黑客如何破解密码?Hashcat?Hydra?Medusa?John?
作者:FancyPig | 发布时间: | 更新时间:
相关阅读
data-postsbox="{"id":14551,"title":"如何使用hashcat破解zip压缩包密码?","author":"FancyPig","author_id":1,"cover_image":"","cover_video":"","views":9715,"comment_count":12,"category":"knowledge","is_forum_post":false}">{"id":14551,"title":"如何使用hashcat破解zip压缩包密码?","author":"FancyPig","author_id":1,"cover_image":"","cover_video":"","views":9715,"comment_count":12,"category":"knowledge","is_forum_post":false}
data-postsbox="{"id":6374,"title":"如何使用hashcat破解office文档密码?","author":"FancyPig","author_id":1,"cover_image":"","cover_video":"","views":4404,"comment_count":2,"category":"knowledge","is_forum_post":false}">{"id":6374,"title":"如何使用hashcat破解office文档密码?","author":"FancyPig","author_id":1,"cover_image":"","cover_video":"","views":4404,"comment_count":2,"category":"knowledge","is_forum_post":false}
data-postsbox="{"id":5494,"title":"【视频教程】如何高效、优雅地破解密码?hydra、Hashcat你值得拥有!","author":"FancyPig","author_id":1,"cover_image":"https://static.pigsec.cn/wp-content/uploads/2021/12/20211218022439993.png","cover_video":"","views":5287,"comment_count":167,"category":"cybersecurity","is_forum_post":false}">{"id":5494,"title":"【视频教程】如何高效、优雅地破解密码?hydra、Hashcat你值得拥有!","author":"FancyPig","author_id":1,"cover_image":"https://static.pigsec.cn/wp-content/uploads/2021/12/20211218022439993.png","cover_video":"","views":5287,"comment_count":167,"category":"cybersecurity","is_forum_post":false}
视频讲解
图文讲解
hashcat
- -m后面跟hash类型
- hash.txt里存要破解的hash
- rockyou.txt是kali linux中自带的字典
hashcat -m 0 hash.txt /usr/share/wordlist/rockyou.txt
然后静等密码破解出来
hashcat我们之前的文章里有详细讲解,您可以阅读下文
data-postsbox="{"id":5494,"title":"【视频教程】如何高效、优雅地破解密码?hydra、Hashcat你值得拥有!","author":"FancyPig","author_id":1,"cover_image":"https://static.pigsec.cn/wp-content/uploads/2021/12/20211218022439993.png","cover_video":"","views":5287,"comment_count":167,"category":"cybersecurity","is_forum_post":false}">{"id":5494,"title":"【视频教程】如何高效、优雅地破解密码?hydra、Hashcat你值得拥有!","author":"FancyPig","author_id":1,"cover_image":"https://static.pigsec.cn/wp-content/uploads/2021/12/20211218022439993.png","cover_video":"","views":5287,"comment_count":167,"category":"cybersecurity","is_forum_post":false}
hydra
我们这里尝试对网页登录的账户、密码进行破解,使用hydra
我们先通过burpsuite抓包,看下请求,并Send to Repeater
然后我们输入密码,查看响应,如果密码错误会显示Invalid,那么如果响应里没有Invalid则可以初步判断,密码可能正确
因此我们的hydra命令这么写
-l代表输入的^USER^值,可以是字典,我们这里指定是admin-P代表输入的^PASS^值,这里选择rockyou.txt字典10.10.10.43是目标服务器的IPhttp-post-form为请求方法POST- 引号中的部分,URL:Payload:Response URL为请求的url地址,Payload为请求体的内容,可以将请求体中的用户名和密码使用^USER^、^PASS^字段替换,Response则是响应体里的内容
hydra -l admin -P /usr/share/wordlists/rockyou.txt 10.10.10.43 http-post-form "/department/login.php:username=^USER^password=^PASS^:Invalid" -t 64
这里可以看到密码已经成功破解了
当然您还可以使用其破解ssh、mysql或者其他协议的账户密码
mesuda
这里我们还可以使用mesuda破解ssh密码,视频中给出了相应的命令
medusa -h 10.10.10.171 -U user.txt -P passwords.txt -M ssh 10.10.10.171
john
john实战中用的不是非常多,但当你遇到了不清楚hash类型时,可以尝试用john,将要破解的存入hash.txt文件中
然后输入下面的命令
john hash.txt