找回密码
 立即注册
欢迎中测联盟老会员回家,1997年注册的域名
查看: 2243|回复: 0
打印 上一主题 下一主题

爆破、破解Disduz x 2.5 md5(md5(pass)$salt)密码加密

[复制链接]
跳转到指定楼层
楼主
发表于 2013-2-14 00:03:14 | 只看该作者 回帖奖励 |倒序浏览 |阅读模式
测试环境
- x4 E9 W: [7 qOS 名称: Microsoft® Windows Server® 2008 Enterprise
& x5 z3 g: b# P0 m  y) J6 p8 E" fOS 版本: 6.0.6001 Service Pack 1 Build 6001; B+ }0 T5 Y5 J) s
OS 制造商: Microsoft Corporation8 R8 C" r" b4 O& `5 r! s
OS 配置: 独立服务器" U9 k& T/ h8 C
OS 构件类型: Multiprocessor Free
: }) s! s% A3 A' K- b! X注册的所有人: Windows 用户
0 ]$ |% O% A0 T7 j5 {0 Y  S系统型号: PowerEdge R620
: r; ~3 u% P+ n  q0 d系统类型: x64-based PC
4 |! z7 J. D4 e  e) |4 C处理器: 安装了 1 个处理器。
( c2 O( a: h! z- T6 o[01]: Intel64 Family 6 Model 45 Stepping 7 GenuineIntel ~2400
- K' c. X- B0 \( |- i1 g, lcat md5.txt% u+ g% b; U; V1 d& h% ~3 o* r
3fb78e9bc0b297e3de4e77531766c37a:f29f95 /* = md5中无法查询的。*/5 H8 F( j/ F, E: A' X0 j  [
865a697fb9b4bd9c6737432aaff136bd:22dc87 /* = 304892415 */
" v6 x$ |) W( @% E+ C( u+ |5 t% {15b7a21513f24ffe97d9f9830acf51ad:07626c /* = 123456 */
8 h# J0 H6 d$ T$ ~6 Q* h1 Q/ a$ e /* -a 使用穷举模式 -m HASH的类型是VB DISCUZ跟DV加密是一样,?d是代表数字 穷举10个数字 */ hashcat-cli64.exe -a 3 -m 2611 md5.txt ?d?d?d?d?d?d?d?d?d?d
5 D. g! u  L, J( W. l2 B; XInput.Mode: Mask (?d?d?d?d?d)
* q0 S; R1 b: ]; BIndex…..: 0/1 (segment), 100000 (words), 0 (bytes)
* J! X# ]# H+ H) |$ s- pRecovered.: 0/3 hashes, 0/3 salts; X. C4 A  ~, J  F9 l
Speed/sec.: – plains, – words
- O! s! {6 C2 k* F, H. DProgress..: 100000/100000 (100.00%)$ L( D& e5 d2 m& z* z' l5 u
Running…: –:–:–:–: f4 g4 z" u% L# \
Estimated.: –:–:–:–
0 Z) ?$ U& F4 D5 E$ N15b7a21513f24ffe97d9f9830acf51ad:07626c:1234566 a% u9 N( [  }5 w( \
Input.Mode: Mask (?d?d?d?d?d?d)
) Y. G5 z$ [. _5 z- ^/ KIndex…..: 0/1 (segment), 1000000 (words), 0 (bytes)2 s, i6 j2 x. N  w# O8 W! E
Recovered.: 1/3 hashes, 1/3 salts
9 |" s1 k& t8 J/ lSpeed/sec.: 7.43M plains, 3.72M words3 f9 O5 [) u& ~
Progress..: 1000000/1000000 (100.00%)2 N, }3 e4 m% J# k% K" V/ S' O
Running…: 00:00:00:01
- C- C; F9 X! q. N) J& v% [Estimated.: –:–:–:–/ B0 z8 P8 m( C: }" K1 H: R
Input.Mode: Mask (?d?d?d?d?d?d?d)
" g5 q, {4 Q2 K& wIndex…..: 0/1 (segment), 10000000 (words), 0 (bytes)
; r# m! i! ?7 T2 C4 U; \Recovered.: 1/3 hashes, 1/3 salts
( ^! O' y+ J( ~, L2 b4 j+ S, USpeed/sec.: 13.67M plains, 6.83M words5 B" W/ j. r( o3 d/ d
Progress..: 10000000/10000000 (100.00%)
: ?3 w! \- \4 j/ [; h) q3 CRunning…: 00:00:00:019 t$ j) X, b/ q! E
Estimated.: –:–:–:–
  G8 l/ }: z9 Y7 F% b- p4 b- u$ b, LInput.Mode: Mask (?d?d?d?d?d?d?d?d)& V- m7 ~/ v3 l, `8 j; m, l
Index…..: 0/1 (segment), 100000000 (words), 0 (bytes)0 ^& [; F, W; M, Q. P0 j2 Q' i
Recovered.: 1/3 hashes, 1/3 salts, n+ b4 J! Z6 k4 {) |
Speed/sec.: 18.59M plains, 9.29M words  L! z) m+ n8 i. S8 Q/ j( [
Progress..: 100000000/100000000 (100.00%)) f* ~4 T1 c; H7 l5 H  |8 \
Running…: 00:00:00:11+ @) K' z0 E, I$ Y
Estimated.: –:–:–:–
+ L; _! D& Q" h/ z) o% b1 D865a697fb9b4bd9c6737432aaff136bd:22dc87:304892415
2 b4 x, U) Q0 K8 h2 o, L! L/ p可以看到破解 9位3开纯数字密码需要11秒。9 f, A. P% t' f+ N
Input.Mode: Mask (?d?d?d?d?d?d?d?d?d?d)! `) X8 U& N8 p
Index…..: 0/1 (segment), 10000000000 (words), 0 (bytes)
0 i  i6 u" d& d% i! C, F, }Recovered.: 2/3 hashes, 2/3 salts
: J% }1 p) E) X5 GSpeed/sec.: 12.70M plains, 12.70M words
) Z* e# z" L6 {( x& o6 MProgress..: 10000000000/10000000000 (100.00%); X7 u0 k" r) o* ]0 Z9 ]
Running…: 00:00:13:078 X) j8 v3 c2 e: i" x: @
Estimated.: –:–:–:–
% K: Q4 a4 c! |% Y# S7 Q而10个数字即需要13分钟,这样的速度如果有服务器是8核或更多,或者自己GPU强劲,会更加快,我测试只是用了一个入门级的CPU。
& }& W; m5 e6 p, c在这里可以下载到一些字典,不过国人对这些字典貌似无视。' B1 C) X0 E; {! E7 C( [
http://blog.g0tmi1k.com/2011/06/dictionaries-wordlists.html
回复

使用道具 举报

您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

快速回复 返回顶部 返回列表