Tripcode decoder (696)

1 Name: Albright!LC/IWhc3yc 2004-11-15 08:25 ID:UYlEBzaw [Del]

I've been tinkering with Python all day today... it's pretty slick. Just for practice, I tried to cobble together a tripcode decoder that would let you have "real" words in your tripcode as !WAHa and Sling and others do, and it actually came out better than I thought it would be. I'm aware there's already a program that does this, but if memory serves me, it's Windows-only and in Japanese besides. My script is kind of dumb in the way it goes about things -- it basically just tears through random strings until it finds one that fits -- but I've tested it repeatedly and it seems to work. If you'd like to check it out, nab it here:
http://www.anre.org/crap/detripper.bz2

Of course, you may need to modify the hashbang line depending on where Python is on your machine, and don't forget those execute bits, people... Use "-h" for help.

First person to ask how to get this to run on Windows gets pointed and laughed at.

2 Name: Albright!LC/IWhc3yc 2004-11-15 08:26 ID:UYlEBzaw [Del]

If you just want to read the code without downloading and unpacking the file...
http://www.anre.org/crap/detripper

3 Name: Anonymous 2004-11-15 09:50 ID:bBA8/LRA [Del]

thanks!

4 Name: !WAHa.06x36 2004-11-15 14:22 ID:lrsPgM4g [Del]

What you live or die by when doing this is the speed of your crypt() implementation. The default ones are often horribly slow. If you're only doing 4000 crypts per second, you'll have to wait a long time for those codes. Tripper+ uses the UFC crypt() implementation, and it pushes about 64000 crypts per second per gigahertz on an Athlon processor. I've used some assembly-optimized crypt() code from John the Ripper to get up to 110000 crypts per second per gigahertz.

I don't know how hard it is to interface those from Python, though. I see there's a Perl wrapper for the UFC code, so maybe somebody made one for Python, too.

5 Post deleted by moderator.

6 Post deleted by user.

7 Post deleted by user.

8 Post deleted by user.

9 Name: !WAHa.06x36 2004-11-15 20:35 ID:VCAzDJaA [Del]

The author of >>5 is DQN.

10 Name: Albright!LC/IWhc3yc 2004-11-15 21:04 ID:NCk61rhw [Del]

>>4: Hmm... Can't seem to find anything that ties Py and UFC together. I'll keep looking into it, although, to tell the truth, I don't care that much. :P Again, this was just coding practice.

>hunter.apana.org.au/~cjb/Code/4tripper.c

...gives a syntax error when I try to compile it, both on Darwin and Ubuntu (Debian). Don't know enough about C to try to fix it...

11 Post deleted by user.

12 Name: Anonymous 2004-11-15 22:20 ID:Heaven [Del]

13 Name: Anonymous 2004-11-15 22:21 ID:Heaven [Del]

14 Name: !WAHa.06x36 2004-11-16 00:51 ID:VCAzDJaA [Del]

Man, this thread got hit hard by 100webspace's strange hiccups today.

15 Name: hotaru!hoTarufiRE!!YMy/5ZNE 2004-11-18 08:20 ID:z6ktBO9Q [Del]

>First person to ask how to get this to run on Windows gets pointed and laughed at.

lol cygwin wins it
but i think i'll stick to using my perl script since it's much faster (my perl script found 4 tripcodes matching 'abc' in about 2 seconds, while your python script took about 11 seconds to find one and then about 26 seconds to find another one... and about 107 seconds for the third one...

16 Name: !WAHa.06x36 2004-11-18 14:17 ID:FDWJfqSg [Del]

Are you using the UFC wrapper for that?

