO : 2008-01-15 07:09 ID:Heaven [Del]

use mty or Tripcode Explorer instead. ;)


Tripcode Explorer

363 Name: Anonymous : 2008-01-26 11:44 ID:Heaven [Del]

anyone know of an english translation of Tripcode Explorer?

364 Post deleted by moderator.

365 Post deleted by moderator.

366 Name: Anonymous : 2008-02-15 13:46 ID:Heaven [Del]

>>360 A week? a few days? Not long, even back in 2004.

367 Name: Anonymous : 2008-02-29 05:12 ID:jvCX6o9N [Del]

ITT: Idiots who can't even find stable hosting pretending to offer links to their shitty software.

368 Name: Anonymous : 2008-02-29 14:30 ID:pem1Fmpj [Del]

>>360 depends on who that ``someone'' is. Your average otaku? Pretty long. Someone with access to a supercomputer? Probably a day at most.

369 Name: Anonymous : 2008-02-29 16:02 ID:Heaven [Del]

yeah, about a week is "pretty long".

370 Name: Anonymous : 2008-03-02 15:30 ID:2svT23JJ [Del]

this thread began in 2004

371 Name: Anonymous : 2008-03-25 00:10 ID:QflAkg1d [Del]

So what's the status of tripcode decoders for *nix? Everything ITT seems to either be dead links, for windows or slow as hell python.

372 Name: Anonymous : 2008-03-25 01:56 ID:Heaven [Del]


there's also that version of 4brute that uses the bitslice code from john the ripper, but don't ask for it on this board.

373 Name: Anonymous : 2008-03-28 23:08 ID:dXxfJtO/ [Del]

I'm not too familiar with c and I'm getting this error message when compiling trip.c:

>>warning: this decimal constant is unsigned only in ISO C90

which affects lines

>> z1=((z1&4294967294)<<18)^((((z1<<6)^z1)&UINT32_MAX)>>13);
>> z2=((z2&4294967288)<<2)^((((z2<<2)^z2)&UINT32_MAX)>>27);
>> z3=((z3&4294967280)<<7)^((((z3<<13)^z3)&UINT32_MAX)>>21);
>> z4=((z4&4294967168)<<13)^((((z4<<3)^z4)&UINT32_MAX)>>12);

Which seem to be declared by

>>static uint_fast32_t z1,z2,z3,z4;

I also get the error message

>> strcasestr undeclared

which affects the line


The regex version gets similar errors (though with more errors). The package in trippersrc compiles at least but does so with errors.

Any ideas on if I'm missing packages or something?

374 Name: Anonymous : 2008-03-28 23:28 ID:dXxfJtO/ [Del]

Specifically (on the trippersrc):

>>gcc -Os -march=pentium -mtune=generic -std=gnu99 -o 2chdict tdict.c || true


>>tdict.c: In function âmainâ:
>>tdict.c:108: warning: implicit declaration of function âfgetlnâ
>>tdict.c:108: warning: assignment makes pointer from integer without a cast
>>/tmp/cco547v3.o: In function `main':
>>tdict.c:(.text+0xc8c): undefined reference to `fgetln'
>>collect2: ld returned 1 exit status

And doesn't compile 2chdict. tripper2ch doesn't seem to work for 4chan and tripperc4 and trippershii don't seem to do anything.

375 Name: Anonymous : 2008-03-29 17:54 ID:Heaven [Del]


gcc -std=c99 -O2 -funroll-all-loops `pcre-config --cflags` `pcre-config --libs` -lcrypto -o trip trip-regex.c

or if you don't have pcre and can't install it:

gcc -std=c99 -O2 -funroll-all-loops -lcrypto -o trip trip.c

you're probably better off using trip-regex.c instead of trip.c if you can. if you have to use trip.c, you should grab it again (i just made some minor changes), and if you still get an error about strcasestr not being defined, try compiling it with -DNO_STRCASESTR.

376 Post deleted by moderator.

377 Post deleted by moderator.

378 Post deleted by moderator.

379 Name: Anonymous : 2008-04-01 20:40 ID:Heaven [Del]


It needs to use getline instead of fgetln with glibc, because I'm lazy. However, you don't need 2chdit.

380 Name: Anonymous : 2008-04-17 15:29 ID:TbsXfd8P [Del]

If others are having compile error "optind undeclared" when compiling trip-regex.c, I needed to add
#include <getopt.h>
to the list of includes in trip-regex.c to get it to compile with the command line pasted.

381 Name: Anonymous : 2008-04-18 05:21 ID:Heaven [Del]

382 Post deleted by moderator.

383 Name: Anonymous : 2008-04-22 14:58 ID:i6CkyBgv [Del]

So has anyone been able to write a really optimized one that can work with dual or quad core?

384 Name: Anonymous : 2008-04-22 15:01 ID:Heaven [Del]


Just run several processes with different random seeds-

385 Name: Anonymous : 2008-04-22 19:16 ID:Heaven [Del]

>>383 multi-core drifting?!

386 Name: ttoastt : 2008-04-24 11:58 ID:yJffkObK [Del]


387 Post deleted by user.

388 Name: Anonymous : 2008-05-08 21:20 ID:kCX0dS5u [Del]

I'm sensing that my iPhone getting 800kcps may produce rage.

389 Name: Limes : 2008-05-08 21:28 ID:kCX0dS5u [Del]

Someone should thread and compile the regex tripper for Nvidia graphics cards. I can't, my dev machine is blarg dead

390 Name: Anonymous : 2008-05-08 22:49 ID:Heaven [Del]

my phone only gets about 1/3 cps ;_;

391 Name: Anonymous : 2008-05-10 00:11 ID:qF6AvYDc [Del]


392 Name: s : 2008-05-10 00:11 ID:qF6AvYDc [Del]


393 Name: Anonymous : 2008-05-13 00:33 ID:ib8ILNq1 [Del]

>>384 is equivalent to any threaded tripper. And easier too, crypt() isn't reentrant :(

394 Name: Anonymous : 2008-05-14 12:08 ID:XdMtcm99 [Del]

Python Image Bord.

395 Name: Anonymous : 2008-05-15 00:10 ID:Heaven [Del]

i can't figure out if this is spam or if someone just posted in the wrong thread...

396 Name: Anonymous : 2008-05-15 04:05 ID:Heaven [Del]

it's really not that hard... it's still pretty pointless, but i was bored, so...

397 Name: Anonymous : 2008-05-16 10:04 ID:Heaven [Del]

Wrong thread, buddy.

398 Name: Tru!GhCcMAkscg : 2008-06-10 22:52 ID:NYvH6A8t [Del]

oh ok, thanks

399 Name: Tru!GhCcMAkscg : 2008-06-10 22:54 ID:NYvH6A8t [Del]

oh ok, thanks

400 Name: Anonymous : 2008-06-11 22:05 ID:1/W+Yyq9 [Del]


401 Name: Anonymous : 2008-06-25 01:30 ID:XcemLqhW [Del]

translatio of tripcode explorer plz

402 Name: Anonymous : 2008-06-25 01:30 ID:XcemLqhW [Del]

translation of tripcode explorer plz

403 Name: Fou-Lu!Id1gMYGA52!!emmSEMhG : 2008-06-25 12:47 ID:+0QXNKge [Del]

I assume it's possible to have a tripcode where the input is the same as the output, any examples?

404 Name: Anonymous : 2008-06-26 03:09 ID:Heaven [Del]

the input is 8 characters. the output is 10 characters.
so no, it isn't possible.

405 Name: Anonymous : 2008-07-02 11:17 ID:m1YMla0R [Del]

Not sure where to post it, I don't want to bump really old threads so I'll ask here:
at the initiative of SAoVQ, we are writing a small guide to anonymous boards on a wiki. It's not very good right now, but we've just started:

On the part about tripcodes, I talked out of my ass about choosing a good tripcode. Could someone who actually understands well the CPU cost of cracking various tripcodes help us to provide an easy rule to follow for choosing something uncrackable?

