• 弱密码检测JR!

    1、JR(Joth the Ripper)简介
    ·一款密码分析工具,支持字典式的暴力破解
    ·通过对 shadow 文件的口令分析,可以检测密码
    ·官方网站:http://www.openwall.com/john/
    2、安装 JR 工具
    (1)tar 包解压
    (2)进到解压后的 src 目录下,执行 make clean
    (3)进到解压后的 run 目录下,执行命令

    ===========================================================

    示例:扫描虚拟机内所有账号密码排出弱密码?重点找到john

    导入john-1.8.0.tar.gz 包

    [root@localhost ~]# ls              //查看是否已经导入好JR
    john-1.8.0.tar.gz
    [root@localhost ~]# tar -zxf john-1.8.0.tar.gz        //解压JR包
    [root@localhost ~]# ls                 //查看是否解压好JR包
    john-1.8.0   john-1.8.0.tar.gz

    [root@localhost ~]# cd john-1.8.0/src            //进入src
    [root@localhost src]# rpm -q gcc gcc-c++        //检测是否安装了gcc gcc-c++编辑器
    未安装软件包 gcc 
    未安装软件包 gcc-c++
    [root@localhost src]# yum -y install gcc gcc-c++         //安装gcc gcc-c++编辑器

    [root@localhost src]# make          //编译

    [root@localhost src]# cd ../run       //进入run
    [root@localhost run]# cp /etc/shadow ./shadow.txt       //复制./shadow.txt 到/etc/shadow下
    [root@localhost run]# ls
    ascii.chr     john.conf       mailer       password.lst  shadow.txt
    digits.chr   lm_ascii.chr   makechr   relbench
    [root@localhost run]# cd ../
    [root@localhost john-1.8.0]# ls
    doc  README  run   src
    [root@localhost john-1.8.0]# cd
    [root@localhost ~]# ls
    john-1.8.0 john-1.8.0.tar.gz
    [root@localhost ~]# cd john-1.8.0/
    [root@localhost john-1.8.0]# ls
    doc README run src
    [root@localhost john-1.8.0]# cd src
    [root@localhost src]# make clean linux-x86-64        //编辑清除linux-x86-64
    ...........

    ............
    make[1]: 离开目录“/root/john-1.8.0/src”
    [root@localhost src]# cd ../run
    [root@localhost run]# ls
    ascii.chr     john  lm_ascii.chr makechr   relbench  unafs  unshadow
    digits.chr   john.conf  mailer   password.lst  shadow.txt  unique
    [root@localhost run]# cp /etc/shadow ./shadow.txt
    cp:是否覆盖"./shadow.txt"? y
    [root@localhost run]# ./john shadow.txt        //运行shadow.txt文本,必须在run下否则运行执行失败
    Loaded 3 password hashes with 3 different salts (crypt, generic crypt(3) [?/64])
    Press 'q' or Ctrl-C to abort, almost any other key for status
    123123 (roomx)
    123123 (root)

    0g 0:00:20:52 3/3 0g/s 242.7p/s 242.7c/s 242.7C/s 020867..022465
    0g 0:00:20:54 3/3 0g/s 242.7p/s 242.7c/s 242.7C/s 033289..036936
    Session aborted

    [root@localhost run]# ./john --show shadow.txt             // 运行shadow.txt文本root:123123::0:99999:7:::
    roomx:123123:18117:0:99999:7:::

    2 password hashes cracked, 1 left

    ==========================================================

    字典式暴力破解?

    [root@localhost run]# vi password.lst              //查看字典内置密码及添加账号liu的密码为liuxiang

    #!comment: This list has been compiled by Solar Designer of Openwall Project
    #!comment: in 1996 through 2011. It is assumed to be in the public domain.
    #!comment:
    #!comment: This list is based on passwords most commonly seen on a set of Unix
    #!comment: systems in mid-1990's, sorted for decreasing number of occurrences
    #!comment: (that is, more common passwords are listed first). It has been
    #!comment: revised to also include common website passwords from public lists
    #!comment: of "top N passwords" from major community website compromises that
    #!comment: occurred in 2006 through 2010.
    #!comment:
    #!comment: Last update: 2011/11/20 (3546 entries)
    #!comment:
    #!comment: For more wordlists, see http://www.openwall.com/wordlists/

    liuxiang
    123456
    12345
    password
    password1
    123456789
    12345678
    1234567890
    abc123
    computer
    tigger
    "password.lst" 3559L, 26325C

    [root@localhost run]# useradd liu

    [root@localhost run]# passwd liu

    更改用户liu的密码

    新的密码:liuxiang

    重新输入新的密码:liuxiang

    passwd:所有的身份验证令牌已经成功更新。

    [root@localhost run]# ./john --wordlist=./password.lst ./liu.shadow.txt
    Loaded 1 password hash (crypt, generic crypt(3) [?/64])
    Press 'q' or Ctrl-C to abort, almost any other key for status
    liuxiang (liu)
    1g 0:00:00:00 100% 2.702g/s 259.4p/s 259.4c/s 259.4C/s liuxiang..pamela
    Use the "--show" option to display all of the cracked passwords reliably
    Session completed

    [root@localhost run]# cat john.pot         //查看破解记录
    $6$3Yb/XIGe$xt6sg3nZ.EXSpwNmTjcYHOHDGpf1wbo1sXbY/4aYGkmol65rzcZItPwJOoUIfWdgf4YqkRI8YXmsLxlOQVqLr1:123123
    $6$/.a9JMSut.7RkRDr$gE4JlVGP/uLDr7Zdd0v.NfVDOPAeKq1MemSCb90o5/ejAUR2FpKVzv7.14apHi1XnBPvd5YVqx3aBC5IPLOZ51:123123
    $6$gy1Bp2K/$uPbPWAZ/6LFetymqgsUBxoMzWrDB6R9aa4kQBevp1CyuefwmWlMfyXyRkMzos/gjusr8i9/dK9bdMEdZIwK5i0:liuxiang

    [root@localhost run]# :>john.pot              //清空破解记录
    [root@localhost run]# cat john.pot           //查看破解记录
  • 相关阅读:
    交换函数swap的三种实现方法
    oracle如何修改某一列的数据类型
    安装 kibana 以及添加中文分词器
    linux 安装Elasticsearch
    docker添加tomcat容器成功无法访问首页
    docker run-it centos提示FATAL
    启动、重新启动容器后,进入交互模式
    获取阿里云docker加速器地址
    CentOS6 修改默认字符集为GBK
    linux中如何查看redis的版本
  • 原文地址:https://www.cnblogs.com/CMX_Shmily/p/11330910.html
Copyright © 2020-2023  润新知