17 Name: hotaru!hoTarufiRE!!YMy/5ZNE 2004-11-18 15:55 ID:aD28FbYw [Del]

>>16
i wasn't, but then i saw your post and decided to try it... now it works much faster...
http://hotaru.freelinuxhost.com/wu/src/trip.bz2 (with ufc wrapper)
http://hotaru.freelinuxhost.com/wu/src/trip.noufc.bz2 (without ufc wrapper)

18 Name: Albright!LC/IWhc3yc 2004-11-18 17:25 ID:wzZMPgsQ [Del]

Last login: Wed Nov 17 23:34:30 on ttyp1
Welcome to Darwin!
Twelve:~ Albright$ bunzip2 /Users/Albright/Desktop/trip.bz2
bunzip2: /Users/Albright/Desktop/trip.bz2 is not a bzip2 file.
Twelve:~ Albright$

19 Name: Albright!LC/IWhc3yc 2004-11-18 17:26 ID:wzZMPgsQ [Del]

By the way, again, I'm not trying to attest my script is anything near teh fast, but could you get faster results with it if you ran it with the Windows port of Python natively instead of using Cygwin?

20 Name: !WAHa.06x36 2004-11-18 17:40 ID:LiL7AG0A [Del]

Cygwin is just a POSIX implementation for Windows, so it doesn't really give any significant performance hit.

21 Name: hotaru!hoTarufiRE!!YMy/5ZNE 2004-11-18 18:23 ID:zKAUYgGg [Del]

>>18
looks like the server is giving incorrect content-length headers again...
these should work:
http://hotaru.freelinuxhost.com/wu/src/trip
http://hotaru.freelinuxhost.com/wu/src/trip.noufc

22 Name: hk0gcgdz 2004-11-19 08:06 ID:8278XI9g [Del]

Some ideas:

1) Allow '1337' substitution (o == O == 0, 5 == s == S, |=l=1 etc.)
2) Force unmatched characters to be alpha, alphanum, num, etc.
3) Match anywhere (not just beginning)

So you end up building a regex from the command line parameters, then compile it, then use it to pick out matches.

Or maybe you should just add a "user-supplied regex" command line option. XD

23 Name: hk0gcgdz 2004-11-19 08:25 ID:hmO9hZ3g [Del]

Some ideas:

1) Allow '1337' substitution (o == O == 0, 5 == s == S, |=l=1 etc.)
2) Force unmatched characters to be alpha, alphanum, num, etc.
3) Match anywhere (not just beginning)

So you end up building a regex from the command line parameters, then compile it, then use it to pick out matches.

Or maybe you should just add a "user-supplied regex" command line option. XD

24 Name: Albright!LC/IWhc3yc 2004-11-19 09:27 ID:wzZMPgsQ [Del]

>Or maybe you should just add a "user-supplied regex" command line option. XD

Are you talking to me, or hotaru? Hotaru's script does seem to support this. However, I haven't been able to test it, as I can't get the feckin' Crypt::Passwd module to install on my machine... seems to fail at the "make test" step. :(

I hate Perl. I really do. Do all you Perl folk also start your cars by turning a big crank in front of the engine? Bah...

25 Name: ZMatt!Yog9oDD6VU 2004-11-19 12:08 ID:EjUWeF0A [Del]

Where's a link to an internet-based tripcode whatever thing? I want a cooler tripcode and can't be arsed installing Python (mainly because it hasn't finished downloading yet :/ ).

26 Name: Anonymous 2004-11-19 15:40 ID:Heaven [Del]

27 Name: Anonymous 2004-11-19 15:42 ID:Heaven [Del]

>>26 is not "internet-based", by the way, but it's a program you can run on your windows machine without any problems. It's in Japanese, but you do not have to know the language to play with it a little. After that you will understand how it works on your own pretty quickly.

28 Name: hotaru!hoTarufiRE!!YMy/5ZNE 2004-11-20 09:48 ID:BuL5HaKg [Del]

i have a web-based script... http://hotaru.freelinuxhost.com/webtrip.txt
you'll have to find your own web server to run it on, tho

29 Name: Albright!LC/IWhc3yc 2004-11-20 13:49 ID:5eGaTGcA [Del]

hotaru: I'm noticing that your script always tries strings that are exactly eight characters long. (Mine randomly builds strings between three and twelve characters long.) Was there any particular reason you chose eight? Have you ever come across a tripcode you tried to generate, but you couldn't find any string of exactly eight characters that would work?

