Author Topic: Binary version / C++ Version for Windows  (Read 6921 times)

Offline ezuk

  • Normal Members
  • *
  • Posts: 3
Binary version / C++ Version for Windows
« on: January 08, 2006, 09:44:08 AM »
Hi,

This idea sounds brilliant. However, there is one hurdle I need to overcome before I could adopt this:

I need to have some local copy (backed up on my own system) of the algorithm used by Passwordmaker.

In other words, I need some way to produce my passwords even if passwordmaker is no longer around -- on the net or on my FireFox installation. This may seem unlikely, but who knows where we'll be in 5 years?

I saw a PHP version around the forums, but with many cavaets and "it doesn't work exactly like the online version" etc.

I also saw a short description of the algo on the FAQ, but I don't think that's enough information for me to reproduce the passwordmaker hashes from scratch (using just MD5).

So... I'm sure many of you have thought about this and solved the issue. I think the best solution would be a simple, line-by-line detailed description of how to build the hash using just a generic MD5 utility.

What do you think?

Offline Eric H. Jung

  • grimholtz
  • Administrator
  • *****
  • Posts: 3353
Binary version / C++ Version for Windows
« Reply #1 on: January 08, 2006, 03:48:57 PM »
Hi ezuk,

miquelfire and I have been working on a command-line C++ version, compiled for both Windows and Linux. It is actually complete but needs a little documentation. It's also open-source and can be retrieved from travisbsd.org, module: cli, path: /usr/local/passwordmaker. We're hoping to release it very shortly.

With that in mind, do you still want the line-by-line detailed description?

Also, the PHP version is now fully compatible with all of the other versions. You can download it here. And don't forget, you can always download and run the HTML/Javascript version locally.

Regards,
Eric

Offline Miquel 'Fire' Burns

  • Administrator
  • *****
  • Posts: 1157
  • Programmer
Binary version / C++ Version for Windows
« Reply #2 on: January 09, 2006, 02:14:57 AM »
As of now, Linux testing haven't begun yet.
"I'm not drunk, just sleep deprived."

Offline ezuk

  • Normal Members
  • *
  • Posts: 3
Binary version / C++ Version for Windows
« Reply #3 on: January 09, 2006, 06:16:38 AM »
Dear Eric,

Many thanks!!! First of all, for your reply, and secondly, for creating this awesome service/product.

Now, as for my question: Actually, downloading the HTML/JavaScript version and running it locally perfectly answers my original concern. I will just get the zip, save it, back it up and also gmail it to myself, and this way I can rest assured my passwords _will_ be accessible in the future. :)

And of course, the C++ version for Windows would be great, when available. Perhaps you'd consider launching a small beta without the docs being completely done yet.

Re the text algo -- now it's not really a must. It would still be kind of nice if I could understand exactly what PasswordMaker does with my password, even without being a math geek or a programmer (I'm neither, unfortunately).

And of course, thanks to miquelfire as well! :)

Offline Miquel 'Fire' Burns

  • Administrator
  • *****
  • Posts: 1157
  • Programmer
Binary version / C++ Version for Windows
« Reply #4 on: January 09, 2006, 03:26:22 PM »
Here goes:
All the data is combined to make one string (except the Master Password if you're using a HMAC algorithm, and the prefix and suffix as well) and is hashed. Don't know the order off-hand (and don't feel like looking it up either) but with a url or passwordmaker.org, username of ezuk, and we'll assume (besides the master password) that's all you got, the string passed to the hashing function (like MD5) is "passwordmaker.orgezuk". May be different if you have the leet setting to work before hashing.

The password is then hashed, the binary data is treated as a huge number, and the characterset is the base it's converted to, like a base ten charaterset being 0123456789. Ask someone else if this step is unclear.

If you have leet active for after hashing, it will be done here.

I Prefix is then added to the begining of the string so far, and then, the suffix is added, after trimming off what has been generated so far so that it will fit in the length you set.

Fun little tip, due to how prefix and suffix works, you can use those to make PasswordMaker a password storage software. Not very secured though.
"I'm not drunk, just sleep deprived."

Offline ezuk

  • Normal Members
  • *
  • Posts: 3
Binary version / C++ Version for Windows
« Reply #5 on: January 10, 2006, 09:00:16 AM »
Thanks for the explanation, miquel! :) Somehow, I don't think I'll be trying to create a version of my own anytime soon ;) (I thought a pop-up AutoHotkey implementation could be cool, but somehow it looks less than feasible for me to create)
« Last Edit: January 10, 2006, 09:00:45 AM by ezuk »

Offline Eric H. Jung

  • grimholtz
  • Administrator
  • *****
  • Posts: 3353
Binary version / C++ Version for Windows
« Reply #6 on: January 10, 2006, 02:22:51 PM »
What's a pop-up AutoHotkey? Maybe I can implement it...

Offline Eric H. Jung

  • grimholtz
  • Administrator
  • *****
  • Posts: 3353
Binary version / C++ Version for Windows
« Reply #7 on: January 10, 2006, 08:59:54 PM »
The command-line edition of PasswordMaker is finished and can be downloaded here.

PasswordMaker Forums

Binary version / C++ Version for Windows
« Reply #7 on: January 10, 2006, 08:59:54 PM »