中国网络渗透测试联盟

标题: 爆破、破解Disduz x 2.5 md5(md5(pass)$salt)密码加密 [打印本页]

作者: admin    时间: 2013-2-14 00:03
标题: 爆破、破解Disduz x 2.5 md5(md5(pass)$salt)密码加密
测试环境
+ B" @4 A' r3 NOS 名称: Microsoft® Windows Server® 2008 Enterprise
6 V; K8 O9 x: U/ x- ~# HOS 版本: 6.0.6001 Service Pack 1 Build 60013 T  N; O8 ^* v5 `7 o+ l! J3 t" c6 t; @
OS 制造商: Microsoft Corporation' l4 X- V1 u3 i  B) j- E, f
OS 配置: 独立服务器
$ d% U3 T/ z' u% ^+ f* P( POS 构件类型: Multiprocessor Free
) ~: ?; b" f+ d9 |, T7 {注册的所有人: Windows 用户
. i2 i  Z/ O, ~' f& n系统型号: PowerEdge R620
* P; D! j. N; u& y8 ^+ e  l7 H8 g" E$ f0 ~系统类型: x64-based PC9 s! d0 ^7 j1 D9 ^& H2 C
处理器: 安装了 1 个处理器。
' V( ^- |- n- z2 @- O; J+ r[01]: Intel64 Family 6 Model 45 Stepping 7 GenuineIntel ~2400
# w( F. S3 Y- ?/ e% dcat md5.txt
+ P9 m4 |3 e& G# C1 v* \3fb78e9bc0b297e3de4e77531766c37a:f29f95 /* = md5中无法查询的。*/
% c0 u* `$ d" @' ^865a697fb9b4bd9c6737432aaff136bd:22dc87 /* = 304892415 */" E/ z$ A2 n. a( J
15b7a21513f24ffe97d9f9830acf51ad:07626c /* = 123456 */  X) O% S* E/ }  ^) Z3 G* s
/* -a 使用穷举模式 -m HASH的类型是VB DISCUZ跟DV加密是一样,?d是代表数字 穷举10个数字 */ hashcat-cli64.exe -a 3 -m 2611 md5.txt ?d?d?d?d?d?d?d?d?d?d
! I8 T% S2 ~  L* M7 WInput.Mode: Mask (?d?d?d?d?d)
4 w( ~; Z, o8 y* G7 h8 Y7 BIndex…..: 0/1 (segment), 100000 (words), 0 (bytes)
# R+ J( r- A  Q0 URecovered.: 0/3 hashes, 0/3 salts9 s3 G, t: b7 m/ d# s5 L
Speed/sec.: – plains, – words
& j2 U& m, d% uProgress..: 100000/100000 (100.00%)0 Z: m7 B/ @: L* a% i6 c0 _, o
Running…: –:–:–:–! I3 w1 T' S7 p/ N- ?! }- y
Estimated.: –:–:–:–# f- k6 ]4 S7 j
15b7a21513f24ffe97d9f9830acf51ad:07626c:123456
/ k8 F# R+ K: z3 r5 [7 b! ]% M* N, wInput.Mode: Mask (?d?d?d?d?d?d)( N0 e3 ]) f, a- A- d
Index…..: 0/1 (segment), 1000000 (words), 0 (bytes)0 C$ b( v3 p) o1 e% d
Recovered.: 1/3 hashes, 1/3 salts0 L* v' s  L2 y1 e) u# u
Speed/sec.: 7.43M plains, 3.72M words& g4 ^( R; X' _9 x
Progress..: 1000000/1000000 (100.00%)
; H' B. k, l0 URunning…: 00:00:00:01- M" M: `4 I: n9 O
Estimated.: –:–:–:–3 {/ G1 u2 }: _! M+ v& ]- b
Input.Mode: Mask (?d?d?d?d?d?d?d)8 d$ l- ]5 V0 n9 }' d% K
Index…..: 0/1 (segment), 10000000 (words), 0 (bytes)& k  Y! V2 B$ d
Recovered.: 1/3 hashes, 1/3 salts
9 K9 ?: y7 R" n# bSpeed/sec.: 13.67M plains, 6.83M words, J3 p/ h" T4 J. Z0 w+ c  |' t3 z
Progress..: 10000000/10000000 (100.00%)( k9 ~( [$ ^9 t( u" Z3 f  I
Running…: 00:00:00:01; y/ T* s" p& o6 i) M0 s+ ]
Estimated.: –:–:–:–* r+ _0 ~( i" m# _: z- ]; p3 I
Input.Mode: Mask (?d?d?d?d?d?d?d?d)
( A: v% F; o( W5 J3 P' c7 o( WIndex…..: 0/1 (segment), 100000000 (words), 0 (bytes)
0 t8 I3 K2 {0 w, g  v- e, j7 d5 ZRecovered.: 1/3 hashes, 1/3 salts
0 y3 R" X2 q4 G7 T& _5 sSpeed/sec.: 18.59M plains, 9.29M words
2 `5 ?8 x, `% s- u( cProgress..: 100000000/100000000 (100.00%)0 |2 `0 z3 ^- Z  b2 Q  z
Running…: 00:00:00:11
/ \- ?: L) _7 v- e1 m3 Y9 mEstimated.: –:–:–:–
, s3 a3 v' x( D4 K( [5 I865a697fb9b4bd9c6737432aaff136bd:22dc87:304892415
# n! p1 N6 I6 ~$ L  n7 Q3 s4 c可以看到破解 9位3开纯数字密码需要11秒。0 ~% m* g: ]3 A; x
Input.Mode: Mask (?d?d?d?d?d?d?d?d?d?d)+ ~7 i+ X* I6 P0 |7 j8 D
Index…..: 0/1 (segment), 10000000000 (words), 0 (bytes)" u. L2 g6 l7 a" o8 }: c) n
Recovered.: 2/3 hashes, 2/3 salts9 D6 Y3 u( B! E5 \" U  g
Speed/sec.: 12.70M plains, 12.70M words
' {' b9 K7 n  s, F2 j( IProgress..: 10000000000/10000000000 (100.00%)  R2 T3 g* @) S6 f4 b
Running…: 00:00:13:07
/ V& D5 ]: e" e$ s+ @4 Q1 wEstimated.: –:–:–:–* }+ z) W' ^. T- G( W$ q1 c
而10个数字即需要13分钟,这样的速度如果有服务器是8核或更多,或者自己GPU强劲,会更加快,我测试只是用了一个入门级的CPU。
! n: c# g( ?& y- {在这里可以下载到一些字典,不过国人对这些字典貌似无视。
# {! v2 N' }, V1 K' c6 |  o8 E& v, ahttp://blog.g0tmi1k.com/2011/06/dictionaries-wordlists.html




欢迎光临 中国网络渗透测试联盟 (https://www.cobjon.com/) Powered by Discuz! X3.2