30 Name: !WAHa.06x36 2004-11-20 15:28 ID:30ViAF5A [Del]

If you're building strings of random lengths like that, you're going to test the same three-character codes a lot of times if you let it run for any length of time. Usually it's better to pick a fixed length. The length to pick depends on how specific a result you are looking for. A good rule of thumb is to use one or two characters more than the string length you are searching for. If you are using any more complex conditions for your search, it gets trickier, and you might need to either go through the combinatorial maths to figure out an optimal length, or just pick a sufficiently long one.

31 Name: Anonymous 2004-11-20 19:02 ID:Heaven [Del]

32 Name: Albright!LC/IWhc3yc 2004-11-20 21:26 ID:p1v3LWlA [Del]

That code seems to require this code... http://astrange.ithinksw.net/tools/crypt.c

Even still, I kept getting errors about "error: `for' loop initial declaration used outside C99 mode". I had to tweak the code a bit...
http://www.anre.org/crap/tripper.c

But after all that, it worked... though I don't like how it counts matches in the middle or end of the hash (instead of the beginning) as a match. Thanks, anonymous... Why did you sage for that?

33 Name: Albright!LC/IWhc3yc 2004-11-20 21:33 ID:p1v3LWlA [Del]

Hmm... Also, it seems to have a glitch where, when the string it's testing begins with a single quote ', all of the output hashes are the same... When searching for "dog"...

#'3/  !I5SZO7dog6
#'3/" !I5SZO7dog6
#'3/$ !I5SZO7dog6
#'3/% !I5SZO7dog6

...etc...

#'=!  !4e7lRoFDog
#'=!" !4e7lRoFDog
#'=!$ !4e7lRoFDog
#'\I  !tVdOGttIJU
#'\I" !tVdOGttIJU
#'\I$ !tVdOGttIJU

and so on... I don't think ' is a valid character for tripcodes anyway, is it?

34 Name: hotaru!hoTarufiRE!!YMy/5ZNE 2004-11-21 10:07 ID:yo3Qunkg [Del]

>>29
>>30
also, the standard unix crypt() only uses the first 8 characters of whatever string you use... so anything after the first 8 characters doesn't matter...

35 Name: hotaru!hoTarufiRE!!YMy/5ZNE 2004-11-22 09:47 ID:OD8rTulA [Del]

>>33
http://hotaru.freelinuxhost.com/trip.htm?'3/$
http://hotaru.freelinuxhost.com/trip.htm?'3/%
i'm pretty sure ' is a valid character for tripcodes... any character in the range ' ' to '~' except '#' and '!' should be valid... i'm not sure about characters lower than ' ' or higher than '~', tho...
i have a new version of my perl script now... it's at http://hotaru.freelinuxhost.com/trip.txt
quite a bit smaller and a little faster than before...

36 Name: ZMatt!Yog9oDD6VU!!aRZgdgyL 2004-11-23 08:50 ID:05cSsZAw [Del]

I have the coolest tripcode ever, now ;D

37 Name: Mr VacBob!JqK7T7zan. 2004-11-27 06:59 ID:+gwvpPCg [Del]

Someone using my software? Amazing!

>>33
This is a side-effect of a basic design flaw in tripcodes:

  1. Since they use UNIX DES hashing via crypt(), only the first eight characters of input are counted.
  2. Tripcode inputs are run through htmlspecialchars(). This turns ' into ". Being six characters long, this doesn't leave much more room. My code isn't smart enough to detect this and happily goes through all the combinations.

>>35
I've seen inputs for gimmick tripcodes on 2ch that used higher ASCII and ShiftJIS. I think any input is acceptable as long as you can send it in an HTML form and it doesn't trigger secure mode on Shiichan or Kareha.

38 Name: Mr VacBob!JqK7T7zan. 2004-11-27 07:00 ID:+gwvpPCg [Del]

Oh, yes, and compile with '-std=c99' to enable ISO C99 mode and have it actually work.

39 Name: ZMatt!Yog9oDD6VU!!eSzG9Jlz 2004-11-27 07:30 ID:E0KrmnyA [Del]

I used tripper+, that japanese one.