406 Name: Anonymous : 2008-07-02 17:38 ID:Heaven [Del]

>>405 tripcodes are designed to be a useful tool in establishing an identity, not a secure one. The length of the #hash is, however, a factor in how long it would take to crack.

407 Name: Anonymous : 2008-07-03 01:07 ID:Heaven [Del]

anything shorter than about 6 characters is easy to crack.
anything that's all alphanumeric is easy to crack.
by "easy to crack" i mean it'd take less than a week on my crappy slow computer.

408 Name: Anonymous : 2008-07-03 07:21 ID:Heaven [Del]

Thanks. But does that mean that realistically all tripcodes are bound to fall in a few weeks of brute-forcing, or that something like #f8&45?p3 is expensive enough to make it way too long for a troll with spare CPUs to crack?
Do you think that "8 characters with letters, numbers, and punctuation marks" is a good enough guideline to provide for a short primmer that is not primarily about this topic?

409 Name: Anonymous : 2008-07-03 16:27 ID:Heaven [Del]

>>408 That'd likely work; there's not much call for tripcode cracking. That said, make sure you at least make a note that it's not a perfect system, and whatever key they use, don't make it your password for anything else!

410 Name: !WAHa.06x36 : 2008-07-04 07:39 ID:Heaven [Del]


A note of caution: Some characters (like &<>"',) get translated into HTML entities, and can push the rest of the characters off the end of the 8-character limit. This is essentially a bug, but is implemented in Wakaba and Kareha for bug-by-bug compatibility with the original implementation.

411 Name: Anonymous : 2008-07-04 13:29 ID:Heaven [Del]

Thanks. I'll do some experiments then edit the text to do what >>409 said and provide a small pool of safe symbols to pick from.

412 Name: penis : 2008-07-20 09:42 ID:WH2z4WVn [Del]


413 Name: TeSeC : 2008-08-21 14:46 ID:15xzGyio [Del]

Hello all,

I stumbled upon this post here (id never even heard of the site here) and i must say this is one of the more interesting reads ive come across.

I was originally looking for a reverse tripcode program. from what ive read here, that seems pretty impossible, and the only thing you seem to have come up with to compensate is a brute force generator.

Most of what was said here kinda flew over my head, but what i DID get has really inspired me to want to learn all about this.

I must confess however, that the reason why i wanted to find a reverse tripcode program may be pretty obvious; i wanted to figure out someones tripcode. But this person is not just some random anon, or an undeniably annoying fellow. This person has some interesting controversy surrounding him/her.

You may or may not have heard about Oversight. If you have, you know where this is going. If you have NOT, please read this:

this person has intrigued me, and i am beginning to think that there is more to his/her riddles than is there for us to see. I have a feeling that his tripcode has something to do with the overall puzzle.

Computer programmers and true "hackers", (not crackers), are by and large, the most intelligent of society because of their strive for knowledge, and the urge to figure out as much as possible.

Because of that, and the prowess you display here, i ask you, if willing, to take a crack at this little mystery.

If nothing else, it will be a chance to stretch those detective muscles i know you all have.

Thank you for this thread, your time, and your knowledge.


P.S. if you want to find me, ask for me in #fm

P.S.S. im not even gonna bother with a tripcode here.

414 Name: Anonymous : 2008-08-22 05:48 ID:Heaven [Del]

You want to crack one of 4chan's secure tripcodes?
Good luck with that, lol.

415 Name: Anonymous : 2008-08-22 11:29 ID:id0KQHXK [Del]

Why would anyone want to fake being someone with controversy surrounding them?

LOL, go make your own controversy, it's easy enough.

416 Name: Anonymous : 2008-08-22 20:09 ID:2Q7lsFO8 [Del]

Get out.

417 Name: Anonymous : 2008-08-22 20:16 ID:id0KQHXK [Del]

See? That was easy.

418 Name: Anonymous : 2008-08-22 21:00 ID:6sHROcHF [Del]

!!Gutm29O5FPS ?

419 Name: TeSeC : 2008-08-22 22:31 ID:15xzGyio [Del]

Hi again,

I see you guys didnt really like my last post.

Well, can you at least tell me how this Oversight can have a tripcode with two exclamation points at the beginning? i tried putting one before the tripcode, but that didnt work. Really baffled about this one. Shed some light please?


420 Name: wat : 2008-08-22 22:39 ID:novS2AxK [Del]


421 Name: Anonymous : 2008-08-23 00:37 ID:C6/lmaB4 [Del]

It's a secure tripcode. Salted with 4chan's secret key.

It helps if you read the 4chan FAQ about tripcodes, you know.

422 Name: Anonymous : 2008-08-23 12:06 ID:Heaven [Del]

What a fucking fool.

423 Name: Anonymous : 2008-08-23 15:11 ID:Heaven [Del]

424 Name: moot!Ep8pui8Vw2 : 2008-08-25 11:25 ID:Heaven [Del]

Guys, tripcodes are for fags.

425 Post deleted by moderator.

426 Post deleted by moderator.

427 Post deleted by moderator.

428 Post deleted by moderator.

429 Post deleted by moderator.

430 Name: Anonymous : 2008-08-29 19:39 ID:lwafmb70 [Del]

the symbol ¼ can be used to replace ¼ if your tripcode isn't showing up properly

431 Post deleted by moderator.

432 Post deleted by moderator.

433 Name: Anonymous : 2008-09-05 03:35 ID:6ww+v34e [Del]

TripExplorer, apparently the english translation. Unfortunately, it has a password, and I have no clue what said password is.

434 Name: Sui-seiseki!uW5xQSDMck : 2008-09-08 08:43 ID:Heaven [Del]

moot, gb2/NIGGERTITS/ and fix /b/ will ya

435 Name: moot!Ep8pui8Vw2 : 2008-09-10 14:11 ID:Heaven [Del]

shut up

436 Name: Anonymous : 2008-09-15 00:13 ID:D5AdeGFw [Del]

What exactly is TripExplorer? Zip passwords aren't that hard to crack, though all 8 of my CPU cores are currently busy trying to generate a tripcode.

PROTIP: Tripper+ only uses one core. Modern computers often have 2 or more. Just run however many Tripper+'s as you have cores.

(This 8 core 2.8 GHz Mac Pro is doing about 1.3 million tripcodes a second over 8 Tripper+'s running in Wine.)

437 Name: Anonymous : 2008-09-15 01:03 ID:Heaven [Del]


438 Name: Root!tnewkRarkA : 2008-09-18 21:20 ID:soMEoD8v [Del]

I'm attempting to crack the password for TripExplorer now, will post once done.

439 Name: Anonymous : 2008-09-19 05:11 ID:Heaven [Del]

i think tripexplorer uses bitslice des, and it can use multiple cores. tripper+ uses UFC crypt(), which is pretty slow (compared to other implementations) on most modern machines.
i'm doing about 3.8 million per second on a 2.53GHz core 2 duo right now.
i could do about 1.5 million per second on my single-core 1.6 GHz laptop, so 1.3 million on an 8-core 2.8GHz machine is pretty pathetic.

440 Name: Anonymous : 2008-09-23 22:43 ID:M8OEA3MM [Del]

done yet?

441 Name: Anonymous : 2008-09-23 23:32 ID:upAgFmGo [Del]

442 Name: Anonymous : 2008-09-24 01:40 ID:YrfvNdeL [Del]

anyone got any ideas where to put anythings and which buttons to pusgh

443 Name: Anonymous : 2008-09-24 03:17 ID:Heaven [Del]

444 Name: Anonymous : 2008-09-24 03:23 ID:upAgFmGo [Del]

What do I do with this? Could it be adapted for CUDA seeing that GPUs are faster than CPUs in number crunching? Incidentally, I got this from 4chan /g/ and don't know how to build/execute/etc.

