{"id":1136,"date":"2024-03-16T00:53:24","date_gmt":"2024-03-15T16:53:24","guid":{"rendered":"http:\/\/www.ccwifi.cc\/blogs\/?p=1136"},"modified":"2024-03-16T00:53:24","modified_gmt":"2024-03-15T16:53:24","slug":"zip%e5%8a%a0%e5%af%86%e6%96%87%e4%bb%b6%e7%a0%b4%e8%a7%a3john%e7%ae%80%e4%bb%8b","status":"publish","type":"post","link":"https:\/\/www.ccwifi.cc\/blogs\/2024\/03\/16\/zip%e5%8a%a0%e5%af%86%e6%96%87%e4%bb%b6%e7%a0%b4%e8%a7%a3john%e7%ae%80%e4%bb%8b\/","title":{"rendered":"ZIP\u52a0\u5bc6\u6587\u4ef6\u7834\u89e3\uff1ajohn\u7b80\u4ecb"},"content":{"rendered":"
\n

\u5728\u7ebfwifi\u8dd1\u5305 \u91d1\u521a\u5305\u8dd1\u5305 cap\u8dd1\u5305 hccapx ewsa\u5728\u7ebf \u5c31\u6765 \u63e1\u624b\u5305\u8dd1\u5305<\/a><\/strong><\/p>\n

\u5404\u4f4d\u597d \u53c8\u89c1\u9762\u4e86 \u6211\u662f\u66f9\u64cd \u4eca\u5929\u7ed9\u5927\u5bb6\u5e26\u6765\u4e00\u7bc7\u65b0\u7684\u6559\u7a0b<\/p>\n

\u5e0c\u671b\u5404\u4f4d\u7ec6\u5fc3\u5b66\u4e60 \u4f4e\u8c03\u7528\u7f51<\/p>\n<\/div>\n

unshadow \/etc\/passwd > hash.txt\njohn --user=root --wordlist=passwd hash.txt<\/code><\/pre>\n
\"hashcat\u5982\u4f55\u8bbe\u7f6e\u9ed8\u8ba4\u5bc6\u7801\"<\/p>\n
John\u662f\u4e00\u79cd\u5bc6\u7801\u7834\u89e3\u5de5\u5177\uff0c\u5b83\u662fKali Linux\u81ea\u5e26\u7684\u3002\u5b83\u652f\u6301\u4f7f\u7528\u5bc6\u7801\u672c\u8fdb\u884c\u7834\u89e3\u3002John\u4e3b\u8981\u7528\u4e8e\u7834\u89e3root\u7528\u6237\u7684\u5f00\u673a\u53e3\u4ee4\uff0c\u5982\u4e0b\u56fe\u6240\u793a\u3002\u7136\u800c\uff0c\u91cd\u8981\u7684\u662f\u8981\u6709\u4e00\u4e2a\u53ef\u9760\u7684\u5bc6\u7801\u672c\uff0c\u5426\u5219\u4e00\u5207\u52aa\u529b\u90fd\u5c06\u767d\u8d39\u3002\u5728\u8fd9\u4e2a\u4f8b\u5b50\u4e2d\uff0c\u6211\u6210\u529f\u7834\u89e3\u4e86\u6211\u7684root\u5bc6\u7801\uff0c\u5b83\u662fh3ll0\u3002<\/p>\n
zip2john passwd.zip > passwd.hash<\/code><\/pre>\n
\"hashcat\u5982\u4f55\u8bbe\u7f6e\u9ed8\u8ba4\u5bc6\u7801\"<\/p>\n
john passwd.hash<\/code><\/pre>\n
\u90a3\u4e48\u5982\u4f55\u7834\u89e3ZIP\u52a0\u5bc6\u6587\u4ef6\u5462\uff1f\u539f\u7406\u662f\u76f8\u540c\u7684\uff0c\u9996\u5148\u83b7\u53d6Hash\u6587\u4ef6\uff0c\u7136\u540e\u4f7f\u7528John\u5de5\u5177\u8fdb\u884c\u7834\u89e3\u3002\u4ee5\u4e0b\u662f\u5177\u4f53\u6b65\u9aa4\uff1a<\/p>\n
\u7b2c\u4e00\u6b65\uff1a\u4f7f\u7528zip2john\u83b7\u53d6\u4e2d\u95f4\u7684Hash\u6587\u4ef6\u3002
\n\u547d\u4ee4\u5982\u4e0b\uff1azip2john \u6587\u4ef6\u540d.zip > passwd.hash<\/p>\n
\u7b2c\u4e8c\u6b65\uff1a\u4f7f\u7528John\u7834\u89e3\u4e2d\u95f4\u7684Hash\u6587\u4ef6\u3002
\n\u547d\u4ee4\u5982\u4e0b\uff1ajohn passwd.hash<\/p>\n
\"hashcat\u5982\u4f55\u8bbe\u7f6e\u9ed8\u8ba4\u5bc6\u7801\"<\/p>\n
\u6210\u529f\u7834\u89e3\u540e\uff0c\u6211\u4eec\u83b7\u5f97\u4e86\u5bc6\u7801\uff1a123456\u3002\u53ef\u4ee5\u770b\u51fa\uff0c\u8fd9\u4e2a\u5bc6\u7801\u662f\u4ece\u81ea\u5e26\u7684\u5bc6\u7801\u672cpassword.lst\u4e2d\u7834\u89e3\u51fa\u6765\u7684\u3002\u8be5\u5bc6\u7801\u672c\u4e2d\u5305\u542b\u4e86\u5927\u7ea63000\u4e2a\u5e38\u7528\u5bc6\u7801\u3002\u7136\u800c\uff0c\u5982\u679c\u60a8\u8bbe\u7f6e\u7684\u5bc6\u7801\u4e0d\u5728\u5bc6\u7801\u672c\u4e2d\uff0c\u90a3\u4e48\u7834\u89e3\u5c06\u53d8\u5f97\u975e\u5e38\u56f0\u96be\u3002\u6211\u5c1d\u8bd5\u8bbe\u7f6e\u4e86\u4e00\u4e2a\u4e0d\u5728\u5bc6\u7801\u672c\u4e2d\u7684\u5bc6\u78011993\uff0c\u7ed3\u679c\u5f88\u957f\u65f6\u95f4\u90fd\u65e0\u6cd5\u7834\u89e3\u6210\u529f\u3002\u6bd5\u7adf\uff0c\u8fd9\u79cd\u65b9\u6cd5\u672c\u8d28\u4e0a\u662f\u66b4\u529b\u7834\u89e3\uff0c\u56e0\u6b64\u4e0d\u63a8\u8350\u5728\u7834\u89e3ZIP\u52a0\u5bc6\u6587\u4ef6\u65f6\u4f7f\u7528\u8fd9\u79cd\u65b9\u5f0f\u3002<\/p>\n
