您的位置:首页 > 编程语言 > Python开发

Python---项目3-破解使用crypt方法加密(已加salt参数)的登录密码

2017-12-22 17:47 1101 查看
Python — 项目3-破解使用crypt方法加密(已加salt参数)的登录密码

1、环境部署、

root@kali:~/python/anquangongji# pwd
/root/python/anquangongji
root@kali:~/python/anquangongji# ls
checkfile.py      dictionary.txt   passwordunix.txt    scanmultports.py  vulnftpbanner.txt
crarkpassword.py  openfiletest.py  scanerftpbanner.py  vulnbanners.txt
root@kali:~/python/anquangongji#
root@kali:~/python/anquangongji# cat passwordunix.txt
root:HXEtlo/Qz.0mA
xwb:HXEtlo/Qz.0mA
test:XWW7IhbgLDjB2
xwb1:XWW7IhbgLDjB2
root@kali:~/python/anquangongji#
root@kali:~/python/anquangongji# cat dictionary.txt
123456
qwe123456
asd123456
root@kali:~/python/anquangongji#
root@kali:~/python/anquangongji#


passwordunix.txt文件的内容生成方式是:
Python 2.7.13 (default, Jan 19 2017, 14:48:08)
[GCC 6.3.0 20170118] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import crypt
>>> crypt.crypt("123456","HX")
'HXEtlo/Qz.0mA'
>>> crypt.crypt("123456","HX")
'HXEtlo/Qz.0mA'
>>> crypt.crypt("qwe123456","XW")
'XWW7IhbgLDjB2'


2、源码与运行情况

root@kali:~/python/anquangongji#
root@kali:~/python/anquangongji# cat crarkpassword.py
#!/usr/bin/python
# --*-- coding:utf-8 --*--

import crypt#导入加密模块

def testpasswd(cryptpasswd):
salt = cryptpasswd[0:2]#取出salt参数
#print salt

dictfile = open("dictionary.txt","r")
for word in dictfile.readlines():
word = word.strip("\n")#去除换行符
#print word
cryptword = crypt.crypt(word,salt)#使用crypt加密模块加密参数
#print cryptword
#print len(cryptword)
cryptpasswd1 = cryptpasswd.replace("\n","")#谨记!从系统文件中读取内容会自动加入一个"\n"换行字符
#print len(cryptpasswd1)
#print cryptpasswd1
if cryptword == cryptpasswd1:#字符长度相同,则进入
print '[+] : Found Pasword!!!,密码为:' + word + "\n"
return
print "[+] Password not found !! \n"
return

def main():
passfile = open("passwordunix.txt")
for line in passfile.readlines():
if ":" in line:
user = line.split(":")[0]#取出用户
#print user
cryptpasswd = line.split(":")[1].strip(' ')#取出登陆密码字段
#print cryptpasswd
print "[+] 破解密码中。。。。。。。" + user
testpasswd(cryptpasswd)

if __name__ == "__main__":
main()#前面必须是4个空格,否则无法运行

root@kali:~/python/anquangongji#


运行情况:

root@kali:~/python/anquangongji#
root@kali:~/python/anquangongji# python crarkpassword.py
[+] 破解密码中。。。。。。。root
[+] : Found Pasword!!!,密码为:123456

[+] 破解密码中。。。。。。。xwb
[+] : Found Pasword!!!,密码为:123456

[+] 破解密码中。。。。。。。test
[+] : Found Pasword!!!,密码为:qwe123456

[+] 破解密码中。。。。。。。xwb1
[+] : Found Pasword!!!,密码为:qwe123456

root@kali:~/python/anquangongji#


在现代的类Unix系统中在/etc/shadow文件中存储了口令的hash,但是更多的是使用SHA-512等更安全的hash算法,如:

root@kali:~/python/anquangongji# cat /etc/passwd | grep ^root
root:x:0:0:root:/root:/bin/bash
root@kali:~/python/anquangongji# cat /etc/shadow | grep ^root
root:$6$Md.vwnjH$r2Ir4r5W/hnwBcXWMjUybN2UYovcUBy27I7xY1Oi7i0UgqaF.ZJQTPRr0s7.8GMVAAqB8XXXlQX2H3nw0YtE01:16609:0:99999:7:::
root@kali:~/python/anquangongji#

在Python中的hashlib库可以找到SHA-512的函数,这样就可以进一步升级脚本进行口令破解。


参考:https://www.cnblogs.com/Genesis-007/p/5368760.html
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 点击这里给我发消息
标签:  python 破解 密码 crypt salt
相关文章推荐
新的分享
章节导航