#include <stdio.h>
#include <unistd.h>
#include <crypt.h>
void strreverse(char* begin, char* end){
char aux;
aux=*end, *end--=*begin, *begin++=aux;
void itoa(int value, char* str, int base){
static char num[] = "0123456789abcdefghijklmnopqrstuvwxyz";
char* wstr=str;
int sign;
if (base<2 || base>35){ *wstr='\0'; return; }
if ((sign=value) < 0) value = -value;
do *wstr++ = num[value%base]; while(value/=base);
if(sign<0) *wstr++='-';
int main(void){
char lol[10], ha[3];
char* trip;
int x = 10000;
for(;; ++x){
itoa(x, lol, 10);
trip = crypt(lol, ha);
if(trip[3] == 'L' && trip[4] == 'O' && trip[5] == 'L'){
printf("%u: %s\n", x, trip);
return 0;

445 Name: Anonymous : 2008-09-24 06:06 ID:M8OEA3MM [Del]

446 Name: Anonymous : 2008-09-24 15:29 ID:KBn/NMma [Del]

translation is passworded...

447 Name: Anonymous : 2008-09-26 10:42 ID:KBn/NMma [Del]

also, i'm guessing that in order to get passes that don't contain japanese characters you have to tick the "ASCII blablabla" box in the options in this new version of tripcode explorer?

448 Name: Anonymous : 2008-09-27 15:29 ID:kIFG6hxQ [Del]


Was wondering about this too.

Also, are there (H) and (T) [begin with, end with] settings anywhere in Tripexplorer? I can't find them.

449 Post deleted by user.

450 Post deleted by user.

451 Name: 団子厨 : 2008-10-05 18:27 ID:OaxlIWJK [Del]

Hello, Everyone.

I don't care to distribute the translation version of
my software (Tripcode Explorer) at all. However,
I don't come praiseworthily putting the password on
the ZIP file.

Remove the password promptly, please.

“ú–{Œê‚Å‚¨kH(Japanese OK?)

452 Name: Anonymous : 2008-10-06 01:27 ID:Heaven [Del]

>>451 we didn't put the password on it, though.


453 Name: Anonymous : 2008-10-08 12:14 ID:uP8SOLAj [Del]


Sorry about the password, we do not know who put it(pX[hɂ‚Ă͐\󂠂܂񂪁AN̂Ȃ)

The only file I know of is this >>433 (̒mĂB̃t@C >>433)

That poster also does not know the password(̃|X^[ɂpX[hmĂ̂ł͂܂)

Sorry about the whole thing. Many thanks for your software.(S\󂲂܂BȂ̃\tgEFA܂Đɂ肪Ƃ܂B)

I do not know Japanese. I used Google Translate.(͓{mĂ邱Ƃ͂܂B́uGoogle TranslatevgB)

454 Name: !HjNmIzeWBc : 2008-10-26 17:03 ID:NtP32i0D [Del]


455 Name: Anonymous : 2008-10-30 22:05 ID:x6/0IzDX [Del]

If OPs program is in python, why wouldn't it work in Windows? Python is an interpreted language, after all.

456 Name: Anonymous : 2008-10-30 22:45 ID:Heaven [Del]

There is no crypt() on Windows.

458 Name: Anonymous : 2008-10-31 02:26 ID:Heaven [Del]

Ew, really? Visual Braces?

459 Name: Anonymous : 2008-10-31 02:57 ID:Heaven [Del]

> Visual Braces?


460 Name: Anonymous : 2008-10-31 12:01 ID:Heaven [Del]

That's all C# is -- Visual Basic plus braces.

461 Name: Anonymous : 2008-10-31 20:29 ID:Heaven [Del]

no, that's php.

462 Name: Anonymous : 2008-10-31 23:14 ID:Heaven [Del]

PHP is Perl and C++ haphazardly mixed together, and painted yellow and lime-green plaid.

463 Name: Anonymous : 2008-11-02 08:30 ID:Heaven [Del]

When Visual Basic is the only language you've ever used, every language looks like either "Visual Basic with [something]".

464 Name: !33ijQlIgR2 : 2008-11-02 20:59 ID:7hSOh0wx [Del]


465 Name: Eleo!EhVtXXdTd6 : 2008-11-02 21:37 ID:Heaven [Del]

Wow, what? Dude wroooooooong

466 Name: wat : 2008-11-04 21:40 ID:jdFKtK9M [Del]


467 Name: Anonymous : 2008-11-06 17:32 ID:Heaven [Del]

No, really. They're not much different at all.

The differences between C# and VB are merely social and syntactical, and current development is continually narrowing the gap between the two. They're both garbage collected, VM managed, can interoperate with OS components and load external libraries just the same, and they even compile to the same bytecode. Essentially, every language construct available in VB is also available in C#, just with different syntax (and vice versa). The only real differences are whether you want to write End If, Exit While, and Select Case, or the more terse }, break, and switch (and for the close braces, I bet if you have a bunch of } } } } together, you're probably going to comment at least one of them anyway to keep from going cross-eyed), and whether you want to be associated with code monkeys who just write CRUD apps (VB) or with bandwagon hoppers who want to try out the flavor-of-the-week (C#).

I have been programming for a number of years, and can write substantial amounts of code (i.e. not some first-year-student "hi what's your name" nonsense) in about 20 languages, including Perl, Java, Haskell, Forth, Fortran, and 6502 assembly. Thanks for playing, though.

468 Name: Anonymous : 2008-11-07 00:04 ID:b8UMsGJZ [Del]

garbage collection is for faggots

469 Name: Anonymous : 2008-11-07 00:39 ID:Heaven [Del]

Features of C# not found in Visual Basic .NET
  • Supports unsafe code blocks for improved performance at the expense of not being verifiable as "safe" by the runtime
  • Anonymous methods
  • Partial Interfaces
  • Iterators and the yield keyword
  • Multi-line comments (note that the Visual Studio IDE supports multi-line commenting for Visual Basic .NET)
  • Static classes (Classes which cannot contain any non-static members, although VB's Modules are essentially sealed static classes with additional semantics)
  • Can use checked and unchecked contexts for fine-grained control of overflow/underflow checking
  • Auto-Implemented Properties (as of .NET 3.0)

470 Name: Anonymous : 2008-11-07 14:12 ID:Heaven [Del]

Not sure why I'm feeding a troll, but...

> unsafe code blocks

Not generally necessary unless you're interfacing with legacy code, since they're unneeded unless you're dealing with old API calls, and most recommended-practices documents say to avoid them whenever possible. I see this as a minor nitpick, and typically irrelevant. Personally, I have always found manipulating pointers to be a pain in the butt in C, and I don't want them in higher level languages.

> Anonymous methods

Supported as of VS 2008.

> Iterators and the yield keyword

VB can do iterators by implementing IEnumerable. There's no keyword for it, but the code is definitely possible. (Although I do think it'd be a fantastic addition for the next version)

> checked and unchecked contexts

I think this fits under the "social" category. You can certainly get VB to ignore overflows and do your own checks if need be. In my experience, it's never been an issue.

I find it interesting that you didn't paste the three adjacent sections. Maybe it's because the "criticisms of VB.NET" section is a bit weak, and the lists of features missing from C# and criticisms of C# don't support your argument.

That, and the entire page is a bit outdated, not entirely accurate, and poorly written.

Also, as I previously stated:

> current development is continually narrowing the gap between the two.

471 Name: Anonymous : 2008-11-07 15:26 ID:Heaven [Del]

> Also, as I previously stated:
> > current development is continually narrowing the gap between the two.

yes, but features generally move from C# to VB.NET, not the other way around. VB is becoming more like C#, C# isn't "VB with braces".

472 Name: Anonymous : 2008-11-07 16:03 ID:yLShcoc0 [Del]

Well, about TripExplorer, has the password finally been found/cracked?

473 Name: Anonymous : 2008-11-07 18:27 ID:Heaven [Del]

While that may be the case, C# is (conceptually) based on C++ and Java, which are both more recent than the BASIC variants on which VB.Net is derived. Also the original BASIC dates back the 1960s and even back then, it had many high-level abstractions that C still doesn't have now (proper string support for example). I strongly suspect MS had VB in mind for a reference model when designing a large portion of C#'s featureset, too.

