Irregular Expressions

Oct 29 2012   5:20PM GMT Application Level 7 – Part 5

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

To automate the interaction with the app7win.exe I used something called Expect. I have used Expect before for Perl on *nix systems but I have never had the need to do it to a Windows machines. It took a bit of research but I turned up a solution.


That’s great but it took a little bit of time to figure out how exactly I was going to get this to work as the documentation I could find was light on the installation.

The same company offers ActiveTcl;

Expect is not included with the install so you have to install it after the fact. To install Expect you need to use an application included with ActiveTcl called teacup.exe.

C:\Tcl\binteacup.exe install Expect

And here is the Expect script that I created.

# \
exec tclsh "$0" ${1+"$@"}

package require Expect
exp_log_user 1
exp_log_file -a 1.log
spawn app7win.exe
puts stdout "$argv"

expect -re "Please enter the password:" {
exp_send "$argv\r"
} eof {
exp_send "ERROR";

expect -re "Invalid Password" {
puts stdout "Bad Password $argv"
exp_send_log "Bad Password $argv"

} eof {
puts stdout "good password $argv"
exp_send_log "good password $argv"


Now I started looking at a true brute force, but I already have a large dictionary with about 2.6 billion words in it. I figured that should be enough to create the needed collision that I wanted. Now with the ability to interact with the application I needed a way to loop through the contents of the dictionary, I had already started working on one in Perl forgetting that Expect did not work for Perl for Windows.

Here is my lazy perl script that I created, I did not use a fh to get the contents of the file. I only use that if I need to do io, if you are just reading using ‘type’ on windows or ‘cat’ on *nix works just fine.

@file = `type new_full.txt`;

foreach(@file) {
system("tclsh test.tcl $_");

It’s pretty basic and I did not do the greatest job, but it worked.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: