Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

John the Ripper 教學

由於John the Ripper支持多種攻擊模式和不同的使用方式,這裡提供一個基本的使用示例,以展示如何使用John the Ripper進行字典攻擊。

  1. 安裝John the Ripper:

首先需要下載和安裝John the Ripper。以Ubuntu系統為例,可以使用以下命令安裝:

sqlCopy codesudo apt-get update
sudo apt-get install john
  1. 收集密碼文件:

假設待破解的是本地用戶帳戶的密碼文件,可以使用以下命令從本地系統中提取:

bashCopy codesudo unshadow /etc/passwd /etc/shadow > hash.txt

這會生成一個名為hash.txt的文本文件,其中包含了所有本地用戶帳戶的密碼雜湊值。

  1. 選擇字典文件:

接下來需要選擇一個字典文件,用於進行字典攻擊。可以使用預置的字典文件,或者自行編寫字典文件。以使用預置的字典文件為例,可以使用以下命令選擇john的內置字典文件:

javascriptCopy codesudo john --wordlist=/usr/share/john/password.lst hash.txt

這會開始進行字典攻擊,使用/usr/share/john/password.lst作為字典文件,對hash.txt文件中的所有密碼雜湊值進行攻擊。

  1. 等待破解結果:

在攻擊過程中,John the Ripper會嘗試使用字典文件中的單詞進行匹配,並且將匹配成功的密碼顯示出來。等待攻擊完成後,可以使用以下命令查看破解結果:

pythonCopy codesudo john --show hash.txt

這會列出所有成功破解的密碼,以及相應的用戶帳戶。

需要注意的是,使用John the Ripper進行密碼破解需要滿足一些法律和道德要求,並且需要經過系統或應用程式擁有者的授權和同意。否則,這樣的行為可能會觸犯相關的法律法規,並且會對他人的系統或應用程式造成損害。因此,建議僅在合法的學術研究和安全測試等情況下使用John the Ripper。

以上內容由 chatGPT 產生

Back To Top
error: 內容被保護 !!
Buy Me A Coffee
歡迎贊助 sectools.tw 讓這個網站更好~!