中国网络渗透测试联盟

标题: 爆破、破解Disduz x 2.5 md5(md5(pass)$salt)密码加密 [打印本页]
作者: admin    时间: 2013-2-14 00:03
标题: 爆破、破解Disduz x 2.5 md5(md5(pass)$salt)密码加密
测试环境3 v4 M2 |. D8 x% w3 w; ~
OS 名称: Microsoft® Windows Server® 2008 Enterprise
7 J, l! m2 P6 L8 e: D7 |& AOS 版本: 6.0.6001 Service Pack 1 Build 6001
* e2 n' X7 t# H* J, pOS 制造商: Microsoft Corporation
9 j6 v. P, ~1 X% JOS 配置: 独立服务器
+ e: |: ^0 j. P8 M  kOS 构件类型: Multiprocessor Free
; h0 [/ a* N3 X7 o- g+ w' y注册的所有人: Windows 用户
) ?8 H* C0 O) Y+ B& y) G系统型号: PowerEdge R6206 C5 e8 h- d3 x& h! h4 e9 l; Y
系统类型: x64-based PC+ Q" k# [' D0 l, ^8 z: z
处理器: 安装了 1 个处理器。
. q. S* H& Q8 N[01]: Intel64 Family 6 Model 45 Stepping 7 GenuineIntel ~24008 H. E. I1 L2 M: _) D1 x% O
cat md5.txt
! u8 Z6 C. F7 ]/ ^( h# a3fb78e9bc0b297e3de4e77531766c37a:f29f95 /* = md5中无法查询的。*/' Y, g2 z1 b' H
865a697fb9b4bd9c6737432aaff136bd:22dc87 /* = 304892415 */' `2 v1 t" p/ q* u* j2 t
15b7a21513f24ffe97d9f9830acf51ad:07626c /* = 123456 */7 P0 R3 ^/ a2 s- K7 r  B, H
/* -a 使用穷举模式 -m HASH的类型是VB DISCUZ跟DV加密是一样,?d是代表数字 穷举10个数字 */ hashcat-cli64.exe -a 3 -m 2611 md5.txt ?d?d?d?d?d?d?d?d?d?d  Y! q  t  J' }7 H7 [% v; ~" \! X
Input.Mode: Mask (?d?d?d?d?d)
! r! i3 o8 |) H- D% uIndex…..: 0/1 (segment), 100000 (words), 0 (bytes)7 \: L. q/ Y  E1 ~+ j3 |
Recovered.: 0/3 hashes, 0/3 salts+ S& T3 x, C1 Z+ ^9 M$ l
Speed/sec.: – plains, – words
! a7 n: C0 C0 ]& t8 aProgress..: 100000/100000 (100.00%)
, y* w5 T5 j" w3 J2 l3 g& r7 m0 YRunning…: –:–:–:–! |$ Z! R% n; q9 u
Estimated.: –:–:–:–; ]% `$ e7 S. y& M" U! v. B; R
15b7a21513f24ffe97d9f9830acf51ad:07626c:123456: ?  M: X" R6 z0 Q" \, F
Input.Mode: Mask (?d?d?d?d?d?d)
  W2 j: X7 U! G. ]- S8 VIndex…..: 0/1 (segment), 1000000 (words), 0 (bytes)
2 @8 y. }0 j/ JRecovered.: 1/3 hashes, 1/3 salts7 M, g; B% O5 i: E$ o9 c* i4 R" j# F
Speed/sec.: 7.43M plains, 3.72M words
. n0 R! r, \. vProgress..: 1000000/1000000 (100.00%)
$ z4 ^' g6 m8 B6 qRunning…: 00:00:00:015 U; V! X3 I, x. h
Estimated.: –:–:–:–
, C' p! z, x0 \: [Input.Mode: Mask (?d?d?d?d?d?d?d)- w* R) s" G" `! O2 B( P
Index…..: 0/1 (segment), 10000000 (words), 0 (bytes); ]. y/ ^0 Q4 Q" T6 E' ~
Recovered.: 1/3 hashes, 1/3 salts
& x- Y; A5 K+ Q& t6 u7 r& l9 Y/ g5 QSpeed/sec.: 13.67M plains, 6.83M words
7 Q! I" t' }2 ^2 rProgress..: 10000000/10000000 (100.00%)* @4 V( y9 n( @, y: Q
Running…: 00:00:00:01' Q1 Y8 q. D  V5 f1 `& d. k4 [7 ~# l
Estimated.: –:–:–:–; `6 s! g5 @1 Z- n5 ^9 E4 L) |
Input.Mode: Mask (?d?d?d?d?d?d?d?d)
# D6 ^, }. X/ P2 }) LIndex…..: 0/1 (segment), 100000000 (words), 0 (bytes)
+ W, F1 x. u0 g, a8 S( M9 MRecovered.: 1/3 hashes, 1/3 salts2 q8 ]9 k  k( q' t
Speed/sec.: 18.59M plains, 9.29M words$ A  O5 Q* P2 J
Progress..: 100000000/100000000 (100.00%)* W6 W  i5 j2 @1 i$ m
Running…: 00:00:00:117 W8 c+ R+ G! ~9 |, y/ ]3 A' \
Estimated.: –:–:–:–" l5 S; w4 v/ [; c/ B& C
865a697fb9b4bd9c6737432aaff136bd:22dc87:304892415
; d0 I5 F+ b& H" {可以看到破解 9位3开纯数字密码需要11秒。# o' H! \" c, u, |
Input.Mode: Mask (?d?d?d?d?d?d?d?d?d?d)9 A* T( M8 D0 a) ]8 `. g3 q
Index…..: 0/1 (segment), 10000000000 (words), 0 (bytes)
) H( V, M7 `) I' `( `9 `* HRecovered.: 2/3 hashes, 2/3 salts/ r- a% j2 {4 n
Speed/sec.: 12.70M plains, 12.70M words
# {- u/ t3 a6 l, y+ \' H6 }Progress..: 10000000000/10000000000 (100.00%)4 y3 C  a8 |0 L  l' X
Running…: 00:00:13:07
& T0 A5 ^, k& j5 N+ ]Estimated.: –:–:–:–! Q+ G. ]) Y3 T% j
而10个数字即需要13分钟,这样的速度如果有服务器是8核或更多,或者自己GPU强劲,会更加快,我测试只是用了一个入门级的CPU。$ ^9 z3 U! L( c% U- {
在这里可以下载到一些字典,不过国人对这些字典貌似无视。" m  Z0 T2 d4 ^: m- _7 o* A. o
http://blog.g0tmi1k.com/2011/06/dictionaries-wordlists.html



欢迎光临 中国网络渗透测试联盟 (https://www.cobjon.com/) Powered by Discuz! X3.2