Regardless, I really didn't mean for my nonsensical comment to get into a drawn-out discussion about the differences between orange-flavored apples and apple-flavored oranges. Back to the topic at hand...

I have been considering some qualities that would make a tripcode decidedly more difficult to crack. In particular, using SJIS, especially in the 2nd and 3rd position of the tripcode. Since an SJIS character is (obviously) not in the range [A-Za-z0-9/], the corresponding byte of the salt will end up as ".", but as it uses the high bit, the actual byte value as far as DES is concerned is (c & 0x7f). Now, looking at the SJIS table, if we only work with halfwidth katakana, we will end up with what amounts to another representation of all numbers and uppercase ASCII letters that produces a separate salt value. (Lowercase letters correspond to double-byte characters and are a bit more complex, but the underlying principle is the same.) Considering the possibility of an SJIS character in any combination of position 2, 3, both, or neither, an SJIS tripcode is theoretically four times as difficult to crack as one using plain ASCII.

As an example, #12345678 produces the tripcode !WBRXcNtpf. -- produced by crypt("12345678", "23"). To illustrate the effect of stripping the high bit, the key #23 of course produces the same tripcode because the salt is the same and all of the high bits are stripped without any side effects. However, the key # instead produces !XlUiP8mHCU, the result of crypt("12345678", "..").

Since the high bit is simply stripped from the other six positions in the key, a tripcode searcher can conveniently ignore the possibility that the input data might be SJIS, and iterate through all ASCII characters in the range 1->127. (No SJIS character uses value 0x80, so we don't have to worry about any 0x0 bytes, and this reduces the total character set by one.) Then check if the second or third byte is in the range [A-Za-z0-9/] and substituting the first and second byte of the salt as appropriate.

One must keep in mind, though, the fact that such tripcodes are sometimes a pain to enter due to character set conversions and implementation differences, and when searching for a "safe" tripcode none of this applies. However, I would imagine using SJIS and so forth would make a tripcode much more secure, and it might be something to consider when looking for "vanity" tripcodes.

474 Name: Anonymous : 2008-11-08 11:20 ID:Heaven [Del]

i've considered adding single-byte shift-jis characters to my tripcode searcher, but decided it's not worth the effort and added code complexity unless i'm going to replace the crypt() i'm using now with bitslice des code...
there's also the fact that certain characters get expanded into html entities, while their counterparts with the 8th bit set don't.

475 Name: Anonymous : 2008-11-08 14:37 ID:Heaven [Del]

None of the characters that are expanded fall under the range of characters that wouldn't already produce a salt character of ".", and they can all be represented as characters with the high bit set with no change to the resulting crypt, so that's not a point that you really need to worry about, and really, doing those checks is just a waste of processor power.

Some equivalents:

# = 
! =
< =
> =
& =
" =
' =
, =

If your tripcode searcher checks all characters from 0x1 to 0x7f, and checks all applicable combinations for salt values, you're getting the complete range of possibilities, and with a bit of finagling, any tripcode it generates can be converted into a format acceptable for use on a board, without needing to do any complex and expensive html conversions.

476 Name: Anonymous : 2008-11-08 17:15 ID:Heaven [Del]

but '&aaaaaaa' and 'aaaaaaa' produce different tripcodes. with '&aaaaaaa', '&amp;aaa' gets passed to crypt, but 'aaaaaaa' the result is the same as if '&aaaaaaa' were passed to crypt. note that in this case it also changes the salt, in one it is 'am', and in the other it is 'aa'.

also, if you're printing to stdout, you need to convert to the appropriate character set before you print the tripcodes, which isn't necessary if you restrict it to just ascii. printing shift-jis to a utf-8 terminal is just plain broken.

477 Name: Anonymous : 2008-11-08 19:12 ID:Heaven [Del]

You're thinking too hard about the wrong things. Of course they produce different tripcodes; if you're implementing the searcher you should be able to figure out how to deal with the characters it uses. Just change your &'s to and so forth.

Second, if you search all possible characters, or even random eight-character strings, you will eventually check the plaintext &amp;aaa as well. And why worry about printing sjis and converting stuff? Just escape it and deal with it elsewhere. (i.e. after collecting the tripcodes) Figuring out how to get a tripcode key you can input into a textbox based on the data printed from a function such as this shouldn't be too difficult if you're familiar with how crypt works (which, considering you're even posting here, I would assume is the case :)

void print_key(char *k) {
while (*k) {
if (*k > 32 && *k < 127 && *k != '\\')
printf("\\x%02x", *k);

Naturally if you were making a general-purpose tripcode searcher meant for mass consumption you would want to have some kind of "real" conversion -- and definitely use some sort of GUI rather than output to the terminal in the first place, because let's face it, terminal support for non-ASCII frankly sucks. (Especially when working with multiple OSes, and with different locales... and different terminal types... ugh.)

478 Name: Anonymous : 2008-11-08 20:02 ID:Heaven [Del]

> And why worry about printing sjis and converting stuff? Just escape it and deal with it elsewhere. (i.e. after collecting the tripcodes) Figuring out how to get a tripcode key you can input into a textbox based on the data printed from a function such as this shouldn't be too difficult if you're familiar with how crypt works (which, considering you're even posting here, I would assume is the case :)

just because i know how to do it, doesn't mean i want to when i can have the computer do it for me. copying and pasting from a terminal is a lot easier than converting it myself.

> and definitely use some sort of GUI rather than output to the terminal in the first place, because let's face it, terminal support for non-ASCII frankly sucks.

terminal support for non-ascii on any modern operating system isn't too bad, and you can just disable any non-ascii stuff for windows builds.

479 Post deleted by moderator.

480 Name: !NASa.6zQf2 : 2008-11-09 16:33 ID:Heaven [Del]

> just because i know how to do it, doesn't mean i want to when i can have the computer do it for me.

Oh, I definitely agree there. But until spending the time getting a really nice implementation going, it kinda works. (I used that function to get this tripcode, incidentally.)

I would think Vista counts as a modern OS. :P (unless they finally updated the command prompt and I never heard about it?)

In any case a GUI is a much more flexible and friendly interface.
Most tripcode searchers have horrid UI. Typing big long regexes into a one-line textbox, or worse, onto the command line and having to be careful with all the special characters, is really not fun. It would be awesome to be able to have a list of "interesting" patterns, and be able to modify it on-the-fly while the searcher is running.

481 Name: Anonymous : 2008-11-09 18:10 ID:Heaven [Del]

> I would think Vista counts as a modern OS. :P (unless they finally updated the command prompt and I never heard about it?)

IMO, proper unicode support is the only thing keeping it from being a modern OS. until they update the command prompt to support unicode and add proper unicode support to the GUI, windows will not be a modern OS.

> In any case a GUI is a much more flexible and friendly interface.

but cross-platform GUIs are a lot harder to get right than cross-platform non-ascii terminal support.

> or worse, onto the command line and having to be careful with all the special characters,

putting single quotes around the regex isn't really that hard.

> It would be awesome to be able to have a list of "interesting" patterns, and be able to modify it on-the-fly while the searcher is running.

that would be awesome... perhaps put the patterns into a text file and have the searcher reread the file if it receives a certain signal...

writing a GUI wrapper to a command-line program is just as easy as putting a GUI into the program itself, and doesn't require several hundred megabytes of libraries that would otherwise not be used at all on my quad-core server when i'm just going to be sending the results back to my desktop over an SSH connection. and you could even have functionality in the GUI to control multiple instances of the command-line program over SSH.

482 Name: Anonymous : 2008-11-10 19:07 ID:Heaven [Del]

Windows doesn't have Unicode? Are you sure you're not using Win95 by accident?
I use a WinXP box to deal with both Japanese and Pashto text on a regular basis, and I have yet to come across any shortcomings aside from the command prompt. (Which I don't care about, since the GUI is developed well enough that I hardly ever need to touch it anyway.)

> putting single quotes around the regex isn't really that hard.

No, but it's annoying, and an extra step that shouldn't be necessary.

