中国网络渗透测试联盟

标题: 爆破、破解Disduz x 2.5 md5(md5(pass)$salt)密码加密 [打印本页]
作者: admin    时间: 2013-2-14 00:03
标题: 爆破、破解Disduz x 2.5 md5(md5(pass)$salt)密码加密
测试环境# m0 [+ w$ N# H- p- y
OS 名称: Microsoft® Windows Server® 2008 Enterprise" Q+ d! @# E) R
OS 版本: 6.0.6001 Service Pack 1 Build 6001
% V$ e, d  @6 B/ L& ^% OOS 制造商: Microsoft Corporation
8 G3 n3 j) ?: B. _5 c5 A1 ~8 JOS 配置: 独立服务器
& e1 k9 |7 E1 l3 D+ qOS 构件类型: Multiprocessor Free
, Q7 R8 @6 u. P9 e' K5 L  }  R8 |注册的所有人: Windows 用户
; e9 i6 y0 W7 d- {系统型号: PowerEdge R620# q5 U6 L+ g: ]4 R1 V5 I
系统类型: x64-based PC2 h1 ?) t5 C" d$ b; k( V* a$ v
处理器: 安装了 1 个处理器。( w& I- U# h3 t) u$ {8 i4 `
[01]: Intel64 Family 6 Model 45 Stepping 7 GenuineIntel ~2400
/ O( [8 \- n1 ?' ^5 _# |cat md5.txt! j/ b& I# ~+ x. R1 A5 h8 E
3fb78e9bc0b297e3de4e77531766c37a:f29f95 /* = md5中无法查询的。*/
3 v' u' Q# [" u7 {1 {865a697fb9b4bd9c6737432aaff136bd:22dc87 /* = 304892415 */
; N& S8 ?* c4 ]5 Z1 w. t1 W+ v0 ~/ g15b7a21513f24ffe97d9f9830acf51ad:07626c /* = 123456 */6 o' k& i# }  G) {3 m& X4 G3 Y( n
/* -a 使用穷举模式 -m HASH的类型是VB DISCUZ跟DV加密是一样,?d是代表数字 穷举10个数字 */ hashcat-cli64.exe -a 3 -m 2611 md5.txt ?d?d?d?d?d?d?d?d?d?d
8 p. Z" H8 f- z: |* YInput.Mode: Mask (?d?d?d?d?d)
& S, m1 _3 Z8 C8 p& P  \Index…..: 0/1 (segment), 100000 (words), 0 (bytes)6 R" K, r' ~$ s
Recovered.: 0/3 hashes, 0/3 salts4 E! Y1 ]; l5 d* B7 }0 ?* M- J" D( {
Speed/sec.: – plains, – words
/ s: E6 W0 @1 zProgress..: 100000/100000 (100.00%)
* m6 s+ O. d, QRunning…: –:–:–:–% X! K8 L/ F$ ^2 T* D
Estimated.: –:–:–:–
" I; ~; W+ h3 B# c/ `  }+ X15b7a21513f24ffe97d9f9830acf51ad:07626c:123456- g: C* K, u' q2 I% w; \3 f1 L
Input.Mode: Mask (?d?d?d?d?d?d)
4 K8 c7 I6 Q0 h+ P  G4 lIndex…..: 0/1 (segment), 1000000 (words), 0 (bytes). y  ^* m6 u9 P0 C0 B8 [
Recovered.: 1/3 hashes, 1/3 salts
3 r4 B2 D/ ~$ V) OSpeed/sec.: 7.43M plains, 3.72M words
2 R' ^6 e: U+ Q) g/ P7 l# GProgress..: 1000000/1000000 (100.00%): Y+ x0 t: S2 g0 i/ Z
Running…: 00:00:00:01
! y4 ~- d; H+ ]! P, ^) X3 TEstimated.: –:–:–:–. A% ~/ o2 L) m9 V
Input.Mode: Mask (?d?d?d?d?d?d?d), O7 H9 x- W8 B# r
Index…..: 0/1 (segment), 10000000 (words), 0 (bytes)
# |! y' S5 Z3 Y$ `4 M/ ^1 I; Z2 i+ |Recovered.: 1/3 hashes, 1/3 salts: G1 I8 M; `. J0 B
Speed/sec.: 13.67M plains, 6.83M words* C, V/ P; E; z; ]9 n
Progress..: 10000000/10000000 (100.00%)
- r0 a# N8 C$ c" @3 P# `& pRunning…: 00:00:00:01% `# _  B7 X7 D, ^1 E: Y( q
Estimated.: –:–:–:–
2 q4 k" M& ?  A' lInput.Mode: Mask (?d?d?d?d?d?d?d?d)
% U" [$ a" K4 z5 G8 S, v9 AIndex…..: 0/1 (segment), 100000000 (words), 0 (bytes)
. }% c9 H. ?2 J! v8 b4 n* i4 FRecovered.: 1/3 hashes, 1/3 salts' @: ?1 v# p1 ]
Speed/sec.: 18.59M plains, 9.29M words
- ]: X0 c, V9 H) J7 P9 B: lProgress..: 100000000/100000000 (100.00%)# X6 \( x0 m; F
Running…: 00:00:00:113 _+ r+ S3 U1 o  ?4 }  G+ h, x0 m4 d
Estimated.: –:–:–:–
9 ~' u: U% Q; y865a697fb9b4bd9c6737432aaff136bd:22dc87:3048924154 B- Z5 B4 V+ o1 j* {$ k
可以看到破解 9位3开纯数字密码需要11秒。
, }; H+ O; J! t. z, i/ G3 ?" pInput.Mode: Mask (?d?d?d?d?d?d?d?d?d?d)
0 D% q1 J& w$ v- G5 g) r5 mIndex…..: 0/1 (segment), 10000000000 (words), 0 (bytes)
. `$ I8 ]# o4 t1 w$ n3 FRecovered.: 2/3 hashes, 2/3 salts- g  @8 ]- S4 |0 h
Speed/sec.: 12.70M plains, 12.70M words
/ R2 s" t4 H' j% OProgress..: 10000000000/10000000000 (100.00%)  y: H1 t7 {' O! V" y- J# m
Running…: 00:00:13:07* v7 F% O4 I6 }
Estimated.: –:–:–:–
$ A5 N1 d( Y# o( _而10个数字即需要13分钟,这样的速度如果有服务器是8核或更多,或者自己GPU强劲,会更加快,我测试只是用了一个入门级的CPU。
4 ~% h) H  B+ n在这里可以下载到一些字典,不过国人对这些字典貌似无视。& }, \+ T9 C9 S+ ~) W
http://blog.g0tmi1k.com/2011/06/dictionaries-wordlists.html



欢迎光临 中国网络渗透测试联盟 (https://www.cobjon.com/) Powered by Discuz! X3.2