Community discussions

 
bburley
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 81
Joined: Thu Nov 18, 2010 7:22 am
Location: Alberta, Canada

Another attempt at a random password generator

Mon Apr 25, 2011 12:06 pm

I wanted to try making a random password generator and this is the first script that I came up with.

It uses three character source strings, the second and third are just scrambled versions of the first string. You can loop through more strings if you want.

This script takes a couple of minutes to run with the semi-random delays that are added.
# MikroTik Random Password Generator
# Author: Bob Burley - April 25, 2011
#
# Total characters to choose from is 73
# Eliminated confusing characters
# '0' (zero) and Upper Case 'O'
# '1' (one) and Upper Case 'I' and Lower Case 'l' (L)

:local charStr1 "23456789ABCDEFGHJKLMNPQRSTUVWXYZ23456789abcdefghijkmnopqrstuvwxyz23456789"
:local charStr2 "cN47iKd2bLn8sQz4JAu2PD6Vm5RjTG4UrFY78XewHE3W9gMq62v7a9Z5yf5pC3k6xt9Bh8S3o"
:local charStr3 "uYswW92z6M5fJynQp6hGm5VSr4oR8k7A2bKq5U3FiZvc8gHP2tdL9E4jBT3X7xC6N4D8e7a93"

# set new password length here
:local newPassLength 8

:local charStrNum 1
:local newPassword ""
:local p1
:local var1
:local var2
:local var3

:for char from=1 to=$newPassLength step=1 do={
#  Generate number between 0 and 72
  :set var1 ([:pick [/system clock get time] 6 8])
  :set p1 ([:len [/system resource get uptime]])
  :set var2 ([:pick [/system resource get uptime] ($p1-2) $p1])
  :set var3 (($var1 * $var2) / 48)

#  pick next character to add to the new password
  :if ($charStrNum=1) do={
    :set newPassword ($newPassword . [:pick $charStr1 $var3])
  }
  :if ($charStrNum=2) do={
    :set newPassword ($newPassword . [:pick $charStr2 $var3])
  }
  :if ($charStrNum=3) do={
    :set newPassword ($newPassword . [:pick $charStr3 $var3])
  }
  :set charStrNum ($charStrNum + 1)
  :if ($charStrNum = 4) do={
    :set charStrNum 1
  }
  :delay (($var1 + $var2 + $var3) / 5)
}

:log info $newPassword
The script seems to work fine with manual testing but I am predicting a flaw when run by the scheduler. The seconds offset when started with the scheduler will always be the same and that is a big problem. I needed a random start delay to get rid of the scheduler influence which resulted in this second script.
# MikroTik Random Password Generator
# with random start offset delay for use with /System Scheduler
# Author: Bob Burley - April 25, 2011
#

:local minRtt
:local maxRtt
:local random 0
:local siteAddress
:local charStrNum 1
:local p1
:local var1
:local var2
:local var3
:local newPassword ""

# set password length here
:local newPassLength 8

# Total characters to choose from is 73
# Eliminated confusing characters
# '0' (zero) and Upper Case 'O'
# '1' (one) and Upper Case 'I' and Lower Case 'l' (L)
:local charStr1 "23456789ABCDEFGHJKLMNPQRSTUVWXYZ23456789abcdefghijkmnopqrstuvwxyz23456789"
:local charStr2 "cN47iKd2bLn8sQz4JAu2PD6Vm5RjTG4UrFY78XewHE3W9gMq62v7a9Z5yf5pC3k6xt9Bh8S3o"
:local charStr3 "uYswW92z6M5fJynQp6hGm5VSr4oR8k7A2bKq5U3FiZvc8gHP2tdL9E4jBT3X7xC6N4D8e7a93"

# google.ca (74.125.95.147) - google.com (74.125.95.99) - yahoo.ca (68.180.206.184) - yahoo.com (209.191.122.70)
:local arraySiteList [:toarray ("74.125.95.147","74.125.95.99","68.180.206.184","209.191.122.70")]

:foreach siteAddress in=($arraySiteList) do={
  /tool flood-ping $siteAddress count=4 do={
    :if ($sent=4) do={
      :set minRtt $"min-rtt"
      :set maxRtt $"max-rtt"
    }
    :set random ($random + minRtt)
    :while ($random > 59) do={
      :set random ($random -60)
    }
    :set random ($random + maxRtt)
    :while ($random > 59) do={
      :set random ($random -60)
    }
  }
}

:delay $random

:for char from=1 to=$newPassLength step=1 do={
#  Generate number between 0 and 72
  :set var1 ([:pick [/system clock get time] 6 8])
  :set p1 ([:len [/system resource get uptime]])
  :set var2 ([:pick [/system resource get uptime] ($p1-2) $p1])
  :set var3 (($var1 * $var2) / 48)

#  pick next character to add to the new password
  :if ($charStrNum=1) do={
    :set newPassword ($newPassword . [:pick $charStr1 $var3])
  }
  :if ($charStrNum=2) do={
    :set newPassword ($newPassword . [:pick $charStr2 $var3])
  }
  :if ($charStrNum=3) do={
    :set newPassword ($newPassword . [:pick $charStr3 $var3])
  }
  :set charStrNum ($charStrNum + 1)
  :if ($charStrNum = 4) do={
    :set charStrNum 1
  }
  :delay (($var1 + $var2 + $var3) / 5)
}

:log info $newPassword
The websites used for sampling ping times are probably too reliable which reduces randomness a little. Now we finally have a good use for those poorly responding overseas servers :lol:

The rest of the plan is to change the wireless security code every Sunday and automatically email the new code to key people. The weekly code can be given to visitors with laptops who need to check their email or surf the web. The spreading of the security code to others will be reduced with the weekly rotation.

I don't have the patience to run this thousands of times to see how good or how bad it really is. Perhaps someone with a math or statistics background will comment.

Hopefully someday MikroTik will add a real random generator in RouterOS.
 
bburley
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 81
Joined: Thu Nov 18, 2010 7:22 am
Location: Alberta, Canada

Re: Another attempt at a random password generator

Mon Apr 25, 2011 7:45 pm

I didn't think about this one long enough. The above scripts are very flawed and will not generate very many unique passwords. I will make another attempt soon.
 
Ehman
Member
Member
Posts: 363
Joined: Mon Nov 15, 2010 10:49 pm

Re: Another attempt at a random password generator

Mon Aug 26, 2013 6:27 pm

I didn't think about this one long enough. The above scripts are very flawed and will not generate very many unique passwords. I will make another attempt soon.

any luck yet? ..I'm looking for the same kinda thing
 
User avatar
boen_robot
Forum Guru
Forum Guru
Posts: 2411
Joined: Thu Aug 31, 2006 4:43 pm
Location: europe://Bulgaria/Plovdiv

Re: Another attempt at a random password generator

Mon Aug 26, 2013 6:30 pm

It might be easier to set up a script on a remote HTTP server, and just call "fetch" on it every time you need such a password. If you're worried about someone listening on the password, use HTTPS.

How exactly you generate the random password on the HTTP server of course depends on your language of choice, but the point is it will surely be far more trivial to do.
PEAR2_Net_RouterOS(1.0.0b6) - My API client in PHP
(Rate my posts? If you want... no pressure...)

Who is online

Users browsing this forum: No registered users and 14 guests