烏雲網看到一篇文章講述hashcat的使用簡介(戳這里),對使用字典破解MD5內容
簡單在kali上嘗試了一下。
(1)首先查看了下hashcat的幫助文檔,簡單截取了其中的部分常用說明。
hashcat, advanced password recovery
Usage: hashcat [options] hashfile [mask|wordfiles|directories]
=======
Options
=======
* General:
-m, --hash-type=NUM Hash-type, see references below
-a, --attack-mode=NUM Attack-mode, see references below
-V, --version Print version
-h, --help Print help
--quiet Suppress output
* Attack modes:
0 = Straight(字典破解)
1 = Combination
2 = Toggle-Case
3 = Brute-force
4 = Permutation
5 = Table-Lookup
8 = Prince
* Hash types:
0 = MD5
10 = md5($pass.$salt)
20 = md5($salt.$pass)
30 = md5(unicode($pass).$salt)
40 = md5($salt.unicode($pass))
50 = HMAC-MD5 (key = $pass)
60 = HMAC-MD5 (key = $salt)
...
(2)參考上述命令格式,輸入以下內容
root@kali2:~/Desktop# hashcat -a 0 -m 0 test.txt superdict.txt
其中
- -a 0 代表使用字典破解模式;
- -m 0代表Hash Type為md5;
- test.txt里保存要破解的Hash值;
root@kali2:~/Desktop# cat test.txt
CCFF985ACBE948354486FE49BD91C2EB
cf7be73c856c99c0fe02a78a562375c5
- superdict.txt代表字典文件
root@kali2:~/Desktop# head superdict.txt feitong!@# abc123!@# sh%4#2! nl123456 sy8106237 %null% admin administrator administrators 12345
(3)開始破解,以下紅體加粗的一行數據說明已經被成功破解,值為wolegequ
root@kali2:~/Desktop# hashcat -a 0 -m 0 test.txt superdict.txt Initializing hashcat v2.00 with 4 threads and 32mb segment-size... Added hashes from file test.txt: 2 (1 salts) cf7be73c856c99c0fe02a78a562375c5:wolegequ [s]tatus [p]ause [r]esume [b]ypass [q]uit => Input.Mode: Dict (superdict.txt) Index.....: 1/1 (segment), 635686 (words), 5994851 (bytes) Recovered.: 1/2 hashes, 0/1 salts Speed/sec.: 4.54M plains, 4.54M words Progress..: 635686/635686 (100.00%) Running...: --:--:--:-- Estimated.: --:--:--:-- Started: Fri Jun 24 04:55:31 2016 Stopped: Fri Jun 24 04:55:33 2016
(4)注意事項
- 指定保存hash文件還有字典文件的時候,linux環境下不要忘記文件路徑
- 破解成功的概率取決於你的字典是否給力,因此選個給力的字典很有必要。