中国网络渗透测试联盟

标题: 爆破、破解Disduz x 2.5 md5(md5(pass)$salt)密码加密 [打印本页]
作者: admin    时间: 2013-2-14 00:03
标题: 爆破、破解Disduz x 2.5 md5(md5(pass)$salt)密码加密
测试环境. [' N9 C- k% W1 ?3 k, ]
OS 名称: Microsoft® Windows Server® 2008 Enterprise
! e0 a$ f0 ]; d+ v6 v3 O; o% k8 \OS 版本: 6.0.6001 Service Pack 1 Build 6001
( s4 Z1 ~& A! ?) R- m% MOS 制造商: Microsoft Corporation
+ R* i% M- F. W4 I5 h1 jOS 配置: 独立服务器
, ^0 Z. R; ^0 K4 K6 O  P9 Z( J8 n. @, ROS 构件类型: Multiprocessor Free* ^- p; f; _2 b" L1 Y) ?/ H
注册的所有人: Windows 用户
) |% I0 |& l# ?: x" R0 I$ ?系统型号: PowerEdge R620" k* E1 t; I  V( A5 s" U% V( z  @- x
系统类型: x64-based PC' }( ^' G( y6 i
处理器: 安装了 1 个处理器。
$ ?/ N2 ?" i1 L  w1 x[01]: Intel64 Family 6 Model 45 Stepping 7 GenuineIntel ~2400; I- o+ g1 B3 m! x3 l
cat md5.txt* k  ?6 U2 y* N
3fb78e9bc0b297e3de4e77531766c37a:f29f95 /* = md5中无法查询的。*/
9 ~' _/ n8 O5 c- e& L) I* n865a697fb9b4bd9c6737432aaff136bd:22dc87 /* = 304892415 */
7 m* L. d+ u) ^/ }. N( O15b7a21513f24ffe97d9f9830acf51ad:07626c /* = 123456 */
7 A/ E. I9 G% P- [! ~* {7 K /* -a 使用穷举模式 -m HASH的类型是VB DISCUZ跟DV加密是一样,?d是代表数字 穷举10个数字 */ hashcat-cli64.exe -a 3 -m 2611 md5.txt ?d?d?d?d?d?d?d?d?d?d' a* v, o# e  i
Input.Mode: Mask (?d?d?d?d?d)$ P  I& r5 w7 u5 i
Index…..: 0/1 (segment), 100000 (words), 0 (bytes)( w& U* \8 ]4 o9 I: Z) h' M2 _
Recovered.: 0/3 hashes, 0/3 salts, C& m& N( C# P1 z' ?- Y
Speed/sec.: – plains, – words& C. N2 c+ Q3 Q9 I3 D( K
Progress..: 100000/100000 (100.00%)- y/ f4 F8 U- s5 x2 q% B  Q0 a5 u
Running…: –:–:–:–' f8 J+ f+ s" R  r2 V
Estimated.: –:–:–:–
% Y, h$ m# X$ [6 _$ z3 [15b7a21513f24ffe97d9f9830acf51ad:07626c:123456* O$ ]% A+ }+ O+ @: s
Input.Mode: Mask (?d?d?d?d?d?d)8 x; I' y' i7 g: R5 U- S
Index…..: 0/1 (segment), 1000000 (words), 0 (bytes)$ T2 ~9 G0 _% O+ @5 D6 _
Recovered.: 1/3 hashes, 1/3 salts7 _, u- h) c. H3 N/ a) s5 {
Speed/sec.: 7.43M plains, 3.72M words
: p2 X# q2 ~& _+ A) ^" BProgress..: 1000000/1000000 (100.00%)
: ]  T7 l" f9 L8 i0 A, X3 HRunning…: 00:00:00:01
2 j' I% e2 `6 m. c; z6 qEstimated.: –:–:–:–! o' a! {/ o& z" R: R' k- z0 D
Input.Mode: Mask (?d?d?d?d?d?d?d)
* O% W' W/ {2 U. V# _# w/ UIndex…..: 0/1 (segment), 10000000 (words), 0 (bytes); \+ S3 O$ V( U4 S5 s
Recovered.: 1/3 hashes, 1/3 salts& g" Q4 B. a! ]: ~6 d7 X6 G
Speed/sec.: 13.67M plains, 6.83M words+ l) E3 M: C* r  k* S" c, ?" b
Progress..: 10000000/10000000 (100.00%)
( f' ^. ~% e. j0 j! sRunning…: 00:00:00:01
3 z& D8 Q9 E; eEstimated.: –:–:–:–
) v: q# }$ P* Q, r5 H1 }3 gInput.Mode: Mask (?d?d?d?d?d?d?d?d)
5 z. a" p( J6 X: x: |# ZIndex…..: 0/1 (segment), 100000000 (words), 0 (bytes)/ ?5 ]  h$ u, k' K1 f; ?$ |- A
Recovered.: 1/3 hashes, 1/3 salts
- d/ }+ D# b' o6 O) x1 r' E: V$ vSpeed/sec.: 18.59M plains, 9.29M words
$ p* x0 t% Q+ }" d8 a! @' d* d1 }9 BProgress..: 100000000/100000000 (100.00%)
" d6 v3 r1 l. lRunning…: 00:00:00:110 f1 }3 }* c" Y
Estimated.: –:–:–:–
- n+ p+ u+ D6 L865a697fb9b4bd9c6737432aaff136bd:22dc87:304892415
: E& W- p* k8 k3 Y4 s, p9 f9 D6 w可以看到破解 9位3开纯数字密码需要11秒。3 t% V: n9 Z# i* H1 O. }
Input.Mode: Mask (?d?d?d?d?d?d?d?d?d?d)
& p  I6 i( [' f) c7 U: B3 Q2 c* lIndex…..: 0/1 (segment), 10000000000 (words), 0 (bytes)4 P9 |) x, ~- ?0 }
Recovered.: 2/3 hashes, 2/3 salts
& m4 _  m* Y9 r+ k0 C: ?$ ZSpeed/sec.: 12.70M plains, 12.70M words
/ r, Y0 K8 @* E; l' w! ZProgress..: 10000000000/10000000000 (100.00%)( c6 {- j5 ^, r4 S6 L
Running…: 00:00:13:07
0 D* g5 h, `1 P! T7 w, y6 H  JEstimated.: –:–:–:–
( k( B2 `5 u4 m$ s而10个数字即需要13分钟,这样的速度如果有服务器是8核或更多,或者自己GPU强劲,会更加快,我测试只是用了一个入门级的CPU。
6 P/ {# x/ a# D' p$ d在这里可以下载到一些字典,不过国人对这些字典貌似无视。
/ e  L3 ]- ]& |) yhttp://blog.g0tmi1k.com/2011/06/dictionaries-wordlists.html



欢迎光临 中国网络渗透测试联盟 (https://cobjon.com/) Powered by Discuz! X3.2