> but cross-platform GUIs are a lot harder to get right

HTML certainly isn't hard to get right cross-platform, and doesn't require a bunch of extra libraries on the server to implement a networked GUI -- just some way to serve the page to the client. You could implement the controller as a CGI script. If you want, you can add in secure connections, access control lists, etc. -- and, best of all, no ssh needed! (Doing work over a ssh connection outside my lan generally makes me want to beat myself with a hammer.)
Plus, it would be highly flexible: you could still wrap a fancy GUI around it if you were clever. It'd send POST data to the server (or if you had a multiple configuration, each server in the list) to update its search terms, and fetch new trips periodically.

(Tangentially, there are many cross-platform GUI libraries that are far lighter than "several hundred megabytes". I suspect you've mostly had experience with wxWidgets+gtk or something similar.)

Something else I have been considering the possibilities of is a Map/Reduce style-model -- it might be a good excuse for me to learn a bit about Hadoop...

483 Name: Anonymous : 2008-11-10 19:29 ID:Heaven [Del]

> Windows doesn't have Unicode? Are you sure you're not using Win95 by accident?

have you ever tried using characters outside the BMP? only a few programs handle them correctly, due to the fact that microsoft seems to think that the BMP is all there is.

> HTML certainly isn't hard to get right cross-platform, and doesn't require a bunch of extra libraries on the server to implement a networked GUI -- just some way to serve the page to the client. You could implement the controller as a CGI script. If you want, you can add in secure connections, access control lists, etc. -- and, best of all, no ssh needed! (Doing work over a ssh connection outside my lan generally makes me want to beat myself with a hammer.)
> Plus, it would be highly flexible: you could still wrap a fancy GUI around it if you were clever. It'd send POST data to the server (or if you had a multiple configuration, each server in the list) to update its search terms, and fetch new trips periodically.

so instead of using SSH, you'd try to use HTTP to do what SSH was designed to do? and why use HTML? why not just serve the results as plain text and use javascript to insert them into an HTML document? that way if you do wrap a fancy GUI around it you don't need to have HTML parsing in your GUI.

484 Name: Anonymous : 2008-11-11 14:53 ID:Heaven [Del]

You don't understand what I'm suggesting, and don't seem willing to either.
Shame, too; at first I'd thought you had some common sense.

485 Name: AN ANON!Dbf/e.KIoM : 2008-11-18 09:54 ID:Lsozkr12 [Del]

Ive been running the japeneese tripcode program for 7+ hours?

how long does it take to find a 8 character, noncase sensitive tripcode?

2.4ghz dual core, so i dont think its a power restraint slowing it down...

486 Name: Anonymous : 2008-11-18 10:33 ID:VIiWfEWA [Del]

>>485 it's a big keyspace. if you're trying to find something that long, be prepared to wait for a long time.

487 Name: AN ANON!Dbf/e.KIoM : 2008-11-18 10:45 ID:Lsozkr12 [Del]


anysort of timeframe? hopefully in hours but any estimation would be nice ( its not actually my computer so its a friends their resources, about 50% of them)

488 Name: Anonymous : 2008-11-18 16:10 ID:Heaven [Del]

it took me about two weeks to find a 7-character string on a ~1.7ghz ppc. of course that's apples and oranges, but it should give you a bit of a bearing.

489 Post deleted by moderator.

490 Post deleted by moderator.

491 Post deleted by moderator.

492 Post deleted by moderator.

493 Post deleted by moderator.

494 Post deleted by moderator.

495 Post deleted by moderator.

496 Name: Anonymous : 2008-12-01 23:34 ID:Heaven [Del]

please read the rules at the top of the page:

> This board is not for testing your tripcodes.

and you could have at least used sage.

497 Name: Anonymous : 2008-12-02 04:47 ID:QgYPtaEX [Del]

Are there any detrimental effects of having your pc run an app at %100 cpu for 2 weeks non-stop?

498 Name: Anonymous : 2008-12-02 05:33 ID:Heaven [Del]

Do explosions count as "detrimental"?

499 Name: Anonymous : 2008-12-02 17:54 ID:Heaven [Del]

not if you have good cooling.

500 Name: Anonymous : 2008-12-02 19:37 ID:Heaven [Del]

>>498 uses gentoo.

501 Name: Anonymous : 2008-12-03 19:55 ID:OdsrmScl [Del]

darn, still no password turn up

502 Name: Anonymous : 2008-12-07 15:58 ID:3c3jpx2x [Del]

By that measure, it'll take this guy 2 * 36 weeks, or a year and a half. 8-character codes just aren't going to turn up, unless you're incredibly lucky like m0hey/p0ri. Even then, his tripcode was kind of in l33tspeak and not exactly what he expected.

503 Name: !hoTarufiRE : 2008-12-07 19:53 ID:Heaven [Del]

it took me about half an hour to find this tripcode... of course that was when i was having a run of unbelievably good luck.
after i found this one i left the tripcode searcher running for about 6 hours and found !HOTaRuCUtE, too.

504 Name: Anonymous : 2008-12-08 07:21 ID:J2Ch38GQ [Del]


505 Name: !SatoriGCHQ : 2008-12-09 14:22 ID:Heaven [Del]

I found this one completely by accident when playing around with a trip searcher. Took me less than 2 hours.
Too bad it doesn't seem to work on 4chan at all; it's perfect for /prog/...

506 Name: Mohey Pori !m0hEY/p0RI : 2008-12-11 23:31 ID:Heaven [Del]

The trip came way before the whole identity of Mohey, so i wouldn't exactly say there was much planning to get a unique trip from the get-go.

507 Name: Anonymous : 2008-12-12 01:18 ID:Xg+XBnn5 [Del]


508 Name: Anonymous : 2008-12-21 20:53 ID:oS5aL9pB [Del]


509 Name: moot : 2008-12-22 12:30 ID:S7zV8jWX [Del]


510 Name: Anonymous : 2008-12-27 12:45 ID:GJ/xN8rO [Del]

Would it be conceivable to brute force every possible combination and result, and then save that as a list for future reference? Or would searching such a list take longer than brute forcing each combination again?

511 Name: Anonymous : 2008-12-27 13:17 ID:Heaven [Del]

searching the list could be pretty fast, if you store it in a format that's fairly well optimized for searching. the biggest problem i've found with this approach is that the list would take up several teraby tes of space, which i don't have.

512 Name: Anonymous : 2008-12-27 14:21 ID:GJ/xN8rO [Del]

Then perhaps a list with a dictionary of common words in different combinations, rather than every possible combination, perhaps?

513 Name: Anonymous : 2008-12-27 21:09 ID:4w5YOOHH [Del]

> the biggest problem i've found with this approach is that the list would take up several teraby tes of space,

Far more than that.

You have a 56-bit keyspace, which is 65536 teras or 64 petas, and each one of those is not a byte, but several. In addition, you would have to keep the auxillary data to mangage it.

A binary search over 64 petarecords takes only 56 divisions, so searching the table would be many orders of magnitude faster than bruteforcing.

But anyone with that amount of storage would not be using it to store tripcode tables anyway.

514 Name: Anonymous : 2008-12-28 02:36 ID:Heaven [Del]
In theory, a google search would find every tripcode listed on that site.

Also remember the keyspace is more than 56 bits. The second and third byte of the key affect the salt used if you use characters outside the range 0-127, and since the algorithm changes various other characters with htmlspecialchars and by character set translation, there are other effects of using characters with the high bit set.

515 Name: Anonymous : 2008-12-28 03:00 ID:Heaven [Del]

Hooooooooooooly shit! Those pages have got to be dynamically generated.

Also, those tables don't even allow upper+lowercase+digits in the same tripcode, or at least from what I've seen.

516 Name: llo : 2009-01-04 16:58 ID:BuMKtnCI [Del]


517 Name: Anonymous : 2009-01-04 18:43 ID:Heaven [Del]

> Also remember the keyspace is more than 56 bits.

actually it's less than that. you can't use control characters, and the & character can only be followed by certain sequences of characters.

