The FAQ here is a little vague on some points:
FAQ says short word. Must it be a word or can it be a random string?
Max length?
Case sensitive?
Forbidden characters? (I assume # is one)
Link to more in depth info?
Thanks in advance
les
Name:
Anonymous2005-01-06 6:04
I'm guessing that shiiboard tripcodes are compatible with futaba tripcodes? In which case...
Max length: 8 characters
Case sensitive: yes
Allowed characters: [a-zA-Z0-9] <space> .!:#/`()_$[]+*{}-
If the tripcode is 1 char in length, it has "H" concatenated to it.
Name:
Anonymous2005-01-06 8:52 (sage)
a second hash (#) in tripcodes will start your second tripcode (secure trips)
Name:
Anonymous2005-01-06 9:04
>>3 I thought that was for only wakaba 'stroke my ego' boards..
Name:
Anonymous2005-01-06 12:24
I believe you can use as long a tripcode as you like but only the first eight chars are actually used.
Name:
Anonymous2005-01-07 13:54 (sage)
>>4
yeah, and those people wanted it as a feature, so shii added it. :shrug:
>>6
I added it because regular tripcodes, all of which can be found by searching tripper+ for a while, are pretty useless.
Name:
Mr VacBob!JqK7T7zan.2005-01-09 10:55 (sage)
>>2 is correct, although the part about a 1-character trip isn't totally right.
Secure tripcodes can be any length and allowed characters are whatever you give it.
(there would be a novelty tripcode here but I haven't reinstalled the tripcode searcher yet!)
Name:
Mr VacBob!JqK7T7zan.2005-01-09 20:47
On second thought, >>2 is wrong. The tripcode input can be anything, so you can have Unicode tripcodes.
However, the DES salt and output are lower ASCII.
Name:
22005-01-09 21:34
>>10 I take it that shiiboard doesn't map certain character ranges into [A-Ga-g], then.
The biggest problem with secure trips is there's certain people who won't be KoS'd no matter how much they suck...
>>15 Cool. My BSD machine needed <unistd.h> instead of <crypt.h> for the DES functions.
I did a speed comparison with scanning 1,000,000 keys with your trip.c and my 4tripper. All those rand() calls and such slows yours down a lot-- 21.9 seconds on my AthlonXP2000+, compared to 8.9 seconds. syscalls are bad things in tight loops, so always try to make as few as possible :) (hence the write buffering in 4tripper). Style points for having the inbuilt regex, though.
>>18 lol WAHa deleting all my messages (including a patch for the OSX problem)
Name:
Anonymous2005-01-10 19:57
>>17
I plugged that Apple-munged/old MIT crypt() into 4tripper, but at least in the test I tried then, it was only half as fast (on an AthlonXP) as the openssl library supplied fcrypt. (The fastest open-source crypt()s I've been able to test is those written by Eric Young-- and guess what OpenSSL/libdes uses..)
And you avoided an excuse to use a goto. :)
WRT the discussion in the wakaba thread mentioning dictionary cracking-- I have an unfinished attempt at http://hunter.apana.org.au/~cjb/Code/4kwik.c (I would have mentioned it there, but... >>19 ). It works as it is (caveat hacktor), but is 'unfinished' because it's still kwik-and-dirty code, and because I wanted it to use the letter permutation code out of Crack5 ("crack5ify </usr/share/dict/web2a | 4dict tripcodes.")
(This thread should probably be in programming now...)
Name:
Mr VacBob!JqK7T7zan.2005-01-10 20:45
It may not be the fastest crypt() around; I just grabbed it because I knew where it was. The major speed improvement is only printing the matches, not the hash implementation.
If I found a good simple explanation of the algorithm behind crypt, I'd write my own version of it (like I did with sha1.c/bsha64.c in that directory for shiichan4).
And you should really start using htmlspecialchars. Otherwise you'll get lots of false positives.
Name:
Anonymous2005-01-10 23:03
>htmlspecialchars
Would it really matter, provided [a-z0-9], &, #, and ; are in the key alphabet? If anything, it would make cracking the tripcode (or finding a 'false positive' collisions, which is just as useful) a lot easier.
Name:
Anonymous2005-01-10 23:22
>>11
Wait, why would you want someone that uses a secure trip to get KoS'd? I'm not trying to be an asshole or anything, I'd actually like to know.
All those rand() calls and such slows yours down a lot
generating random tripcodes is more secure than going through characters sequentially... if you know of a faster way to generate random tripcodes than using rand(), please let me know...
And you should really start using htmlspecialchars. Otherwise you'll get lots of false positives.
htmlspecialchars isn't necessary because i exclude all characters which would be affected by it (except '&', which i only allow at the end of tripcodes where htmlspecialchars wouldn't have any effect on the tripcode because crypt() only uses the first 8 characters)... this also means that all tripcodes found by my program will work regardless of whether the board does htmlspecialchars
Name:
Mr VacBob!JqK7T7zan.2005-01-11 1:08
>>22
"false positive" = a tripcode which the search claims to match against that doesn't really match
Excluding tripcodes containing htmlspecialcharsable stuff cuts down on your possible results a lot, too.
>>24
I don't see how rand() would be the heaviest consumer, unless it's a shitty rand(), but find a random generator that generates lots of randoms at once. Failing that, at least try the Mersenne Twister.
Name:
hotaru!hoTarufiRE2005-01-11 1:08
just about any system
correction: just about any x86 system...
Name:
hotaru!hoTarufiRE2005-01-11 1:32
>>25
the mersenne twister is slower than rand() on my system
Name:
hotaru!9Tlf1rAmus2005-01-11 1:45
also, excluding tripcodes containing htmlspecialcharsable stuff cuts down the total number of tripcodes from 5,132,188,731,375,616 to 3,319,842,194,924,904... the only time this would be a problem is if you're trying to brute-force a specific tripcode... and then you'd probably be better off generating a database of tripcodes and searching it...
Name:
hotaru!hoTarufiRE2005-01-11 2:57 (sage)
s/3,319,842,194,924,904/3,357,567,674,412,687/
i don't know how i messed that up...
Name:
Anonymous2005-01-11 4:20
if you know of a faster way to generate random tripcodes than using rand(), please let me know...
What I'd probably do is use the idea that 4brute has of randomizing the key alphabet, and then doing a sequential scan. Keep in mind that crypt(x+1) is just as random as crypt(x+RND(10000000)), so hopping around all over the keyspace won't gain you anything.
Name:
Anonymous2005-02-16 13:04
Also, you can use the Mersenne Twister and split the 32-bit result into four different bytes.
And every board does htmlspecialchars properly now, unless 2chan/original Futaba doesn't.
This is the slowest thread on the interbutts. It deserves an award.
Name:
Anonymous2008-05-30 20:29
>>34
Wow, at first I didn't notice a date on the posts, and I was asking myself "Wait why is everyone so knowledgeable?" Then I saw the dates, and the world was right again.