fixed CPE449 - PasswordAttacks

CPE449/passwordAttacks/dictionary.py

@@ -39,6 +39,7 @@ passwordList = passwordListFile.readlines()
 for hashedPassword in hashArr:
     for password in passwordList:
         # Compare hashes
+        if not password.startswith("#!comment:"):
             cmpHash = crypt.crypt(password.rstrip().lstrip(), hashesAndSalt[index])
             cmpHashPass = cmpHash.split("$")
             cmpHashPass = cmpHashPass[3]

CPE449/passwordAttacks/password-2011.lst

@@ -1,3 +1,14 @@
+#!comment: This list has been compiled by Solar Designer of Openwall Project,
+#!comment: http://www.openwall.com/wordlists/
+#!comment:
+#!comment: This list is based on passwords most commonly seen on a set of Unix
+#!comment: systems in mid-1990's, sorted for decreasing number of occurrences
+#!comment: (that is, more common passwords are listed first).  It has been
+#!comment: revised to also include common website passwords from public lists
+#!comment: of "top N passwords" from major community website compromises that
+#!comment: occurred in 2006 through 2010.
+#!comment:
+#!comment: Last update: 2011/11/20 (3546 entries)
 123456
 12345
 password

CPE449/passwordAttacks/rainbowtable.py

@@ -11,6 +11,7 @@ passwordFile = open(passwordListFile)
 passwordList = passwordFile.readlines()
 
 for password in passwordList:
+    if not password.startswith("#!comment:"):
         passCleanEncoded = password.rstrip().lstrip().encode("utf_16_le")
         hash = hashlib.new("md4")
         hash.update(passCleanEncoded)