518 Name: Anonymous : 2009-01-05 04:09 ID:Heaven [Del]

Erm, no, sorry... it's more.

If you use sjis characters in positions 2 and 3, it alters the salt value used without changing the 56-bit key. Same goes for using characters with the high bit set in other positions, and control characters as well as &"#<> etc. are still usable by setting the high bit - so long as it's still valid Shift-JIS data.

Determining the actual keyspace is fairly difficult, since sjis is a stateful encoding and what byte values are allowed is dependent on previous input data, but it's definitely more than 56 bits.

519 Name: Anonymous : 2009-01-08 19:21 ID:+ZrB+PNM [Del]

Naively storing the tripcode list is indeed far too space-consuming. There exist more efficient methods however, most notably rainbow tables. You can build them with RainbowCrack and a tripcode hash patch, courtesy of /prog/ (original code is slightly mangled by Shiichan and forgot &amp;)

520 Name: Anonymous : 2009-01-11 09:41 ID:Heaven [Del]

I wonder if the person who posted that patch was basing the implementation on >>312-314, which is also missing &amp;.

In related news, various threads suggest that 2ch doesn't seem to run htmlspecialchars -- or at least, not for some characters.
Namely, lots of the "novelty" tripcodes listed in posts like have such characters as & and ' in them. It doesn't make a ton of sense to me for someone to post these if they have to be reencoded in order to be used, considering the "fixed" tripcode could be posted just as easily and it's a fairly trivial process. So what gives?

521 Name: moot!Ep8pui8Vw2 : 2009-01-13 02:26 ID:zT9VOjho [Del]


522 Name: Anonymous : 2009-01-13 04:35 ID:Heaven [Del]

Having just dissected the 0ch source, it only substitutes "<> with entities.

523 Name: moot !Ep8pui8Vw2 : 2009-01-14 16:28 ID:u/rZCiOJ [Del]


524 Post deleted by moderator.

525 Name: LiteralKa!!UIR4DE3n : 2009-01-16 05:48 ID:Heaven [Del]

Uhhh, what?

526 Name: Anonymous : 2009-01-16 08:10 ID:Heaven [Del]

That would be Russian spammers of a highly persistent sort.

527 Name: !cNjHRekqmg : 2009-01-24 15:44 ID:GnaMg7cK [Del]


528 Name: Anonymous : 2009-01-24 15:56 ID:Heaven [Del]


  • This board is not for testing your tripcodes.

529 Name: Anonymous : 2009-01-30 02:59 ID:MQHPkAYS [Del]

Still nothing on the password for the English version of Tripper?

530 Name: Anonymous : 2009-02-01 05:46 ID:njXbZ5Xs [Del]


>>When Visual Basic is the only language you've ever used, every language looks like either "Visual Basic with [something useful]".


531 Name: Anonymous : 2009-02-01 14:48 ID:Heaven [Del]

533 Name: Anonymous : 2009-02-01 17:49 ID:Heaven [Del]

534 Name: !Ep8pui8Vw2 : 2009-02-12 16:16 ID:cNxiFXn1 [Del]


535 Name: !notRIpcOdE : 2009-02-13 01:05 ID:Heaven [Del]

536 Name: Anonymous : 2009-02-13 12:02 ID:Heaven [Del]

This board needs something like die S_READTHERULESMORON if length($comment) < 10 and $trip and !$name;

537 Name: wut : 2009-02-14 11:15 ID:K7pMvY1I [Del]

wat ?

538 Name: Anonymous : 2009-02-14 15:00 ID:Heaven [Del]


539 Post deleted by moderator.

540 Name: LiteralKa!!UIR4DE3n : 2009-02-23 05:00 ID:Heaven [Del]

Oh god yes.
And die S_ENJOYTHEBAN if name == 'heh man'

541 Name: Anonymous : 2009-02-23 06:34 ID:Heaven [Del]

die S_ENJOYTHEBAN if $comment=~/(?:kasuba|serissa)/i would be better.

542 Post deleted by moderator.

543 Name: Anonymous : 2009-02-23 10:46 ID:Heaven [Del]

Don't forget about yourself.

544 Post deleted by user.

545 Name: !Unk9Ig/2Aw : 2009-03-04 09:01 ID:jvXH7RKK [Del]

trippie code

546 Name: Anonymous : 2009-03-04 18:37 ID:Heaven [Del]


What is this, Xam'd?

547 Name: efwqr!1XhQ.sOAsU : 2009-03-05 05:53 ID:F8TdK3jF [Del]


548 Name: ereee!1XhQ.sOAsU : 2009-03-05 05:55 ID:F8TdK3jF [Del]


549 Name: Anonymous : 2009-03-05 15:13 ID:Heaven [Del]

stop spamming and read the rules, faggots

550 Name: !mSwkylaR1Y : 2009-03-21 19:57 ID:7kBNqjDY [Del]


551 Name: DAN MOTHERFUCKING !Nn1Nx9tLgU : 2009-03-21 19:58 ID:7kBNqjDY [Del]

Let's go away.

552 Name: Anonymous : 2009-03-21 20:11 ID:VHQ1r2PC [Del]


553 Name: Albright!LC/IWhc3yc : 2009-03-22 01:20 ID:zkZji0wb [Del]

Hi. Believe it or not, this is the OP. (I hope I got my tripcode right - it's been a while.)

Even though the links in my posts have been 404s for years, I'm still getting an absurd amount of traffic from them. Could a mod please do me the favor of removing those links just to stop flooding my server's logs with requests to those files? Much thanks if you can.

554 Name: !hWZXY7QMq2 : 2009-03-22 15:07 ID:uW4e2FpL [Del]


555 Name: Anonymous : 2009-03-22 15:29 ID:Heaven [Del]

you know people are going to start clicking that link just to spam your logs and annoy you now, right?

556 Name: Anonymous : 2009-03-22 17:16 ID:Heaven [Del]

!WAHa.06x36's e-mail address is on the front page. ( He is the admin.

557 Name: Anonymous : 2009-03-23 09:22 ID:Heaven [Del]

'sup Albright. What have you been working on lately?

558 Post deleted by moderator.

559 Name: Anonymous : 2009-03-24 19:31 ID:Heaven [Del]

it took me FUCKING 100 MINUTES to figure out where to click in that poorly designed WEB 2.0 bullshit to download the file.
and then i had to reload the page 5 times to get a captcha that wasn't black text on a dark blue (almost black) background.

also, your file has a lot of duplicates in it.

560 Name: Anonymous : 2009-03-26 02:24 ID:/1IHdTfm [Del]


Why not just 301 redirect the requests to a page stating this?

561 Post deleted by moderator.

562 Name: Albright!LC/IWhc3yc : 2009-03-26 19:14 ID:zkZji0wb [Del]


I'm a professional web developer now. No, really. I've done a lot of stuff with the Drupal CMS in the last two years or so and I'm really enjoying it. And I've improvedc to the point where I'd rather just forget about that thing I released a while back. No, not the tripcode decoder; the other thing. If you don't know what I'm talking about, just forget it. I hope nobody's still using it.


Okay, perhaps I'll try emailing him.


Because I suspect it's not humans who are hitting the links. There just can't be that many people who are interested in five-year-old tripcode decoders written by a Python n00b. (I haven't really used Python since, BTW.)

563 Name: Anonymous : 2009-03-26 19:34 ID:Heaven [Del]

> No, really. I've done a lot of stuff with the Drupal CMS in the last two years or so and I'm really enjoying it. And I've improved

most people wouldn't admit to switching from python to php, let alone call it an improvement.

564 Name: ProNetSurf!3sa1K7b..U : 2009-03-30 02:39 ID:RHzr6y8q [Del]

Is there anything as mature & easy to deploy as drupal that is written in python? PHP sucks but it does have its good points.

565 Name: Anonymous : 2009-03-30 05:51 ID:ahZWztAb [Del]

can't figure out how to use this stuff. is there something more noobfriendly?

