中国网络渗透测试联盟

标题: 爆破、破解Disduz x 2.5 md5(md5(pass)$salt)密码加密 [打印本页]
作者: admin    时间: 2013-2-14 00:03
标题: 爆破、破解Disduz x 2.5 md5(md5(pass)$salt)密码加密
测试环境
' R- U9 }  z# T- Z& d  f: xOS 名称: Microsoft® Windows Server® 2008 Enterprise1 c1 f' o( d. }4 o6 e. v
OS 版本: 6.0.6001 Service Pack 1 Build 6001
/ r/ H  L6 v  A* Q$ S! ZOS 制造商: Microsoft Corporation. S( i) l4 y* N2 E0 Z4 w
OS 配置: 独立服务器
  `) {3 F3 i) a% m3 _' N4 q+ JOS 构件类型: Multiprocessor Free$ _8 d% _& m8 G* a, b# F2 A
注册的所有人: Windows 用户
0 f9 V' o; X( L+ y5 k3 `系统型号: PowerEdge R620
+ w5 h; [6 [& x; s系统类型: x64-based PC
' G* L/ ^8 h% [8 b2 @" w, p处理器: 安装了 1 个处理器。
, D7 [5 c1 L% j) n[01]: Intel64 Family 6 Model 45 Stepping 7 GenuineIntel ~2400
6 h) o! p$ X: I6 {3 lcat md5.txt
( P& N9 k" Z; r. z+ @* @$ p7 K! e! Y3fb78e9bc0b297e3de4e77531766c37a:f29f95 /* = md5中无法查询的。*/0 D( [$ D$ R/ m- }5 X
865a697fb9b4bd9c6737432aaff136bd:22dc87 /* = 304892415 */
' @# c) K6 q' l- C9 c; \- N15b7a21513f24ffe97d9f9830acf51ad:07626c /* = 123456 */
$ B* e) n0 }# [  A) u /* -a 使用穷举模式 -m HASH的类型是VB DISCUZ跟DV加密是一样,?d是代表数字 穷举10个数字 */ hashcat-cli64.exe -a 3 -m 2611 md5.txt ?d?d?d?d?d?d?d?d?d?d
, H; R2 [% |& O7 DInput.Mode: Mask (?d?d?d?d?d)
3 Y) M1 ^; a3 rIndex…..: 0/1 (segment), 100000 (words), 0 (bytes)
! c' W( G. T2 r4 `. {3 w: k/ F# k* wRecovered.: 0/3 hashes, 0/3 salts: ?/ F. v8 y' C: x( R/ G
Speed/sec.: – plains, – words# Y% {+ y; j4 L
Progress..: 100000/100000 (100.00%)
" e2 }& r  x2 P- U7 e; }7 V6 e* }Running…: –:–:–:–
7 [: @; e( d" f& {) |* d" R, C8 o. U4 XEstimated.: –:–:–:–
7 l" o& ^. n9 \9 [0 q15b7a21513f24ffe97d9f9830acf51ad:07626c:1234566 s6 H; ?" A& @9 z/ A8 V" ?% p& K
Input.Mode: Mask (?d?d?d?d?d?d)6 G7 O& g) O  S# Z) C$ ?
Index…..: 0/1 (segment), 1000000 (words), 0 (bytes)
" c9 m1 M: ]2 lRecovered.: 1/3 hashes, 1/3 salts" o3 y: G' O8 V" f' O; O% q
Speed/sec.: 7.43M plains, 3.72M words) `% M" `5 [0 H/ ^- z9 ^. |
Progress..: 1000000/1000000 (100.00%)
6 g6 d$ F3 Y+ D; ARunning…: 00:00:00:01
6 H! B6 E: N! o3 d! v. _. uEstimated.: –:–:–:–$ t/ @; s: P' I: D
Input.Mode: Mask (?d?d?d?d?d?d?d)
( U8 z7 q' J/ jIndex…..: 0/1 (segment), 10000000 (words), 0 (bytes)2 r! s6 k. p( ~: D7 z) Z
Recovered.: 1/3 hashes, 1/3 salts+ D! f6 V: ^7 e
Speed/sec.: 13.67M plains, 6.83M words& V- y, v/ @7 V
Progress..: 10000000/10000000 (100.00%)
( t& y$ Q6 R: Q5 @7 n8 M9 N8 |Running…: 00:00:00:01* ?) g% F3 _8 V% q
Estimated.: –:–:–:–8 f2 E$ B* D$ h
Input.Mode: Mask (?d?d?d?d?d?d?d?d)& E5 Z, K9 K  w4 r  l; [8 h
Index…..: 0/1 (segment), 100000000 (words), 0 (bytes)
( D; c" A5 f7 I6 BRecovered.: 1/3 hashes, 1/3 salts
+ g, u7 }* _1 Q$ b  p' w( e) ?Speed/sec.: 18.59M plains, 9.29M words
3 `. m/ {) ^# Z) H/ HProgress..: 100000000/100000000 (100.00%): T9 o0 ~* Y, z
Running…: 00:00:00:11# y9 I" P' F; W+ T# {1 C
Estimated.: –:–:–:–8 H4 g) e, ~7 N3 D- E
865a697fb9b4bd9c6737432aaff136bd:22dc87:304892415' S' u% a- s" l  t
可以看到破解 9位3开纯数字密码需要11秒。5 b& |+ b1 r& D2 a7 J- ^
Input.Mode: Mask (?d?d?d?d?d?d?d?d?d?d)
+ d7 X6 p3 m) O0 N1 Y- T8 [! XIndex…..: 0/1 (segment), 10000000000 (words), 0 (bytes)
! n7 o) q7 a# R, q4 f& z$ R5 iRecovered.: 2/3 hashes, 2/3 salts( E9 O' o0 e. X, v2 F/ L
Speed/sec.: 12.70M plains, 12.70M words
6 S' B, ?% w, u# ZProgress..: 10000000000/10000000000 (100.00%)
# w, V. a8 U" M4 IRunning…: 00:00:13:07
, ^' Q. x' v/ Y- l5 WEstimated.: –:–:–:–- V  J% G- Y, d- i. C  r: d
而10个数字即需要13分钟,这样的速度如果有服务器是8核或更多,或者自己GPU强劲,会更加快,我测试只是用了一个入门级的CPU。- u& n( o7 f2 ^+ T/ u; j' m% @& b
在这里可以下载到一些字典,不过国人对这些字典貌似无视。
! q% v5 T1 R; D* b, Z5 Dhttp://blog.g0tmi1k.com/2011/06/dictionaries-wordlists.html



欢迎光临 中国网络渗透测试联盟 (https://www.cobjon.com/) Powered by Discuz! X3.2