Discuz/PHPBB/phpcmsv9等破解脚本
程序员文章站
2022-04-02 10:19:32
对于md5(md5(pass).slat)这样的加密,破解的难度大大增加,前面发了几篇后台的绕过,都需要session有效的情况下才行。
网上找了下 有人写了这类的脚本,但是是p...
对于md5(md5(pass).slat)这样的加密,破解的难度大大增加,前面发了几篇后台的绕过,都需要session有效的情况下才行。
网上找了下 有人写了这类的脚本,但是是php版本的,速度不行,自己写了一个多线程的破解脚本。
#!/usr/bin/env python # -*- coding: cp936 -*- #code by 花开、若相惜 #Pax.Mac Team import hashlib import Queue from threading import Thread import sys import time class End(): def __init__(self): self.end = False def Finish(self): self.end = True def GetEnd(self): return self.end class Connection(Thread): def __init__(self,queue,TheEnd): Thread.__init__(self) self.queue = queue self.TheEnd = TheEnd def run(self): while (not self.TheEnd.GetEnd()) and (not self.queue.empty()): pwd = self.queue.get() if exploit(pwd)==1: print pwd self.TheEnd.Finish() def exploit(password): encrypt="paxmac"; passmd5="232997126b4cbc244997d7c11136d469"; hashmd5=hashlib.md5((hashlib.md5(password).hexdigest()+encrypt)).hexdigest() if hashmd5==passmd5: res=1 else: res=0 return res def main(): queue=Queue.Queue() TheEnd = End() pwd_count = len(open('password.txt','rU').readlines()) print '你的密码条数:%d'%(pwd_count) pwds = [line.rstrip() for line in open("password.txt")] for pwd in pwds: queue.put(pwd) initsize = queue.qsize() tested = 0 threads = 1 #修改线程处 for i in range(0,int(threads)): Connection(queue,TheEnd).start() while (not TheEnd.GetEnd()) and (not queue.empty()): time.sleep(2) actsize = queue.qsize() speed = (initsize - tested - actsize) / 2 tested = initsize - actsize print 'use %i password | Remaining %i password | Speed %i/sec' %(tested,actsize,speed) if __name__ == '__main__': main()
大概8.8W/S左右的破解速度,实在不行的情况下可以试试。
crackhash_1