中国网络渗透测试联盟

标题: 爆破、破解Disduz x 2.5 md5(md5(pass)$salt)密码加密 [打印本页]
作者: admin    时间: 2013-2-14 00:03
标题: 爆破、破解Disduz x 2.5 md5(md5(pass)$salt)密码加密
测试环境* ], X) ]7 `; y; c1 C* U; }
OS 名称: Microsoft® Windows Server® 2008 Enterprise
. F7 e3 m/ K. G3 T5 oOS 版本: 6.0.6001 Service Pack 1 Build 6001  C4 @+ \+ h7 T" \8 V3 _
OS 制造商: Microsoft Corporation
( c" u2 \$ h/ }" a$ Z* aOS 配置: 独立服务器
6 A2 L9 v9 _) o: [OS 构件类型: Multiprocessor Free/ Z! a5 i( L. T* @' S
注册的所有人: Windows 用户, a# Q4 y5 t0 [3 M$ n
系统型号: PowerEdge R620& F7 s4 E6 k. r$ A8 a
系统类型: x64-based PC/ E- y% O4 H; k9 h, J. x; Z* H1 s
处理器: 安装了 1 个处理器。
" O7 Q1 ^" L% h2 d& s) l6 X" Y. t[01]: Intel64 Family 6 Model 45 Stepping 7 GenuineIntel ~2400
9 E7 T: i+ ~$ `2 e! X6 Ocat md5.txt
/ J' |) Z$ I) a) x1 C$ H3fb78e9bc0b297e3de4e77531766c37a:f29f95 /* = md5中无法查询的。*/! ^" l* a5 Y" P/ P/ t! r/ w
865a697fb9b4bd9c6737432aaff136bd:22dc87 /* = 304892415 */
1 P: Z1 ^. a5 O+ }$ s( E15b7a21513f24ffe97d9f9830acf51ad:07626c /* = 123456 */' v0 e2 m; `3 D" a( Q- C# i
/* -a 使用穷举模式 -m HASH的类型是VB DISCUZ跟DV加密是一样,?d是代表数字 穷举10个数字 */ hashcat-cli64.exe -a 3 -m 2611 md5.txt ?d?d?d?d?d?d?d?d?d?d, b' F* X1 \- ~& H
Input.Mode: Mask (?d?d?d?d?d)
- v& k9 B, l6 PIndex…..: 0/1 (segment), 100000 (words), 0 (bytes)
& [& u6 k1 g1 u# vRecovered.: 0/3 hashes, 0/3 salts
5 j+ f; l1 X4 i" I& ZSpeed/sec.: – plains, – words  _( H. ]! u; P$ J9 u/ r
Progress..: 100000/100000 (100.00%)3 ]+ S1 G! X; V' K; E
Running…: –:–:–:–
# g0 f- h8 j5 Q3 vEstimated.: –:–:–:–
" G' P' e  q" G3 N15b7a21513f24ffe97d9f9830acf51ad:07626c:123456
6 D# [$ r+ ^$ zInput.Mode: Mask (?d?d?d?d?d?d)+ ]4 {$ R( {/ l) g2 T
Index…..: 0/1 (segment), 1000000 (words), 0 (bytes)
- f& Q# a$ ^0 ~. ?Recovered.: 1/3 hashes, 1/3 salts) O3 d' \1 k, U+ h, B4 D1 Y$ Z
Speed/sec.: 7.43M plains, 3.72M words! `/ Q$ p* |3 V
Progress..: 1000000/1000000 (100.00%)* b0 F4 w1 S- G) d
Running…: 00:00:00:01( [$ w; w6 G1 c4 o
Estimated.: –:–:–:–
2 o' W7 O5 H. K) {9 zInput.Mode: Mask (?d?d?d?d?d?d?d)
2 Y9 j" m& q. PIndex…..: 0/1 (segment), 10000000 (words), 0 (bytes)" m, c; ~& z$ c! G) C7 w& P7 L7 T2 B
Recovered.: 1/3 hashes, 1/3 salts
4 L' h( j' |' N, v/ U2 \Speed/sec.: 13.67M plains, 6.83M words0 y2 S6 h; z+ y
Progress..: 10000000/10000000 (100.00%)
; w& n5 d0 m! }8 U2 QRunning…: 00:00:00:01, o6 v2 K" Y6 `& ?7 k
Estimated.: –:–:–:–5 F8 G# }' W. g/ l! j7 `& ?- X/ U
Input.Mode: Mask (?d?d?d?d?d?d?d?d); s" [" G5 D3 J5 @; t
Index…..: 0/1 (segment), 100000000 (words), 0 (bytes)
, g' q, @( a0 x1 ]0 b6 HRecovered.: 1/3 hashes, 1/3 salts
4 S, e* k/ _2 }7 kSpeed/sec.: 18.59M plains, 9.29M words
8 m: x6 @% Q. {0 Z2 L; A- ZProgress..: 100000000/100000000 (100.00%)! t5 h- S7 Z4 q" s, X: B
Running…: 00:00:00:11
7 a4 e5 U+ m; S; ^! e% u/ tEstimated.: –:–:–:–
: k; p6 C- g" s; C9 H865a697fb9b4bd9c6737432aaff136bd:22dc87:304892415
) G% P+ X& J# l可以看到破解 9位3开纯数字密码需要11秒。
# T* y! T) y" Y( ]6 E! U; |Input.Mode: Mask (?d?d?d?d?d?d?d?d?d?d)
+ c, B9 I5 ^, n: _Index…..: 0/1 (segment), 10000000000 (words), 0 (bytes)/ E1 I! E: r$ y1 B7 \1 ?  G
Recovered.: 2/3 hashes, 2/3 salts& k6 ^- }+ D+ Q- Q# ^
Speed/sec.: 12.70M plains, 12.70M words
+ E: ]* ^' u. QProgress..: 10000000000/10000000000 (100.00%)
& Z5 {9 Q. L, L  {3 D' N' F" C; zRunning…: 00:00:13:07
9 H. l2 y) o% J. fEstimated.: –:–:–:–$ [1 {6 }& `" g5 s+ v3 ]4 ~% u: k  [
而10个数字即需要13分钟,这样的速度如果有服务器是8核或更多,或者自己GPU强劲,会更加快,我测试只是用了一个入门级的CPU。
- ^% l' c5 b1 |8 d7 `3 J0 D1 `在这里可以下载到一些字典,不过国人对这些字典貌似无视。( t$ F. \( ]( C8 L( l4 U% c
http://blog.g0tmi1k.com/2011/06/dictionaries-wordlists.html



欢迎光临 中国网络渗透测试联盟 (https://cobjon.com/) Powered by Discuz! X3.2