使用python和hashlib对unix/etc/shadow密码进行字典攻击?
可以这样做吗?我的测试似乎不起作用。我的明文密码是dictionary.txt,password.txt是/etc/shadow文件格式的密码。-我获取密码并使用hash.sha512(salt+plaintextpassword)对其进行散列。 然后将该散列与“cat/etc/shadow | grep user”的密码部分进行比较使用python和hashlib对unix/etc/shadow密码进行字典攻击?,python,unix,crypt,sha512,hashlib,Python,Unix,Crypt,Sha512,Hashlib,可以这样做吗?我的测试似乎不起作用。我的明文密码是dictionary.txt,password.txt是/etc/shadow文件格式的密码。-我获取密码并使用hash.sha512(salt+plaintextpassword)对其进行散列。 然后将该散列与“cat/etc/shadow | grep user”的密码部分进行比较 import hashlib import sys def checkpass(passwd): try: semi_c = ':'
import hashlib
import sys
def checkpass(passwd):
try:
semi_c = ':'
d_sign = '$'
pwdlist = passwd.split("$")
salt = '$'+pwdlist[1]+'$'+pwdlist[2]+'$'
print 'Salt is : ' + salt
cryptPas = passwd.split(d_sign, 3)[3]
cryptPass = cryptPas.split(semi_c)[0]
print cryptPass
dictFile = open('dictionary.txt', 'r')
for word in dictFile.readlines():
word = word.strip('\n')
print 'Comparing to pass in list : ' + word + ' to ' + passwd + ' ---- '
cryptWord = hashlib.sha512(salt + word).hexdigest()
print 'Reproduced Hash : ' + cryptWord
if (cryptWord == cryptPass):
print '[+] Found Password : ' + word + '\n'
return cryptWord
else:
print '[-] Password not found.\n'
return cryptWord
except Exception, e:
print e
return
def main():
try:
passfile = open('password.txt')
passwd = passfile.readline()
semi_c = ':'
#print passwd
if semi_c in passwd:
user = passwd.split(semi_c)[0]
print '[*] Cracking Password for : ' + user
checkpass(passwd)
except Exception, e:
print e
return
if __name__ == '__main__':
main()
我不知道Python的hashlib,但请注意crypt()不仅是DES、MD5,而且只基于DES和MD5。例如,它使用了几轮。应该有一个Python加密模块