566 Name: Anonymous : 2009-03-30 14:17 ID:Heaven [Del]

drupal, like the language it's written in, is basically a 10 minute hack plus years of feeping creaturism.

567 Name: Albright!LC/IWhc3yc : 2009-04-01 21:08 ID:Heaven [Del]


568 Post deleted by moderator.

569 Post deleted by moderator.

570 Name: !crEEPyh7F. : 2009-04-03 15:55 ID:1Ooh1c2D [Del]

I need to know how to get a copy of that detripper.exe. I'm on windoze, can anyone help?

571 Name: Albright!LC/IWhc3yc : 2009-04-04 22:30 ID:Heaven [Del]

Okay, I see a moderator is here deleting posts. Could same moderator delete my posts too, please? Or edit them? Do I need to offer cash or favors or something?

572 Name: !WAHa.06x36 : 2009-04-05 16:21 ID:Heaven [Del]


I don't really feel like going to the effort to dig into and edit posts, and deleting the first post in the thread would kind of ruin it. Just put in a redirect already.

573 Name: Anonymous : 2009-07-02 22:26 ID:h2y6JdW0 [Del]

I found an english language executable file, no readme of anything else:

No pass.

574 Name: Anonymous : 2009-07-09 15:40 ID:UbLYS/ud [Del]

I've made it a while ago from tripexpl with some help of and google translate. It has some non-critical bugs with menus, but at least you can understand what you're clicking. Produces >2.5 Mtrips per processor at my PC.

575 Post deleted by moderator.

576 Name: Anonymous : 2009-07-23 18:06 ID:Heaven [Del]


  • This board is not for testing your tripcodes.

577 Name: Anonymous : 2009-08-04 09:32 ID:9QSHR5Ao [Del]

how do i use this

578 Post deleted by moderator.

579 Post deleted by moderator.

580 Name: Anonymous : 2009-08-29 12:20 ID:Heaven [Del]

581 Post deleted by moderator.

582 Post deleted by moderator.

583 Post deleted by moderator.

584 Post deleted by moderator.

585 Post deleted by moderator.

586 Name: Anonymous : 2009-10-29 11:41 ID:Heaven [Del]

I can't wait until this thread closes.

587 Post deleted by moderator.

588 Post deleted by moderator.

589 Post deleted by moderator.

590 Name: Anonymous : 2009-11-23 17:27 ID:vst0gFHA [Del]

Is it just me or do all the trips this creates come out as something other than what they purport to be?

591 Post deleted by moderator.

592 Post deleted by moderator.

593 Post deleted by moderator.

594 Post deleted by moderator.

595 Post deleted by moderator.

596 Post deleted by moderator.

597 Post deleted by moderator.

598 Post deleted by moderator.

599 Post deleted by moderator.

600 Post deleted by moderator.

601 Name: Anonymous : 2009-12-30 12:59 ID:8zIJ13fY [Del]


602 Name: Anonymous : 2010-01-08 16:07 ID:IV/U9Dd7 [Del]


603 Name: Anonymous : 2010-02-01 05:05 ID:P22jvxMC [Del]


Why exactly do you have that as a non-capturing group?

604 Name: Anonymous : 2010-02-03 10:01 ID:Heaven [Del]

Why, do you want to capture it?

605 Name: Anonymous : 2010-02-04 09:38 ID:mME9+6kJ [Del]

can someone tl;dr this thread for me?
I just want to make a secure tripcode with words in it, I've been attempting to use >>
but it doesn't seem to be working.


606 Name: Anonymous : 2010-02-06 02:00 ID:P22jvxMC [Del]


Just makes no difference in a die condition and adds to verbosity. KISS, lel.

607 Name: Anonymous : 2010-02-06 08:03 ID:Heaven [Del]

You need to install Cygwin first.

608 Name: HUHUH : 2010-02-07 02:43 ID:kCbOvcIy [Del]


609 Name: jon : 2010-02-09 17:23 ID:JEEZEAvO [Del]


610 Name: Anonymous : 2010-02-10 20:56 ID:DO1PpYdJ [Del]


Check the definition of "secure" again.

611 Name: Anonymous : 2010-02-22 06:20 ID:Q4RDdMju [Del]

Reading this thread is like nostalgia to me. More than 5 years ago, commodity PCs could barely get 1 million trips per second. Now the average i7 can manage over 10M, and GPGPU solutions like MTY exceed 100MT/s. There's rumor of a CUDA version getting close to 1GT/s too. How far we've come...

612 Name: !0E8Vy7WVXY : 2010-03-09 04:57 ID:AsnO7m7d [Del]


613 Name: dudebro : 2010-03-28 11:24 ID:JuG16mGl [Del]

/* 4tripper -- brute-force searching for simple crypt() tripcodes,
* as used by the futallaby-based image boards (i.e:
* --
* Compile:
* gcc -O3 -o tripper 4tripper.c -lssl # Most Linux
* gcc -O3 -o tripper 4tripper.c -ldes # NetBSD
* gcc -O3 -o tripper 4tripper.c ../mumble/libdes.a # Mine
* gcc -O3 -fast -mcpu=7450 -o 4tripper 4tripper.c -lcrypto -lssl # OSX on a G4
* --
* Usage:
* ./tripper | grep -i monkey
* --
* Copyright 2004 Chris Baird,, <>
* Licenced as per the GNU Public Licence Version 2.
* Released: 2004/12/22. Your CPU heatsink /is/ working, right?
* --
* Accept arguments for the key to resume/finish searching from (for
* simple load distribution)

#include <stdio.h>
#include <unistd.h>
#include <stdlib.h>

/* Not quite the fastest DES library around, but still reasonable, and
* most free Unixen should have it available. (Works for at least NetBSD
* and Debian GNU/Linux (after "apt-get install libssl-dev")
#include <openssl/des.h>

/* How I call a special DES library.. It has to supply a des_fcrypt() as
* declared below.
* #include "../libqwikdes/des.h"

/* gotta ask for a robust way to tell the difference between the two..
# define our_fcrypt des_fcrypt /* NetBSD, Linux... */
# define our_fcrypt DES_fcrypt /* Gentoo, OSX... */

extern char *our_fcrypt(const char *buf,const char *salt, char *ret);

int main()
#define BUFSIZE 8192
int quit=0, i, counts[8], bp;
char c, buffer[BUFSIZE+32], result[14], salt[3], word[9];
/* I haven't throughly checked whether all these characters are valid
* in a tripcode as yet. */
char table[]="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"

  "0123456789 .!:#/`()_$[]+*{-";

bp = 0;
salt[2] = 0;
for (i=0; i<8; i++)

counts[i] = -1;
word[i] = 0;

counts[0] = 0;
word[0] = table[0];

while (!quit)

salt[0] = word[1];
salt[1] = word[2];
  our_fcrypt (word, salt, result);
  for (i = 0; (word[i] != 0) && (i < 8); i++)
buffer[bp++] = word[i];
buffer[bp++] = ' ';
  for (i = 3; i < 13; i++)
buffer[bp++] = result[i];
buffer[bp++] = '\n';
  if ((bp > BUFSIZE))
write (1, buffer, bp);
bp = 0;
  i = 0;
c = table[counts[i]];
word[i] = c;
  if (c == 0)
counts[i] = 0;
word[i] = table[0];
if (i < 8)
goto check;
quit = 1;

return 0;

614 Name: Anonymous : 2010-03-28 11:25 ID:JuG16mGl [Del]


615 Name: Anonymous : 2010-04-04 20:19 ID:DO1PpYdJ [Del]


This program is incorrect, it doesn't call htmlspecialchars.

616 Name: Anonymous : 2010-04-05 03:54 ID:Heaven [Del]

Of course not. Constantly tripping over a bunch of dumb string transforms is a great way to make a searcher much much slower. And notice that the character set it searches isn't even affected by that, so it's a moot point regardless.

Also, note that not every tripcode implementation does the same combination of dumb things.

617 Name: Anonymous : 2010-04-16 01:06 ID:DO1PpYdJ [Del]


> Constantly tripping over a bunch of dumb string transforms is a great way to make a searcher much much slower.

