中国网络渗透测试联盟
标题:
爆破、破解Disduz x 2.5 md5(md5(pass)$salt)密码加密
[打印本页]
作者:
admin
时间:
2013-2-14 00:03
标题:
爆破、破解Disduz x 2.5 md5(md5(pass)$salt)密码加密
测试环境
2 c4 K. q& u* z4 f- i. F
OS 名称: Microsoft® Windows Server® 2008 Enterprise
$ h( Q8 r, Z8 O
OS 版本: 6.0.6001 Service Pack 1 Build 6001
, D( T1 ?1 Q L/ O+ s
OS 制造商: Microsoft Corporation
r3 O% M. k" m6 W6 o9 @6 y" p! r
OS 配置: 独立服务器
% v. P2 Y* m* o, r6 [9 z
OS 构件类型: Multiprocessor Free
8 R" u% d: t3 R% X
注册的所有人: Windows 用户
! J1 v# X' b" H
系统型号: PowerEdge R620
2 d \5 t; `, I: o; b3 F
系统类型: x64-based PC
: R) s' e I! {) X' I; @) j
处理器: 安装了 1 个处理器。
1 |) j& I9 `* G0 z2 M
[01]: Intel64 Family 6 Model 45 Stepping 7 GenuineIntel ~2400
' e$ w, @7 u9 P, G8 O) \. w6 K6 d
cat md5.txt
' F @- T" N4 z* a
3fb78e9bc0b297e3de4e77531766c37a:f29f95 /* = md5中无法查询的。*/
! V% I/ i. ~: q; p- T/ G# P3 \
865a697fb9b4bd9c6737432aaff136bd:22dc87 /* = 304892415 */
! h2 k1 a! K# J+ g( ^, o( k
15b7a21513f24ffe97d9f9830acf51ad:07626c /* = 123456 */
8 w E1 h2 w. x5 j& p
/* -a 使用穷举模式 -m HASH的类型是VB DISCUZ跟DV加密是一样,?d是代表数字 穷举10个数字 */ hashcat-cli64.exe -a 3 -m 2611 md5.txt ?d?d?d?d?d?d?d?d?d?d
$ [2 o0 {9 L* m8 i; x5 t3 O
Input.Mode: Mask (?d?d?d?d?d)
6 q/ T$ I' p) W! h
Index…..: 0/1 (segment), 100000 (words), 0 (bytes)
" D2 Q, p( A( T" }# S$ U: s
Recovered.: 0/3 hashes, 0/3 salts
5 Q9 u3 W1 t5 Y, R% V
Speed/sec.: – plains, – words
0 |2 s- p9 d' K2 G
Progress..: 100000/100000 (100.00%)
7 Q H8 i3 r+ o; A! L" g% B
Running…: –:–:–:–
; t! d8 }# E, K& p7 t
Estimated.: –:–:–:–
8 b4 J5 B( x: o9 k a$ W7 w$ y
15b7a21513f24ffe97d9f9830acf51ad:07626c:123456
w1 |; M; p$ Q% A
Input.Mode: Mask (?d?d?d?d?d?d)
/ P! ~* q. z. L; }9 h
Index…..: 0/1 (segment), 1000000 (words), 0 (bytes)
* u6 u0 {$ n3 |0 ~, m; T n
Recovered.: 1/3 hashes, 1/3 salts
0 B _1 @& G# b3 U2 l- V
Speed/sec.: 7.43M plains, 3.72M words
3 ?3 D. B. x* m
Progress..: 1000000/1000000 (100.00%)
5 T4 r0 d# y! g1 C% J+ Q$ ~
Running…: 00:00:00:01
4 ?% g" M7 ~, ~' {; @0 J
Estimated.: –:–:–:–
$ \0 E+ [, y/ y& g1 p; l
Input.Mode: Mask (?d?d?d?d?d?d?d)
[( i% M8 X# e
Index…..: 0/1 (segment), 10000000 (words), 0 (bytes)
& C# H+ w+ {6 B! c
Recovered.: 1/3 hashes, 1/3 salts
D- D( |3 j4 v3 B5 W. h; Y, m, m
Speed/sec.: 13.67M plains, 6.83M words
5 ~3 [) K+ C4 j T) h+ r% N3 i
Progress..: 10000000/10000000 (100.00%)
. b0 Y& B% r( _* p: @! d0 Q
Running…: 00:00:00:01
5 a" k, z; ^$ {% j1 }* q! ?% m% i
Estimated.: –:–:–:–
& ]7 r) X" {) T" t+ x$ {
Input.Mode: Mask (?d?d?d?d?d?d?d?d)
/ {5 O; A& l1 C; l
Index…..: 0/1 (segment), 100000000 (words), 0 (bytes)
" z' H7 ~2 @; [
Recovered.: 1/3 hashes, 1/3 salts
) L- |; M }) z9 P) _
Speed/sec.: 18.59M plains, 9.29M words
" a; ~9 m9 y# s& t& G; O8 Q# `
Progress..: 100000000/100000000 (100.00%)
6 R0 q0 D Y" ]8 {2 W2 |' E
Running…: 00:00:00:11
) V3 L4 L/ o/ _) v$ Q
Estimated.: –:–:–:–
( |8 y/ Y% m" J) Q$ Y. Y, l I
865a697fb9b4bd9c6737432aaff136bd:22dc87:304892415
; |4 m) m1 Y# Y7 B M. e
可以看到破解 9位3开纯数字密码需要11秒。
+ R4 r. \) d7 u" E; y s$ `& [
Input.Mode: Mask (?d?d?d?d?d?d?d?d?d?d)
/ x# s6 A0 C: a
Index…..: 0/1 (segment), 10000000000 (words), 0 (bytes)
1 K4 W! I* \- X6 e# g* o& f5 x
Recovered.: 2/3 hashes, 2/3 salts
3 [' y" L D* D7 o
Speed/sec.: 12.70M plains, 12.70M words
( g; B+ p s2 w/ v& c8 C2 k
Progress..: 10000000000/10000000000 (100.00%)
* P+ z1 @ `7 ]( e; m {) W/ Y
Running…: 00:00:13:07
( H& Z" x9 v5 m5 j9 j
Estimated.: –:–:–:–
! F) W$ [& O+ `
而10个数字即需要13分钟,这样的速度如果有服务器是8核或更多,或者自己GPU强劲,会更加快,我测试只是用了一个入门级的CPU。
2 n9 ~, |( k* v+ C
在这里可以下载到一些字典,不过国人对这些字典貌似无视。
: Y" F: q0 ]" v9 T1 X/ s% `
http://blog.g0tmi1k.com/2011/06/dictionaries-wordlists.html
欢迎光临 中国网络渗透测试联盟 (https://cobjon.com/)
Powered by Discuz! X3.2