\u7834\u89e3\u6a21\u5f0f\u7684\u5177\u4f53\u65b9\u6cd5      \u7834\u89e3\u7684\u5bc6\u7801\u957f\u5ea6       \u6240\u5305\u542b\u7684\u5b57\u7b26\nIncremental:all         0-8                  All 95<\/span> printable ASCII characters\nIncremental:all15       0-5                  All 95<\/span> printable ASCII characters\nIncremental:all6        6<\/span>                    All 95<\/span> printable ASCII characters\nIncremental:all7        7<\/span>                    All 95<\/span> printable ASCII characters\nIncremental:all8        8<\/span>                    All 95<\/span> printable ASCII characters\nIncremental:alpha       1-8                  A-Z     \u7eaf\u5927\u5199\u5b57\u6bcd\nIncremental:digits      1-8                  0-9     \u7eaf\u6570\u5b57\nIncremental:lanman      0-7\t\t    A-Z, 0-9, and some special characters   \u5927\u5199\u5b57\u6bcd,\u6570\u5b57\u52a0\u4e00\u4e9b\u7279\u6b8a\u5b57\u7b26<\/code><\/pre>\n
Usage: john [<\/span>OPTIONS]<\/span> [<\/span>PASSWORD-FILES]<\/span>\n--single[=<\/span>SECTION[<\/span>,..]]<\/span>    \"single crack\"<\/span> mode, using default or named rules\n--single=<\/span>:rule[<\/span>,..]<\/span>        same, using \"immediate\"<\/span> rule(<\/span>s)<\/span>\n--wordlist[=<\/span>FILE]<\/span> --stdin  wordlist mode, read<\/span> words from FILE or stdin\n                  --pipe   like --stdin, but bulk reads, and allows rules\n--loopback[=<\/span>FILE]<\/span>          like --wordlist, but extract words from a .pot file\n--dupe-suppression         suppress all dupes in wordlist (<\/span>and force preload)<\/span>\n--prince[=<\/span>FILE]<\/span>            PRINCE mode, read<\/span> words from FILE\n--encoding=<\/span>NAME            input encoding (<\/span>eg. UTF-8, ISO-8859-1)<\/span>. See also\n                           doc\/ENCODINGS and --list=<\/span>hidden-options.\n--rules[=<\/span>SECTION[<\/span>,..]]<\/span>     enable<\/span> word mangling rules (<\/span>for<\/span> wordlist or PRINCE\n                           modes)<\/span>, using default or named rules\n--rules=<\/span>:rule[<\/span>;<\/span>..]]<\/span>        same, using \"immediate\"<\/span> rule(<\/span>s)<\/span>\n--rules-stack=<\/span>SECTION[<\/span>,..]<\/span> stacked rules, applied after regular rules or to\n                           modes that otherwise don't support rules\n<\/span>--rules-stack=:rule[;..]   same, using \"immediate\" rule(s)\n<\/span>--incremental[=MODE]       \"incremental\" mode [using section MODE]\n<\/span>--mask[=MASK]              mask mode using MASK (or default from john.conf)\n<\/span>--markov[=OPTIONS]         \"Markov\" mode (see doc\/MARKOV)\n<\/span>--external=MODE            external mode or word filter\n<\/span>--subsets[=CHARSET]        \"subsets\" mode (see doc\/SUBSETS)\n<\/span>--stdout[=LENGTH]          just output candidate passwords [cut at LENGTH]\n<\/span>--restore[=NAME]           restore an interrupted session [called NAME]\n<\/span>--session=NAME             give a new session the NAME\n<\/span>--status[=NAME]            print status of a session [called NAME]\n<\/span>--make-charset=FILE        make a charset file. It will be overwritten\n<\/span>--show[=left]              show cracked passwords [if =left, then uncracked]\n<\/span>--test[=TIME]              run tests and benchmarks for TIME seconds each\n<\/span>--users=[-]LOGIN|UID[,..]  [do not] load this (these) user(s) only\n<\/span>--groups=[-]GID[,..]       load users [not] of this (these) group(s) only\n<\/span>--shells=[-]SHELL[,..]     load users with[out] this (these) shell(s) only\n<\/span>--salts=[-]COUNT[:MAX]     load salts with[out] COUNT [to MAX] hashes\n<\/span>--costs=[-]C[:M][,...]     load salts with[out] cost value Cn [to Mn]. For\n<\/span>                           tunable cost parameters, see doc\/OPTIONS\n<\/span>--save-memory=LEVEL        enable memory saving, at LEVEL 1..3\n<\/span>--node=MIN[-MAX]\/TOTAL     this node'<\/span>s number range out of TOTAL count\n--fork=<\/span>N                   fork N processes\n--pot=<\/span>NAME                 pot file to use\n--list=<\/span>WHAT                list capabilities, see --list=<\/span>help<\/span> or doc\/OPTIONS\n--format=<\/span>NAME              force hash<\/span> of type<\/span> NAME. The supported formats can\n                           be seen with --list=<\/span>formats and --list=<\/span>subformats<\/code><\/pre>\n
<\/p>\n","protected":false},"excerpt":{"rendered":"
ZIP\u52a0\u5bc6\u6587\u4ef6\u7834\u89e3\uff1ajohn\u7b80\u4ecbJohn\u662f\u4e00\u6b3eKali linux\u81ea\u5e26\u7684\u5bc6\u7801\u7834\u89e3\u5de5\u5177\uff0c\u652f\u6301\u5bc6\u7801\u672c\u7834\u89e3\u3002John\u57fa\u4e8e\u5bc6\u7801\u672c\u7834\u89e3root\u7528\u6237\u5f00\u673a\u53e3\u4ee4\u5982\u4e0b\u56fe\u6240\u793a\uff0c\u5f53\u7136\u91cd\u70b9\u8fd8\u662f\u4f60\u6709\u9760\u8c31\u7684\u5bc6\u7801\u672c\uff0c\u5426\u5219\u4e5f\u662f\u767d\u8d39\u529b\u6c14\u3002<\/p>\n","protected":false},"author":1,"featured_media":1137,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"topic":[],"class_list":["post-1136","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-1"],"_links":{"self":[{"href":"https:\/\/www.ccwifi.cc\/blogs\/wp-json\/wp\/v2\/posts\/1136","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ccwifi.cc\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ccwifi.cc\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ccwifi.cc\/blogs\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ccwifi.cc\/blogs\/wp-json\/wp\/v2\/comments?post=1136"}],"version-history":[{"count":0,"href":"https:\/\/www.ccwifi.cc\/blogs\/wp-json\/wp\/v2\/posts\/1136\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.ccwifi.cc\/blogs\/wp-json\/wp\/v2\/media\/1137"}],"wp:attachment":[{"href":"https:\/\/www.ccwifi.cc\/blogs\/wp-json\/wp\/v2\/media?parent=1136"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ccwifi.cc\/blogs\/wp-json\/wp\/v2\/categories?post=1136"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ccwifi.cc\/blogs\/wp-json\/wp\/v2\/tags?post=1136"},{"taxonomy":"topic","embeddable":true,"href":"https:\/\/www.ccwifi.cc\/blogs\/wp-json\/wp\/v2\/topic?post=1136"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}