中国网络渗透测试联盟

标题: 爆破、破解Disduz x 2.5 md5(md5(pass)$salt)密码加密 [打印本页]
作者: admin    时间: 2013-2-14 00:03
标题: 爆破、破解Disduz x 2.5 md5(md5(pass)$salt)密码加密
测试环境8 l3 ]  h- [4 b, |
OS 名称: Microsoft® Windows Server® 2008 Enterprise. T1 H2 D$ r" ~4 P; q
OS 版本: 6.0.6001 Service Pack 1 Build 6001" g& |6 e" f8 K6 h( }; M
OS 制造商: Microsoft Corporation/ L# r7 v" V7 X: |8 j
OS 配置: 独立服务器
8 N" ]' B" i+ [2 r! C6 q; |4 k0 dOS 构件类型: Multiprocessor Free
4 `' h% W' y3 T( R9 \) s注册的所有人: Windows 用户
3 F+ H7 W: u$ `+ Q2 V系统型号: PowerEdge R620
2 m" a9 J% }; ?" A/ H% N5 W  c系统类型: x64-based PC+ S2 ]; f0 j5 p# {8 M! t6 j
处理器: 安装了 1 个处理器。
) q1 P) P0 \1 E3 e* m: y+ ?[01]: Intel64 Family 6 Model 45 Stepping 7 GenuineIntel ~2400
. h/ Y5 ]9 _+ ^4 \8 [! t  Fcat md5.txt
$ {& O& d( P, C3fb78e9bc0b297e3de4e77531766c37a:f29f95 /* = md5中无法查询的。*/
) y) E% u) ^0 x7 G0 d865a697fb9b4bd9c6737432aaff136bd:22dc87 /* = 304892415 */9 w$ o4 W2 L) ^2 X/ N( ~" z
15b7a21513f24ffe97d9f9830acf51ad:07626c /* = 123456 */
3 u. M. p9 `% {) e4 W /* -a 使用穷举模式 -m HASH的类型是VB DISCUZ跟DV加密是一样,?d是代表数字 穷举10个数字 */ hashcat-cli64.exe -a 3 -m 2611 md5.txt ?d?d?d?d?d?d?d?d?d?d# ~- ]' Z: {9 g3 K+ {
Input.Mode: Mask (?d?d?d?d?d)
9 I8 {. Q  m7 ^; QIndex…..: 0/1 (segment), 100000 (words), 0 (bytes)" p/ Y; L2 P& [/ ^4 {( p
Recovered.: 0/3 hashes, 0/3 salts
# a* S2 L& F% m1 e: y' eSpeed/sec.: – plains, – words* I3 q0 e3 }# r% L/ {& }
Progress..: 100000/100000 (100.00%)
2 D& a% y# v' k  K) r  ]2 tRunning…: –:–:–:–2 P0 {" E4 l3 b1 N" u
Estimated.: –:–:–:–
0 r0 K$ O. D5 j7 `15b7a21513f24ffe97d9f9830acf51ad:07626c:123456
# x0 s2 F; f1 [6 k  y% `/ JInput.Mode: Mask (?d?d?d?d?d?d)
% X8 t; Z( y& }- hIndex…..: 0/1 (segment), 1000000 (words), 0 (bytes)& }* T" a0 j7 c; T
Recovered.: 1/3 hashes, 1/3 salts
5 }8 V+ |4 A9 jSpeed/sec.: 7.43M plains, 3.72M words
& e) S- J/ ^5 a3 l, _/ yProgress..: 1000000/1000000 (100.00%)% n# c8 o% {0 ]- s2 c6 F  a
Running…: 00:00:00:01- y' X5 \& n- J3 i: e
Estimated.: –:–:–:–: X/ J7 g( y0 J
Input.Mode: Mask (?d?d?d?d?d?d?d)
& T3 j- ?! _2 P) ^) z/ vIndex…..: 0/1 (segment), 10000000 (words), 0 (bytes)6 E, @, D  U. g% [+ ~6 `/ |
Recovered.: 1/3 hashes, 1/3 salts& J) a3 g3 J* j
Speed/sec.: 13.67M plains, 6.83M words* `1 `! g9 X, ]0 Y# ]- V, J) B7 }- f
Progress..: 10000000/10000000 (100.00%)/ Z  b1 y% V, e3 p3 n
Running…: 00:00:00:01+ X* L3 u; R% @' |" \+ f5 l
Estimated.: –:–:–:–
" l$ _. ^( m' I. g! |Input.Mode: Mask (?d?d?d?d?d?d?d?d)0 }' e5 r! G, W# Z) m
Index…..: 0/1 (segment), 100000000 (words), 0 (bytes); f1 G9 F5 l6 y, C
Recovered.: 1/3 hashes, 1/3 salts& X, w0 g8 P/ F4 N1 n5 t2 @$ ?. S2 _
Speed/sec.: 18.59M plains, 9.29M words
4 n1 D% i; t) Y7 A5 M* J4 yProgress..: 100000000/100000000 (100.00%)
" o/ I5 _. |' Z$ z. X  mRunning…: 00:00:00:11
; c% ~; I! e1 A& hEstimated.: –:–:–:–+ T* D$ V) c6 @8 i# K* ?- O: L& \
865a697fb9b4bd9c6737432aaff136bd:22dc87:304892415- z  A4 R2 B' {* t+ M1 l8 j7 ]6 ~
可以看到破解 9位3开纯数字密码需要11秒。, U: t% a6 ~* N/ O0 l
Input.Mode: Mask (?d?d?d?d?d?d?d?d?d?d)
; e, {# n/ C$ i, a0 _Index…..: 0/1 (segment), 10000000000 (words), 0 (bytes)# d4 I, z" ?1 ~  E8 P) h
Recovered.: 2/3 hashes, 2/3 salts
/ u' m$ i5 `; Z4 N* g9 h% kSpeed/sec.: 12.70M plains, 12.70M words+ E. C6 w/ W, e  B2 x7 t5 f$ r
Progress..: 10000000000/10000000000 (100.00%)
7 ]; X4 o# I9 R2 c! QRunning…: 00:00:13:07' u& x3 b, ]. s+ t0 a9 m
Estimated.: –:–:–:–
1 f+ Z4 H, r4 B* |" i* p而10个数字即需要13分钟,这样的速度如果有服务器是8核或更多,或者自己GPU强劲,会更加快,我测试只是用了一个入门级的CPU。# V6 K5 A# C4 T5 m
在这里可以下载到一些字典,不过国人对这些字典貌似无视。$ X2 S  G5 ~1 M+ s7 t
http://blog.g0tmi1k.com/2011/06/dictionaries-wordlists.html



欢迎光临 中国网络渗透测试联盟 (https://www.cobjon.com/) Powered by Discuz! X3.2