爆破、破解Disduz x 2.5 md5(md5(pass)$salt)密码加密

admin

测试环境
OS 名称: Microsoft® Windows Server® 2008 Enterprise
3 h! `7 L: D7 HOS 版本: 6.0.6001 Service Pack 1 Build 6001
OS 制造商: Microsoft Corporation
0 }  o- y6 A+ ~0 R- ]6 j5 c9 k. nOS 配置: 独立服务器
OS 构件类型: Multiprocessor Free
# H9 ]/ S; E+ g% f, x1 f注册的所有人: Windows 用户
8 o0 V( X7 y; b! A系统型号: PowerEdge R620
系统类型: x64-based PC
处理器: 安装了 1 个处理器。
[01]: Intel64 Family 6 Model 45 Stepping 7 GenuineIntel ~2400
cat md5.txt
3fb78e9bc0b297e3de4e77531766c37a:f29f95 /* = md5中无法查询的。*/
865a697fb9b4bd9c6737432aaff136bd:22dc87 /* = 304892415 */
15b7a21513f24ffe97d9f9830acf51ad:07626c /* = 123456 */
7 V8 \# {9 H' g1 u /* -a 使用穷举模式 -m HASH的类型是VB DISCUZ跟DV加密是一样，?d是代表数字 穷举10个数字 */ hashcat-cli64.exe -a 3 -m 2611 md5.txt ?d?d?d?d?d?d?d?d?d?d
Input.Mode: Mask (?d?d?d?d?d)
Index…..: 0/1 (segment), 100000 (words), 0 (bytes)
# l7 d/ ?3 R: y* w- G9 p0 H+ |Recovered.: 0/3 hashes, 0/3 salts
/ L& U0 Q9 `+ r1 N- l0 S8 E  a9 NSpeed/sec.: – plains, – words
4 g8 c% D# }3 C) V: M: e: H1 sProgress..: 100000/100000 (100.00%)
Running…: –:–:–:–
9 s$ v+ S7 B. v1 T8 xEstimated.: –:–:–:–
& f$ x6 T- ?, p& R2 ~0 ?& w' h15b7a21513f24ffe97d9f9830acf51ad:07626c:123456
4 B2 f7 C/ |$ Y6 O# k. i4 d! |( jInput.Mode: Mask (?d?d?d?d?d?d)
) x! s, y7 ~( DIndex…..: 0/1 (segment), 1000000 (words), 0 (bytes)
: ]9 \2 @% ]/ K9 B; hRecovered.: 1/3 hashes, 1/3 salts
Speed/sec.: 7.43M plains, 3.72M words
Progress..: 1000000/1000000 (100.00%)
% D( u& \4 g, bRunning…: 00:00:00:01
Estimated.: –:–:–:–
Input.Mode: Mask (?d?d?d?d?d?d?d)
Index…..: 0/1 (segment), 10000000 (words), 0 (bytes)
2 ?% p3 l1 s, H" ~$ R) x( w+ G, `Recovered.: 1/3 hashes, 1/3 salts
" l$ k2 z0 q/ dSpeed/sec.: 13.67M plains, 6.83M words
Progress..: 10000000/10000000 (100.00%)
* F" v7 M. p" DRunning…: 00:00:00:01
7 z9 E& b! I" {- _. j2 c* s8 d$ cEstimated.: –:–:–:–
4 j8 r! m" S( ~; fInput.Mode: Mask (?d?d?d?d?d?d?d?d)
Index…..: 0/1 (segment), 100000000 (words), 0 (bytes)
3 t! `' w" l7 X# Q  ORecovered.: 1/3 hashes, 1/3 salts
Speed/sec.: 18.59M plains, 9.29M words
3 P$ H/ K5 T, u1 M: fProgress..: 100000000/100000000 (100.00%)
1 S2 N! B6 P/ V# d7 tRunning…: 00:00:00:11
Estimated.: –:–:–:–
865a697fb9b4bd9c6737432aaff136bd:22dc87:304892415
可以看到破解 9位3开纯数字密码需要11秒。
Input.Mode: Mask (?d?d?d?d?d?d?d?d?d?d)
' O( o  \% X6 S) pIndex…..: 0/1 (segment), 10000000000 (words), 0 (bytes)
Recovered.: 2/3 hashes, 2/3 salts
Speed/sec.: 12.70M plains, 12.70M words
Progress..: 10000000000/10000000000 (100.00%)
Running…: 00:00:13:07
Estimated.: –:–:–:–
而10个数字即需要13分钟，这样的速度如果有服务器是8核或更多，或者自己GPU强劲，会更加快，我测试只是用了一个入门级的CPU。
' s# a, h9 ~( o( t7 U# g& x% b在这里可以下载到一些字典，不过国人对这些字典貌似无视。
http://blog.g0tmi1k.com/2011/06/dictionaries-wordlists.html