# python – How to create a brute-force password cracker for alphabetical and alphanumerical passwords?

## python – How to create a brute-force password cracker for alphabetical and alphanumerical passwords?

Heres a naiive brute force method that will guess numbers (`string.digits`

) and lower case letters (`string.ascii_lowercase`

). You can use `itertools.product`

with `repeat`

set to the current password length guessed. You can start at `1`

character passwords (or whatever your lower bound is) then cap it at a maximum length too. Then just `return`

when you find the match.

```
import itertools
import string
def guess_password(real):
chars = string.ascii_lowercase + string.digits
attempts = 0
for password_length in range(1, 9):
for guess in itertools.product(chars, repeat=password_length):
attempts += 1
guess = .join(guess)
if guess == real:
return password is {}. found in {} guesses..format(guess, attempts)
# uncomment to display attempts, though will be slower
#print(guess, attempts)
print(guess_password(abc))
```

Output

```
a 1
b 2
c 3
d 4
...
aba 1369
abb 1370
password is abc. found in 1371 guesses.
```

One possible option which would preserve almost exactly your current code is to convert to base 36 with the following digits: `0-9a-z`

. This will give you every possible alpha-numeric combination for n characters if you search in `range(36**n)`

.

Using a simplified function from How to convert an integer in any base to a string?:

```
def baseN(num, b=36, numerals=0123456789abcdefghijklmnopqrstuvwxyz):
return ((num == 0) and numerals[0]) or (baseN(num // b, b, numerals).lstrip(numerals[0]) + numerals[num % b])
```

You can then loop through numbers as in your example:

```
>>> for i in range(10000, 10005):
... print(baseN(i).zfill(5))
...
007ps
007pt
007pu
007pv
007pw
```

To get all 3-letter possibilities, you can loop as follows:

```
for i in range(36**3):
possible = baseN(i).zfill(3)
```