The amount of time spent generating the string vs hashing is completely insignificant no matter how much time is spent on it.

> Also, note that not every tripcode implementation does the same combination of dumb things.

Yes they do. Otherwise they're wrong. No point in a tripcode that doesn't match 2ch.

618 Name: Anonymous : 2010-04-16 09:44 ID:Heaven [Del]

No, sorry, you're wrong on both counts. Learn more.

619 Name: Anonymous : 2010-04-16 16:09 ID:Heaven [Del]

> Constantly tripping over a bunch of dumb string transforms is a great way to make a searcher much much slower.

Another great way: Print every single tripcode to stdout.

620 Post deleted by user.

621 Name: Anonymous : 2010-04-16 17:47 ID:Heaven [Del]

Hahahwhat the hell?

I didn't bother actually looking at that code, as I have seen more than enough tripcode searchers before.

Wow that's pretty idiotic.

622 Name: Anonymous : 2010-04-16 23:52 ID:Heaven [Del]

well, unless you use multiple threads or processes, that can be faster on a lot of systems than checking the tripcodes in the searcher.

623 Name: Anonymous : 2010-04-17 06:42 ID:Heaven [Del]

No it can't.

624 Name: Anonymous : 2010-04-18 20:29 ID:iJPSJb04 [Del]

Fyi, trip explorer is not the fastest anymore (though it does offer a gui)

MTY for ATI is multithreaded (like trip explorer) AND uses ATI stream compatible graphics cards.

Intel Core 2 Quad Q8200 @ 3Ghz is doing 13.8Mtrips/s, while the ATI 4850 is doing 63.75Mtrips/s

I'm currently trying a case sensitive seven character trip. I'll report back with the time it takes.

625 Name: Anonymous : 2010-04-19 06:04 ID:Heaven [Del]

if you just output all tripcodes, you can generate tripcodes on one core and grep on another, instead of doing both on one core.

626 Post deleted by user.

627 Name: Anonymous : 2010-04-19 13:37 ID:3wZpcjIW [Del]


It won't be faster. It's more expensive to fill the queue between threads with generated tripcodes than it is to just filter them in the first place.

628 Name: Anonymous : 2010-04-20 03:05 ID:Heaven [Del]

of course it's more expensive, but is it twice as expensive? you do get almost twice as much processing power that way...
but obviously the real solution is to filter them in the first place and do that in multiple threads or processes.

629 Name: Anonymous : 2010-04-20 10:42 ID:LSGJeuxM [Del]

> of course it's more expensive, but is it twice as expensive? you do get almost twice as much processing power that way...

You don't use all of it, because the tasks are unequal (one is faster)c

> but obviously the real solution is to filter them in the first place and do that in multiple threads or processes.

cwhich is why you can should that, yes. OpenCL looks pretty convenient for this, it seems like it can be made to run well even without having to write bitslice algorithms.

630 Name: Anonymous : 2010-04-24 14:44 ID:yHeNRLW7 [Del]


631 Post deleted by moderator.

632 Post deleted by moderator.

633 Post deleted by moderator.

634 Post deleted by moderator.

635 Name: Anonymous : 2010-04-29 14:32 ID:SvcvWsyz [Del]

That doesn't work, as you need the des library that it's trying to include. It just gives you compile errors.

636 Post deleted by moderator.

637 Post deleted by moderator.

638 Name: Nigger : 2010-05-04 04:28 ID:ZWvHbZXI [Del]

He stole it.

639 Post deleted by moderator.

640 Post deleted by moderator.

641 Post deleted by moderator.

642 Post deleted by moderator.

643 Post deleted by moderator.

644 Post deleted by moderator.

645 Post deleted by moderator.

646 Post deleted by moderator.

647 Post deleted by user.

648 Name: Anonymous : 2010-06-11 11:13 ID:Heaven [Del]

> This board is not for testing your tripcodes.

649 Name: Kyon : 2010-06-27 08:30 ID:i9RK+Sa/ [Del]


650 Name: name!3GqYIJ3Obs : 2010-07-01 22:55 ID:E+5JLPQt [Del]


651 Name: mash!3GqYIJ3Obs : 2010-07-01 22:56 ID:E+5JLPQt [Del]

last testing@2

652 Name: 123 : 2010-07-15 18:32 ID:EzXyFj01 [Del]


653 Name: Anonymous : 2010-07-16 02:06 ID:E+n7nLpJ [Del]


654 Name: Anonymous : 2010-07-16 02:06 ID:E+n7nLpJ [Del]


655 Name: Anonymous : 2010-07-16 21:15 ID:Heaven [Del]

wtf is this shit? incompetent spammers?

656 Name: Anonymous : 2010-07-17 10:21 ID:Heaven [Del]

You missed >>630-634,636-646,650-651.

For some reason this thread's become a retard magnet.

657 Name: Anonymous : 2010-07-25 21:56 ID:Heaven [Del]

i think i just heard that someone wanted me to post ITT

658 Name: nigger : 2010-08-04 08:58 ID:qauB8Dlr [Del]


659 Name: Tinytrip : 2010-08-13 16:14 ID:CcEDFUrT [Del]


660 Post deleted by moderator.

661 Name: Anonymous : 2010-09-06 23:29 ID:EsEH8t+y [Del]

Lots of minor cleanup changes just because I don't like my old code, no actual feature changes. forking (or rewriting it to be reentrant and threadingc) is the obvious next step, that and being able to search SJIS strings.

662 Name: ¡Duskul : 2010-09-28 01:01 ID:J4m2vH60 [Del]


663 Post deleted by moderator.

664 Post deleted by moderator.

665 Post deleted by moderator.

666 Post deleted by moderator.

667 Post deleted by moderator.

668 Post deleted by moderator.

669 Post deleted by moderator.

670 Name: Anonymous : 2010-10-13 19:19 ID:qM0fEJOg [Del]


671 Name: !v0wxbNxyx2 : 2010-12-19 02:48 ID:2F3BWXrW [Del]


672 Post deleted by user.

673 Name: dfgdf : 2011-02-06 21:42 ID:ilDDsGfl [Del]


674 Name: Anonymous : 2011-02-07 05:04 ID:Heaven [Del]

can we just get a permasage on this thread?

675 Name: Anonymous : 2011-02-09 14:42 ID:Heaven [Del]

I support this permasage request.

676 Name: boxxy : 2011-02-13 02:00 ID:YYdUx9lN [Del]


677 Name: Anonymous : 2011-02-19 17:50 ID:LeuMukdt [Del]


678 Name: LLLOLOLOLOL : 2011-02-22 11:41 ID:Heaven [Del]


679 Name: !!Fa0nReM3 : 2011-03-07 17:01 ID:2rNBPDx3 [Del]

'll even pretend to believe that you don't like furry for the ENTIRE thread

680 Post deleted by moderator.

681 Name: Poiriering : 2011-03-15 05:18 ID:GiRuzfcD [Del]

Hanstanding ?! Oh Yeahhh

682 Name: purjopore : 2011-03-17 06:53 ID:kWRXTaNn [Del]


683 Name: Anonymous : 2011-03-18 09:14 ID:Q9DaeSkA [Del]


684 Name: jew : 2011-04-09 04:06 ID:XP0IBcw5 [Del]


685 Name: Anonymous : 2011-04-10 19:46 ID:Heaven [Del]

are people really that stupid, or is there some sort of broken spambot making posts like that everywhere there's any thread with "tripcode" in the title?

686 Name: 4n4iEK.V5A : 2011-04-27 08:31 ID:XpQmNQEC [Del]


687 Post deleted by moderator.

688 Post deleted by moderator.

689 Post deleted by moderator.

690 Post deleted by moderator.

691 Post deleted by moderator.

692 Post deleted by moderator.

693 Post deleted by moderator.

694 Post deleted by moderator.

695 Post deleted by moderator.

696 Post deleted by moderator.

This thread has been closed. You cannot post in this thread any longer.