40 Name: ZMatt!Yog9oDD6VU!!eSzG9Jlz 2004-11-27 07:32 ID:E0KrmnyA [Del]

Doesn't seem to work. Bah

41 Name: Anonymous 2004-11-27 14:24 ID:Heaven [Del]

>>40
Secure tripcodes are generated differently, the whole point of them is to not be able to be brute-forced like that. Use a normal tripcode if you want a novelty one.

42 Name: Mr VacBob!JqK7T7zan. 2004-11-27 17:08 ID:Heaven [Del]

Technically, the whole point of them is to not be able to be brute-forced by other than the site owner. I could brute-force on haibane.info (lol), WAHa could do it here, WTSnacks or Lucid could on 4chan, etc.

43 Name: !WAHa.06x36 2004-11-28 00:16 ID:Heaven [Del]

As a matter of fact, I did brute-force myself a secure tripcode on iichan.

44 Name: !WAHa.06x36 2004-11-28 00:19 ID:hcX7lmwA [Del]

>>37

Incidentially, I process tripcodes before I do the (perl equivalent of) htmlspecialchars(). I must admit that I've forgotten what futaba does (which is the one I've copied), and I've never seen the original 2ch source.

45 Name: Mr VacBob!JqK7T7zan. 2004-11-28 02:14 ID:mtFHSA2A [Del]

I didn't check Futallaby, but Shiichan and 2ch itself do htmlspecialchars first. You can try it yourself by posting on 2ch (the English boards or News4VIP probably wouldn't notice) as #> or something along those lines.

46 Name: !WAHa.06x36 2004-11-28 03:26 ID:EB1/zP0g [Del]

Maybe I should change that, then.

Incidentially, you don't happen to have any idea where to get the 2ch source code?

47 Name: Mr VacBob!WOpA5qkXmk 2004-11-28 03:45 ID:mtFHSA2A [Del]

I have no idea; I just verified by posting.

(Also, this would be a novelty tripcode "!FLYEt.NIEA" if htmlspecialchars() was run)

48 Name: Anonymous 2004-11-28 10:06 ID:Heaven [Del]

>>46

Email RIR6?

49 Name: ZMatt!qj8VmbO0Bs 2004-11-30 07:47 ID:TGMLJ1pA [Del]

>>41
I guess I gotta change my normal tripcode then.

50 Name: hotaru!hoTarufiRE!!YMy/5ZNE 2004-12-01 07:25 ID:ylf1peNw [Del]

i just finished this...
http://hotaru.freelinuxhost.com/trip.zip

it's the first program i've ever written in c... the .exe requires cygwin1.dll to run...

51 Name: Mr VacBob!JqK7T7zan.!!GoZhDTQ8 2004-12-01 08:08 ID:CxFPwK7g [Del]

I think the best way to go about this would be to follow RainbowCrack's example... generate every possible tripcode and store it in a database, and then search it. Since you know that 2ch-style tripcodes have to be eight characters or less, you can check every possibility.

I haven't checked how much disk space or CPU time that would take, though.

52 Name: !WAHa.06x36 2004-12-01 14:52 ID:BTFJoCjQ [Del]

Using just A-Z, a-z, 0-9 and two more to pad out to 64 characters means (2^6)^8 = 2^48 tripcodes. Each one needs 12 bytes of storage if you sort them listed by hash (6 bytes if you keep them listed by password, but that makes for really slow searches), so 3072 terabytes. Using only lowercase a-z takes 2.3 terabytes, or a little bit less if you encode your data a bit more cleverly.

53 Name: Mr VacBob!JqK7T7zan.!!GoZhDTQ8 2004-12-02 18:59 ID:9RsflJ5w [Del]

I think I'll just stick to brute-force, then. Maybe steal a faster crypt() from Jack The Ripper.

54 Name: hotaru!hoTarufiRE!!YMy/5ZNE 2004-12-03 06:35 ID:sisHlcZQ [Del]

>>51
interesting idea...
i now have a list of all tripcodes 0-4 characters in length...
one file for each length... the one with the 4 character tripcodes took a little over an hour to generate on my 733mhz pentium 3 machine (using a perl script), and it takes about 5 minutes to grep the whole file...

55 Name: Albright!LC/IWhc3yc 2004-12-03 07:57 ID:Pk0J1OZw [Del]

I have a list of all tripcodes 0 characters in length too. I'll post it below:

How big is that four character file? Just curious.

