Kali linux下使用john破解zip密码
Step1
提取压缩包的hash文件
┌──(kali㉿kali)-[~/Pictures/output_Wed_May__4_21_45_49_2022/zip/111]
└─$ zip2john passwd.zip >>passwd2.txt
ver 2.0 passwd.zip/passwd.txt PKZIP Encr: TS_chk, cmplen=33, decmplen=22, crc=8B1D0A37 ts=505B cs=505b type=8
step2
使用hash文件破解弱口令,密码太长,太复杂的就难破解了
┌──(kali㉿kali)-[~/Pictures/output_Wed_May__4_21_45_49_2022/zip/111]
└─$ john passwd2.txt
Using default input encoding: UTF-8
Loaded 1 password hash (PKZIP [32/64])
Will run 4 OpenMP threads
Proceeding with single, rules:Single
Press 'q' or Ctrl-C to abort, almost any other key for status
Almost done: Processing the remaining buffered candidate passwords, if any.
Proceeding with wordlist:/usr/share/john/password.lst
Proceeding with incremental:ASCII
hone (passwd.zip/passwd.txt)
1g 0:00:00:04 DONE 3/3 (2022-05-04 22:20) 0.2469g/s 6751Kp/s 6751Kc/s 6751KC/s adenecas..hyjr
Use the "--show" option to display all of the cracked passwords reliably
Session completed.
倒数第4行“hone”就是破解出的密码
step3
详细设置可以参考帮助文件
──(kali㉿kali)-[~/Pictures/output_Wed_May__4_21_45_49_2022/zip/111]
└─$ john --help
John the Ripper 1.9.0-jumbo-1+bleeding-aec1328d6c 2021-11-02 10:45:52 +0100 OMP [linux-gnu 64-bit x86_64 AVX AC]
Copyright (c) 1996-2021 by Solar Designer and others
Homepage: https://www.openwall.com/john/Usage: john [OPTIONS] [PASSWORD-FILES]--help Print usage summary
--single[=SECTION[,..]] "Single crack" mode, using default or named rules
--single=:rule[,..] Same, using "immediate" rule(s)
--single-seed=WORD[,WORD] Add static seed word(s) for all salts in single mode
--single-wordlist=FILE *Short* wordlist with static seed words/morphemes
--single-user-seed=FILE Wordlist with seeds per username (user:password[s]format)
--single-pair-max=N Override max. number of word pairs generated (6)
--no-single-pair Disable single word pair generation
--[no-]single-retest-guess Override config for SingleRetestGuess
--wordlist[=FILE] --stdin Wordlist mode, read words from FILE or stdin--pipe like --stdin, but bulk reads, and allows rules
--rules[=SECTION[,..]] Enable word mangling rules (for wordlist or PRINCEmodes), using default or named rules
--rules=:rule[;..]] Same, using "immediate" rule(s)
--rules-stack=SECTION[,..] Stacked rules, applied after regular rules or tomodes that otherwise don't support rules
--rules-stack=:rule[;..] Same, using "immediate" rule(s)
--rules-skip-nop Skip any NOP ":" rules (you already ran w/o rules)
--loopback[=FILE] Like --wordlist, but extract words from a .pot file
--mem-file-size=SIZE Size threshold for wordlist preload (default 2048 MB)
--dupe-suppression Suppress all dupes in wordlist (and force preload)
--incremental[=MODE] "Incremental" mode [using section MODE]
--incremental-charcount=N Override CharCount for incremental mode
--external=MODE External mode or word filter
--mask[=MASK] Mask mode using MASK (or default from john.conf)
--markov[=OPTIONS] "Markov" mode (see doc/MARKOV)
--mkv-stats=FILE "Markov" stats file
--prince[=FILE] PRINCE mode, read words from FILE
--prince-loopback[=FILE] Fetch words from a .pot file
--prince-elem-cnt-min=N Minimum number of elements per chain (1)
--prince-elem-cnt-max=[-]N Maximum number of elements per chain (negative N isrelative to word length) (8)
--prince-skip=N Initial skip
--prince-limit=N Limit number of candidates generated
--prince-wl-dist-len Calculate length distribution from wordlist
--prince-wl-max=N Load only N words from input wordlist
--prince-case-permute Permute case of first letter
--prince-mmap Memory-map infile (not available with case permute)
--prince-keyspace Just show total keyspace that would be produced(disregarding skip and limit)
--subsets[=CHARSET] "Subsets" mode (see doc/SUBSETS)
--subsets-required=N The N first characters of "subsets" charset arethe "required set"
