中国网络渗透测试联盟

标题: 爆破、破解Disduz x 2.5 md5(md5(pass)$salt)密码加密 [打印本页]
作者: admin    时间: 2013-2-14 00:03
标题: 爆破、破解Disduz x 2.5 md5(md5(pass)$salt)密码加密
测试环境
1 E$ s$ K/ R$ ]' j4 B: e2 nOS 名称: Microsoft® Windows Server® 2008 Enterprise! k6 u$ h) m* N' e
OS 版本: 6.0.6001 Service Pack 1 Build 60014 W4 t& V# J7 }- l$ s+ p6 ^3 ~* R
OS 制造商: Microsoft Corporation# G- G9 H0 l0 X' _
OS 配置: 独立服务器4 N" Y7 z+ P" @  x7 s0 o. R
OS 构件类型: Multiprocessor Free% {. o: y; B+ v  c
注册的所有人: Windows 用户
$ B4 m' u/ Y9 D3 n: G0 I系统型号: PowerEdge R6209 L: X  a  J" }, F9 u7 ^* S- Y
系统类型: x64-based PC! d: g; u/ \4 m' T9 Q. H
处理器: 安装了 1 个处理器。
( W( \# v. C& w! Z; K9 Z) _[01]: Intel64 Family 6 Model 45 Stepping 7 GenuineIntel ~2400" r! A; v6 D/ n' d$ X7 X0 Y
cat md5.txt
: w" _6 d& x: U& A. {) n3fb78e9bc0b297e3de4e77531766c37a:f29f95 /* = md5中无法查询的。*/5 z$ l! X& \0 ^. V9 w; V; h
865a697fb9b4bd9c6737432aaff136bd:22dc87 /* = 304892415 */
9 T; R+ N" o# k4 L) R8 Q15b7a21513f24ffe97d9f9830acf51ad:07626c /* = 123456 */, d6 n, g: q* T. \4 d' W
/* -a 使用穷举模式 -m HASH的类型是VB DISCUZ跟DV加密是一样,?d是代表数字 穷举10个数字 */ hashcat-cli64.exe -a 3 -m 2611 md5.txt ?d?d?d?d?d?d?d?d?d?d4 p, e/ Z: l! D
Input.Mode: Mask (?d?d?d?d?d)
* E8 m+ x. [& b7 pIndex…..: 0/1 (segment), 100000 (words), 0 (bytes)
9 e3 `* u* ~( g- E" P. VRecovered.: 0/3 hashes, 0/3 salts1 b, T! j, W) Q: I/ [
Speed/sec.: – plains, – words% {$ [1 T+ t& w, a
Progress..: 100000/100000 (100.00%)7 o, N0 ^$ a5 ]$ e  _  b' Q+ S
Running…: –:–:–:–
) i( f+ A: F; }8 |Estimated.: –:–:–:–
# b  T, n1 o( `4 z! K. B: v15b7a21513f24ffe97d9f9830acf51ad:07626c:123456
6 D# V9 P# @* {3 ~6 a; q& NInput.Mode: Mask (?d?d?d?d?d?d)- k0 c- z% x3 T5 U4 }* e
Index…..: 0/1 (segment), 1000000 (words), 0 (bytes)
6 L2 M5 m( K, Z& z7 SRecovered.: 1/3 hashes, 1/3 salts. C( A& {# E7 x2 Z  g  U
Speed/sec.: 7.43M plains, 3.72M words
( w# D8 F7 _9 ]! F  zProgress..: 1000000/1000000 (100.00%)
( T* H. L/ \1 W- g+ |/ X5 h$ `8 |! wRunning…: 00:00:00:013 ~# b' U2 q1 x4 X0 r9 |6 K$ X2 a
Estimated.: –:–:–:–
" t) J+ D# ^# P# X  Y8 Q6 JInput.Mode: Mask (?d?d?d?d?d?d?d)
3 \; ]" U1 ~9 B' RIndex…..: 0/1 (segment), 10000000 (words), 0 (bytes)
/ j& s! ]3 m  Q  W4 h/ t. xRecovered.: 1/3 hashes, 1/3 salts+ W6 v: L* A: X9 m! b  e6 ~, g. S. ~5 y
Speed/sec.: 13.67M plains, 6.83M words& I9 y/ y% T& q  Y: R; o& _1 N
Progress..: 10000000/10000000 (100.00%)5 x0 q( |' J4 J/ ~; W1 D
Running…: 00:00:00:01
5 |, D; p3 u  {Estimated.: –:–:–:–
1 ~- G% `+ b. L: v5 @1 y9 UInput.Mode: Mask (?d?d?d?d?d?d?d?d)3 I/ E, e& I5 e2 |2 Z
Index…..: 0/1 (segment), 100000000 (words), 0 (bytes)/ S, l) g# J5 p0 `8 S
Recovered.: 1/3 hashes, 1/3 salts
' i' Z; r4 t" R! xSpeed/sec.: 18.59M plains, 9.29M words
% h  K' h, D& H% l. m4 Y8 RProgress..: 100000000/100000000 (100.00%): R7 t% d: A9 E) Z# Y9 u2 P
Running…: 00:00:00:11! {( K" r5 h6 k$ G' R. i
Estimated.: –:–:–:–
, x/ l3 V- E) t1 v; L6 _; d+ [1 ^( i865a697fb9b4bd9c6737432aaff136bd:22dc87:304892415
! p0 i/ q5 C( h9 [! k可以看到破解 9位3开纯数字密码需要11秒。
5 T& h! v9 ]% ~. KInput.Mode: Mask (?d?d?d?d?d?d?d?d?d?d)
' \( z6 L" P8 IIndex…..: 0/1 (segment), 10000000000 (words), 0 (bytes)2 S( }, j( i/ v
Recovered.: 2/3 hashes, 2/3 salts: E- i& [9 \; S6 i7 I. g, e+ ~
Speed/sec.: 12.70M plains, 12.70M words* u& O( k* N, i; S4 w1 x. n
Progress..: 10000000000/10000000000 (100.00%)5 R: g2 d5 \8 r- {( l
Running…: 00:00:13:07
' L1 k. F5 g( H$ S7 CEstimated.: –:–:–:–
2 h/ p1 {" V* `# C+ e% b2 ~而10个数字即需要13分钟,这样的速度如果有服务器是8核或更多,或者自己GPU强劲,会更加快,我测试只是用了一个入门级的CPU。
# d8 V& K' M, E: V在这里可以下载到一些字典,不过国人对这些字典貌似无视。
3 f0 [3 E3 P' N5 x+ F+ A% chttp://blog.g0tmi1k.com/2011/06/dictionaries-wordlists.html



欢迎光临 中国网络渗透测试联盟 (https://cobjon.com/) Powered by Discuz! X3.2