56 Name: hotaru!hoTarufiRE!!YMy/5ZNE 2004-12-03 08:18 ID:sisHlcZQ [Del]

the file of 0 character tripcodes has jPpg5.obl5 (the tripcode you get if you put # with nothing after it in the name field) in it...
the 4 character file is 1.16gb... 675mb when compressed with bzip2...
it probably could be a bit smaller if i listed them in a better format than hash = password

57 Name: !WAHa.06x36 2004-12-03 15:05 ID:P5q07b3w [Del]

Incidentially, the 0-character tripcode is wrong in Wakaba and Kareha - it doesn't match the futaba one (haven't checked 2ch, though). The next release will update the tripcode code to fix this.

58 Name: Albright!LC/IWhc3yc 2004-12-04 04:05 ID:0Z811dIQ [Del]

>>56: Oh, that's right... the script appends characters (".H" or something) to the end of codes before it hashes 'em... so a blank trip is never truly blank... My bad.

59 Name: !WAHa.06x36 2004-12-04 14:49 ID:qOOXfxEw [Del]

>>58

The funny thing is, the algorithm appends two characters ("H."), but then uses the second and third characters, thus making a zero-character tripcode technically invalid. Of course, it does generate SOMETHING anyway, and it appears this differs between languages due to different handling of strings, no doubt. Appending "H.." instead seems to get the same behaviour as the futaba script, at least.

60 Name: Mr VacBob!JqK7T7zan.!!GoZhDTQ8 2004-12-04 22:25 ID:jzuk7SQA [Del]

It appends "H." to the salt, which is different behavior than doing it to the actual hash. Look at tripcode_2ch() in tripper.c; as far as I know, I get it right.

61 Name: hotaru!hoTarufiRE!!YMy/5ZNE 2004-12-05 10:28 ID:IUq7v1kQ [Del]

hmm... crypt("",".") in perl and crypt . "" both return "..Qfnkquv7jY2" (same as using ".\0" as the salt), unix_std_crypt("",".") (ufc crypt in perl) returns "..X8NBuQ4l6uQ" (same as using ".." for the salt), and openssl passwd -salt . "" returns ".AmEwFrvDWaHo" (same as using ".A" for the salt)...

62 Name: !WAHa.06x36 2004-12-05 15:34 ID:m+tr9DUA [Del]

"..X8NBuQ4l6uQ" is what Futaba uses. I just checked 2ch, and they don't allow 0-character trips. I changed the salt postfix string in the development versions of Wakaba and Kareha to "H.." to match the Futaba generator.

63 Name: Mr VacBob!JqK7T7zan.!!GoZhDTQ8 2004-12-06 06:41 ID:Heaven [Del]

I just rewrote Shiichan's tripcoding algorithm after realizing what was so good about the name#trip#securetrip setup. I couldn't get zero-character tripcodes to work (mostly because I don't understand regexes well enough), so I've just banned them from use.

64 Name: !XBAKaQNcx2 2004-12-12 01:05 ID:iAgUVe+p [Del]

Can anyone shed a light on the differences between tripper and tripper+, or what the C, R, H and T checkboxes or second input box do?

65 Name: Anonymous 2004-12-12 14:05 ID:Heaven [Del]

>>64

I think C forces the tripcode you want to be case-sensitive
and H forces the expression you want to appear in it to be
at the beginning of the tripcode.

66 Name: !MUSu.23y56 2004-12-12 22:01 ID:RTCsqMi7 [Del]

lol tripcodes

67 Name: Mr VacBob!YK1JwahaGE!!47oS1MzU 2004-12-12 23:12 ID:Heaven [Del]

lol

68 Name: Mr VacBob!JqK7T7zan.!!47oS1MzU 2004-12-12 23:13 ID:Heaven [Del]

That would've worked better if everyone's secure trip hadn't just changed.

69 Post deleted by moderator.

70 Name: !WAHa.06x36 2004-12-20 08:46 ID:MVB/jndB [Del]

>>69

Get lost, kid.

This thread has been closed. You cannot post in this thread any longer.