--subsets-min-diff=N Minimum unique characters in subset
--subsets-max-diff=[-]N Maximum unique characters in subset (negative N isrelative to word length)
--subsets-prefer-short Prefer shorter candidates over smaller subsets
--subsets-prefer-small Prefer smaller subsets over shorter candidates
--make-charset=FILE Make a charset, FILE will be overwritten
--stdout[=LENGTH] Just output candidate passwords [cut at LENGTH]
--session=NAME Give a new session the NAME
--status[=NAME] Print status of a session [called NAME]
--restore[=NAME] Restore an interrupted session [called NAME]
--[no-]crack-status Emit a status line whenever a password is cracked
--progress-every=N Emit a status line every N seconds
--show[=left] Show cracked passwords [if =left, then uncracked]
--show=formats Show information about hashes in a file (JSON)
--show=invalid Show lines that are not valid for selected format(s)
--test[=TIME] Run tests and benchmarks for TIME seconds each(if TIME is explicitly 0, test w/o benchmark)
--stress-test[=TIME] Loop self tests forever
--test-full=LEVEL Run more thorough self-tests
--no-mask Used with --test for alternate benchmark w/o mask
--skip-self-tests Skip self tests
--users=[-]LOGIN|UID[,..] [Do not] load this (these) user(s) only
--groups=[-]GID[,..] Load users [not] of this (these) group(s) only
--shells=[-]SHELL[,..] Load users with[out] this (these) shell(s) only
--salts=[-]COUNT[:MAX] Load salts with[out] COUNT [to MAX] hashes, or
--salts=#M[-N] Load M [to N] most populated salts
--costs=[-]C[:M][,...] Load salts with[out] cost value Cn [to Mn]. Fortunable cost parameters, see doc/OPTIONS
--fork=N Fork N processes
--node=MIN[-MAX]/TOTAL This node's number range out of TOTAL count
--save-memory=LEVEL Enable memory saving, at LEVEL 1..3
--log-stderr Log to screen instead of file
--verbosity=N Change verbosity (1-5 or 6 for debug, default 3)
--no-log Disables creation and writing to john.log file
--bare-always-valid=Y Treat bare hashes as valid (Y/N)
--catch-up=NAME Catch up with existing (paused) session NAME
--config=FILE Use FILE instead of john.conf or john.ini
--encoding=NAME Input encoding (eg. UTF-8, ISO-8859-1). See alsodoc/ENCODINGS.
--input-encoding=NAME Input encoding (alias for --encoding)
--internal-codepage=NAME Codepage used in rules/masks (see doc/ENCODINGS)
--target-encoding=NAME Output encoding (used by format)
--force-tty Set up terminal for reading keystrokes even if we'renot the foreground process
--field-separator-char=C Use 'C' instead of the ':' in input and pot files
--[no-]keep-guessing Try finding plaintext collisions
--list=WHAT List capabilities, see --list=help or doc/OPTIONS
--length=N Shortcut for --min-len=N --max-len=N
--min-length=N Request a minimum candidate length in bytes
--max-length=N Request a maximum candidate length in bytes
--max-candidates=[-]N Gracefully exit after this many candidates tried.(if negative, reset count on each crack)
--max-run-time=[-]N Gracefully exit after this many seconds (if negative,reset timer on each crack)
--mkpc=N Request a lower max. keys per crypt
--no-loader-dupecheck Disable the dupe checking when loading hashes
--pot=NAME Pot file to use
--regen-lost-salts=N Brute force unknown salts (see doc/OPTIONS)
--reject-printable Reject printable binaries
--tune=HOW Tuning options (auto/report/N)
--subformat=FORMAT Pick a benchmark format for --format=crypt
--format=[NAME|CLASS][,..] Force hash of type NAME. The supported formats canbe seen with --list=formats and --list=subformats.See also doc/OPTIONS for more advanced selection offormat(s), including using classes and wildcards.
Kali linux下使用john破解zip密码相关推荐
- macos\Linux下使用fcrackzip破解zip压缩文件密码
加密解密:http://www.lybbn.cn/data/datas.php?yw=133 1.fcrackzip简介 fcrackzip是一款专门破解zip类型压缩文件密码的工具,工具小巧方便.破 ...
