Kali-John The Ripper
John The Ripper
- John The Ripper是一个快速的密码破解工具,用于在已知密文的情况下尝试破解出明文,支持目前大多数的加密算法,如DES、MD4、MD5等。它支持多种不同类型的系统架构,包括Unix、Linux、Windows、DOS模式、BeOS和OpenVMS,主要目的是破解不够牢固的Unix/Linux系统密码。除了在各种Unix系统上最常见的几种密码哈希类型之外,它还支持Windows LM散列,以及社区增强版本中的许多其他哈希和密码。它是一款开源软件。Kali中自带John The Ripper
使用John The Ripper
暴力破解PDF
- 安装编译
John The Ripper
1 | git clone https://github.com/magnumripper/JohnTheRipper.git |
1 | total 86620 |
- 各种脚本
-
先要对
pdf
进行一个hash
文件生成,我们要使用pdf2john.pl
来生成1
pdf2john.pl ~/test_pdf.pdf > ~/pdf.hash
-
查看
pdf.hash
的内容1
2cat pdf.hash
/home/holelin/test_pdf.pdf:$pdf$4*4*128*-3392*0*16*35452d43302d43442d41362d37362d31*32*e03c2cb0619c1f097b809d54902e3c3ca521bc59f6f6c1312017451c7fadfb1c*32*234753682d045ef5f752ff16ebde039fd0801a75366337c1ea2a4ed57f81cfcf -
最后执行
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19john pdf.hash
Using default input encoding: UTF-8
Loaded 1 password hash (PDF [MD5 SHA2 RC4/AES 32/64])
Cost 1 (revision) is 4 for all loaded hashes
Will run 40 OpenMP threads
Proceeding with single, rules:Single
Press 'q' or Ctrl-C to abort, 'h' for help, almost any other key for status
Almost done: Processing the remaining buffered candidate passwords, if any.
0g 0:00:00:08 DONE 1/3 (2024-04-07 15:09) 0g/s 3682p/s 3682c/s 3682C/s T1900..Ptest1900
Proceeding with wordlist:./password.lst
Enabling duplicate candidate password suppressor
The following keypresses are recognized:
'q' or Ctrl-C to abort
'h' for help (this message)
'>' and '<' to increase or decrease verbosity, respectively
's' for detailed status (and changes since its previous display)
'd' for delayed status (right upon completion of current batch)
'D' for delayed detailed status
Almost any other key for simple status- 此过程需要等待一段时间
-
使用命令查看密码
1
john --show ~/pdf.hash
本博客所有文章除特别声明外,均采用 CC BY-NC-SA 4.0 许可协议。转载请注明来自 HoleLin's Blog!