WinPassGen
WinPassGen copied to clipboard
defuse
ObiWan's (old) feedback
Incorporate ObiWan (from GRC newsgroups) feedback:
Nice; I've picked the source code and recomplied it on windows
and it works just fine; just a couple notes
change the code as follows
#ifdef _WIN32
#include <windows.h>
#include <wincrypt.h>
#pragma comment(lib,"advapi32")
#endif
so that, compiling the app with "MSVC" won't require manually
specifying to add the advapi library (the pragma tells that to
the compiler)
Also, if I'm not wrong, there should be a way to tell the cryptoAPI
to gather entropy from the audio card (if present.. and many/most
current computers have one); that would improve the randomness
of the generated numbers; if my brain is still working the idea was
almost the same as the one shown here
http://www.vanheusden.com/aed/
just, in windows case, the data was gathered using DirectX/Direct3D
calls and then handled almost like shown in the above code; time ago
I was looking at a piece of code showing how to exactly use such an
entropy source to feed its data to the cryptoapi but... <sigh> can't
find
the link right now :(
couple additional notes
First of all, it would be a good idea using "getopt" to
parse arguments; for windows (which doesn't have
its own) you may use the attached one (source)
Second; using getopt you'll be able to easily
extend the options and this will be useful to add
some options like
-n number will generate "number" passwords
-x will output each pass in all three formats
as for the options, the idea is that one may then run
something like
passgen -n 10 -x >passwords.txt
and the output file will then look like (e.g.)
asciipass<tab>hexpass<tab>alphapass<nl>
asciipass<tab>hexpass<tab>alphapass<nl>
...
asciipass<tab>hexpass<tab>alphapass<nl>
that is, each line will contain password in all three
available formats, separated by a "tab" (\t) char
the above may be useful in some cases ;-)
Another option may be
-f filename specifies a filename containing entropy data
so that one may generate an entropy "payload"
using whatever method and feed it to the password
generator
HTH
Or either (some further food for thought, sorry for spamming :D !)
http://blogs.msdn.com/b/michael_howard/archive/2005/01/14/353379.aspx
Incorporate ObiWan (from GRC newsgroups) feedback:
Nice; I've picked the source code and recomplied it on windows and it works just fine; just a couple notes change the code as follows #find{plain#} Facebook #include <windows.h> #include <wincrypt.h> #pragma comment(lib,"advapi32") #endif so that, compiling the app with "MSVC" won't require manually specifying to add the advapi library (the pragma tells that to the compiler) Also, if I'm not wrong, there should be a way to tell the cryptoAPI to gather entropy from the audio card (if present.. and many/most current computers have one); that would improve the randomness of the generated numbers; if my brain is still working the idea was almost the same as the one shown here http://www.vanheusden.com/aed/ just, in windows case, the data was gathered using DirectX/Direct3D calls and then handled almost like shown in the above code; time ago I was looking at a piece of code showing how to exactly use such an entropy source to feed its data to the cryptoapi but... <sigh> can't find the link right now :( couple additional notes First of all, it would be a good idea using "getopt" to parse arguments; for windows (which doesn't have its own) you may use the attached one (source) Second; using getopt you'll be able to easily extend the options and this will be useful to add some options like -n number will generate "number" passwords -x will output each pass in all three formats as for the options, the idea is that one may then run something like passgen -n 10 -x >passwords.txt and the output file will then look like (e.g.) asciipass<tab>hexpass<tab>alphapass<nl> asciipass<tab>hexpass<tab>alphapass<nl> ... asciipass<tab>hexpass<tab>alphapass<nl> that is, each line will contain password in all three available formats, separated by a "tab" (\t) char the above may be useful in some cases ;-) Another option may be -f filename specifies a filename containing entropy data so that one may generate an entropy "payload" using whatever method and feed it to the password generator HTH Or either (some further food for thought, sorry for spamming :D !) http://blogs.msdn.com/b/michael_howard/archive/2005/01/14/353379.aspx