- Kali Linux下口令字典破解WAP2加密小实验
仅仅是一个新手的小实验,不具有实际意义,记录下流程.用口令字典是暴力破解,字典越大越好,上不封顶,实验测试我只用了一个常用很小的弱口令字典. 环境: win10笔记本 迅捷FAST FW150U US ...
- NO.28——Kali Linux无线渗透暴力破解WIFI密码
近期放暑假在家闲来无事,前几天在手机上下载了腾讯wifi管家,意外地链接上了隔壁邻居的WIFI,但是在手机端无法看到密码明文,因此在考虑是否能通过Kali暴力破解wifi密码. Kali Linux常 ...
- kali Linux下wifi密码安全测试(1)虚拟机下usb无线网卡的挂载 【转】
转自:http://blog.chinaunix.net/uid-26349264-id-4455634.html 目录 kali Linux下wifi密码安全测试(1)虚拟机下usb无线网卡的挂载 ...
- kali Linux下wifi密码安全测试(1)虚拟机下usb无线网卡的挂载_商洛学院司徒荆_新浪博客
kali Linux下wifi密码安全测试(1)虚拟机下usb无线网卡的挂载 1.1 VMWare下的配置 1.2 VirtualBox下的配置 原文链接:http://www.xuanhun ...
- linux 下root 口令破解(二) ——说一下grub的密码和安全模式
linux 下root 口令破解(二) ------说一下grub的密码和安全模式 我们都知道root的密码是保存在/etc/shadow下的,而/etc/passwd 则是用户信息文件,密码呢由于是 ...
- 第四篇 kali Linux 下安装fluxion
第四篇 kali Linux 下安装fluxion 第一篇kali linux 安装 https://blog.csdn.net/qq_43632394/article/details/1091212 ...
- Kali Linux 2020.1修改root用户密码
Kali Linux 2020.1修改root用户密码 安装Kali Linux 2020.1系统后,需要使用root用户权限安装软件.由于root用户的默认密码未知,所以需要在单用户模式下重新设置r ...
- Linux下使用Intel_WiFi_Link_5100AGN 破解无线加密
Linux下使用Intel_WiFi_Link_5100AGN 破解无线加密 就是传说中的BT4破解 ㄝㄙㄩㄧㄝ 回答:1 人气:16 解决时间:2010-02-24 14:55 满意答案 该网站为5 ...
最新文章
- bzoj1095: [ZJOI2007]Hide 捉迷藏 线段树维护括号序列 点分治 链分治
- 蚂蚁森林合种计划(2020.12.12,7天有效,每周6更新)
- Xamarin.Android 调用本地相册
- 方程式漏洞之复现window2008/win7 远程命令执行漏洞
- QtWebkit中浏览器插件的设计-1
- sql 多表多行模糊查询_从零开始学习SQL(五)多表查询
- flex常见问题归纳
- php生成pdf中文断码_Rmarkdown导出中文PDF解决方案
- 设置servlet或action作为欢迎页面
- ubuntu16.04 安装搜狗输入法
- P2 人体姿态估计的过去、现在和未来
- VB表格控件总览与例程分析
- 你怎么看当前中文语音识别技术在国内的应用?
- FPGA 串口接收不准确,有误码
- 解决IE11安装时需要“获取更新”(IE11离线安装)
- Mysql主从同步及主从同步延迟解决方案
- 蛋白胶条质谱鉴定实验
- 如何把图片裁剪为圆形
- C语言字谜游戏(函数嵌套、指针)
- arcgis flex api 由于沙箱安全的原因 无法显示地图 的解决办法
热门文章
- FPGA和CPLD芯片选型介绍(二)
- notepad++设置中文界面
- js 给元素添加自定义属性
- excel连接mysql_Excel连接MySQL数据库的方法总结(备查,但暂时用不上)
- 【解决】camunda部署流程报错should point to a running platform rest api
- 智能识别收货地址 javascript地址智能识别
- linux下运行abaqus比win快吗,高性能计算服务器下的Abaqus安装及并行计算
- Codeforces Round #196 (Div. 2) A. Puzzles 水题
- python如果获取windows管理员权限(一)
- 树莓派研究笔记(10)-- Retropie 模拟器