欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页

使用john进行密码**

程序员文章站 2022-07-09 22:58:52
...

0.前言

这篇文章中会讲解john工具的简单应用,以及介绍unshadow、unique工具。

1.unshadow

unshadow命令基本上会结合/etc/passwd的数据和/etc/shadow的数据,创建1个含有用户名和密码详细信息的文件。

示范:

[email protected]:unshadow /etc/passwd /etc/shadow > shadow

生成了一个名为shadow的密码文件。

2.unique

unique工具可以从一个密码字典中去除重复行,为我们使用密码字典进行**提供了很大的便利。

用法:

[email protected]:~# unique
Usage: unique [-v] [-inp=fname] [-cut=len] [-mem=num] OUTPUT-FILE [-ex_file=FNAME2] [-ex_file_only=FNAME2]

       reads from stdin 'normally', but can be overridden by optional -inp=
       If -ex_file=XX is used, then data from file XX is also used to
       unique the data, but nothing is ever written to XX. Thus, any data in
       XX, will NOT output into OUTPUT-FILE (for making iterative dictionaries)
       -ex_file_only=XX assumes the file is 'unique', and only checks against XX
       -cut=len  Will trim each input lines to 'len' bytes long, prior to running
       the unique algorithm. The 'trimming' is done on any -ex_file[_only] file
       -mem=num.  A number that overrides the UNIQUE_HASH_LOG value from within
       params.h.  The default is 21.  This can be raised, up to 25 (memory usage
       doubles each number).  If you go TOO large, unique will swap and thrash and
       work VERY slow

       -v is for 'verbose' mode, outputs line counts during the run

示例:

[email protected]:~# unique -v -inp=allwords.txt uniques.txt
Total lines read 6089 Unique lines written 5083

3.john

john the ripper是一款本地密码**工具,可以从我们上面生成的shadow文件(密码散列)中**出密码。**时间取决于密码的复杂程度以及**模式。

用法:john工具官方文档

示例:

(1)使用密码字典进行**

在这里,我们使用john自带的密码字典,位置为/usr/share/john/password.lst。

[email protected]:~# john --wordlist=/usr/share/john/password.lst --rules shadow 
Warning: detected hash type "sha512crypt", but the string is also recognized as "crypt"
Use the "--format=crypt" option to force loading these as that type instead
Loaded 1 password hash (sha512crypt [64/64])
123456             (root)
guesses: 1  time: 0:00:00:07 DONE (Mon May 19 08:13:05 2014)  c/s: 482  trying: 1701d - andrew
Use the "--show" option to display all of the cracked passwords reliably

可以看到,在第五行中已经**出来了密码为123456。

(2)不指定字典直接**

[email protected]:~# john shadow
Warning: detected hash type "sha512crypt", but the string is also recognized as "crypt"
Use the "--format=crypt" option to force loading these as that type instead
Loaded 1 password hash (sha512crypt [64/64])
123456             (root)
guesses: 1  time: 0:00:00:07 DONE (Mon May 19 08:13:05 2014)  c/s: 482  trying: 1701d - andrew
Use the "--show" option to display all of the cracked passwords reliably

john中还包含多种**模式,这里不再举例,有兴趣的话可以自行查询上方给出的官方文档。

4.注意事项

john工具对于同一个shadow文件只会进行一次**,如果第二次执行john shadow是不会得到结果的,只会得到如下输出。

[email protected]:~# john shadow 
Warning: detected hash type "sha512crypt", but the string is also recognized as "crypt"
Use the "--format=crypt" option to force loading these as that type instead
Using default input encoding: UTF-8
Loaded 1 password hash (sha512crypt, crypt(3) $6$ [SHA512 128/128 AVX 2x])
No password hashes left to ***** (see FAQ)

如果想查看上一次**的结果,可以使用以下命令。

[email protected]:~# john --show shadow 
root:123456:0:0:root:/root:/bin/bash

1 password hash cracked, 0 left
相关标签: 密码

上一篇: C++ namespae

下一篇: C中兼容C++操作

推荐阅读