[MTC3]Cracking SHA1-Hashed Passwords
题目地址:https://www.mysterytwisterc3.org/en/challenges/level-ii/cracking-sha1-hashed-passwords
解题关键:根据键盘上的按键分布,可以看出右边的数字键只有2486,很有可能是当做上下左右的功能,然后对剩余的按照每个按键出现1次进行暴力,发现能得出解。(刚开始学python,dfs都不知道怎么return,噗)
复杂度:$O({2^n}n!)$
由于需要在10s之内求解,而python遍历全部密钥空间需要15s,而根据遍历的姿势,我们只要选出使最外层的循环正确的字母,就可以缩短一半的时间,因此若求解时间不符合要求,将最外层的求解顺序变换一下即可。
1 #coding:utf-8 2 import re 3 from Crypto.Hash import SHA 4 import hashlib 5 import itertools 6 import datetime 7 starttime = datetime.datetime.now() 8 hash1="67ae1a64661ac8b4494666f58c4822408dd0a3e4" 9 str1="QqWw%58(=0Ii*+nN" 10 str2=[['Q', 'q'],[ 'W', 'w'],[ '%', '5'], ['8', '('],[ '=', '0'], ['I', 'i'], ['*', '+'], ['n', 'N']] 11 def sha_encrypt(str): 12 sha = hashlib.sha1(str) 13 encrypts = sha.hexdigest() 14 return encrypts 15 st3="0"*8 16 str4="" 17 str3=list(st3) 18 for a in range(0,2): 19 str3[0]=str2[0][a] 20 for b in range(0,2): 21 str3[1]=str2[1][b] 22 for c in range(0,2): 23 str3[2]=str2[2][c] 24 for d in range(0,2): 25 str3[3] = str2[3][d] 26 for e in range(0,2): 27 str3[4] = str2[4][e] 28 for f in range(0,2): 29 str3[5] = str2[5][f] 30 for g in range(0,2): 31 str3[6] = str2[6][g] 32 for h in range(0,2): 33 str3[7] = str2[7][h] 34 newS="".join(str3) 35 for i in itertools.permutations(newS, 8): 36 str4 = sha_encrypt("".join(i)) 37 if str4==hash1: 38 print "".join(i) 39 endtime = datetime.datetime.now() 40 print (endtime - starttime).seconds 41 exit(0)
转载于:https://www.cnblogs.com/elpsycongroo/p/7669786.html
[MTC3]Cracking SHA1-Hashed Passwords相关推荐
- Unit 2: Password Cracking 2.1 Password Cracking Brute Force Attacks
>> In a future unit, we'll learn how attackers can get possession of a database containing has ...
- Unit 2: Password Cracking 2.1 Password Cracking Introduction to Password Cracking
>> A past IBM cybersecurity intelligence index report concluded that 95% of security breaches ...
- BlackArch-Tools
BlackArch-Tools 简介安装在ArchLinux之上添加存储库从blackarch存储库安装工具替代安装方法BlackArch Linux Complete Tools List 简介 B ...
- 现代密码学(Cryptography)经典习题及解法(一)
习题一:Many Time Pad 题目链接:https://www.coursera.org/learn/crypto/home/week/1 Question: Let us see what g ...
- CentOS6安装redmine
Author: Jin Date: 20140827 System: CentOS release 6.5 (Final) 参考: http://www.redmine.org/projects/re ...
- 盐噪声和胡椒噪声的区别_为什么加一点盐对您的密码很有用(但不包括胡椒粉!)
盐噪声和胡椒噪声的区别 A brief note - this article is about the theory of how to crack hashed passwords. Unders ...
- 【密码学】密码学实验报告
密码学实验报告 第一次实验 任务1:破解一个Many Time Pad加密 思路:可以看注释~ (运行结果也一并放到代码里了,Shell部分就是) __reference = 'https://git ...
- Foms验证基于角色(英文)
原文 Introduction Forms Authentication in ASP.NET can be a powerful feature. With very little code and ...
- 密码学大作业总结博客
密码学大作业总结 一.9.30 Question1 Many Time Pad(Coursera Week 1 Program Assignment) Question2 PA1 option Que ...
最新文章
- java参数传递:值传递还是引用传递
- android SDK manager 无法获取更新版本列表
- 【数据结构与算法】之深入解析“LFU缓存”的求解思路与算法示例
- laravel 数据库获取值的常用方法
- rabbitmq学习:
- Linux more命令、Linux rhmask命令
- P5169 xtq的异或和(FWT+线性基)
- 浅谈前端响应式设计(二)
- 【Python】闭包Closure
- 敏捷开发总结(2)开发过程活动
- VulnHub-noob打靶记录
- 工程经济—技术方案现金流量表的编制
- php设计模式 参考地址
- 新东方 词根词缀 excel_词根词缀记忆英语单词,高效,不易遗忘
- SpringSocial 开发 QQ 登录
- 作为成员的结构体(作为结构体的成员的结构体)
- 用docker部署go简单应用
- (转)高并发高流量网站架构详解
- linux管道命令sudo,Linux命令echo 与 sudo配合使用
- 信息安全文件上传漏洞upload-labs第21关详解