简介:常规情况下,由于web自身的服务资源,带宽,吞吐率的原因,存在访问上线的情况,这和极端情况下本地直接即时访问,即时反馈的机制是完全不可等同的。另外暴力破解密码这种行为本身就是一个徘徊为灰色地带的,并且条件极其苛刻的情况下才有可能使用得上,这也是为了极少存在通过暴力破解密码从而找回或者攻陷入口的原因。本篇仅为技术讨论,请勿用于非法途径。
历史攻略:
Python:暴力破解密码
Python:对压缩包进行解压操作
gin:通过dockerfile部署
web破解密码案例:
1、创建一个web服务并创建密码,运行。
package mainimport ("crypto/rand""fmt""/gin-gonic/gin""math/big""time")func GetTime() time.Time {return time.Now()}func GetPassword(length int, kind string) string {passwd := make([]rune, length)var codeModel []runeswitch kind {case "num":codeModel = []rune("0123456789")case "char":codeModel = []rune("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ")case "mix":codeModel = []rune("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ")case "advance":codeModel = []rune("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ+=-!@#$%*,.[]")default:codeModel = []rune("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ")}for i := range passwd {index, _ := rand.Int(rand.Reader, big.NewInt(int64(len(codeModel))))passwd[i] = codeModel[int(index.Int64())]}return string(passwd)}var realPassword = GetPassword(4, "num")func main() {r := gin.Default()r.GET("/hello", func(c *gin.Context) {//设置默认值password := c.DefaultQuery("password", "")//获取url里的user参数password = c.Query("password")fmt.Println("realPassword:", realPassword)if password == realPassword {c.JSON(200, gin.H{"GET": GetTime(),"your_password": password,"real_password": realPassword,"result": "密码正确",})} else {c.JSON(200, gin.H{"GET": GetTime(),"your_password": password,"real_password": realPassword,"result": "密码错误",})}})// 监听并在 0.0.0.0:8888 上启动服务_ = r.Run("0.0.0.0:8888")}
2、构建镜像:
docker build -t gin-img .
3、启动容器:
docker run --name test-gin -p 8888:8888 -d gin-img
4、浏览器访问:http://ip:8888/hello
5、python访问破解:
# -*- coding: utf-8 -*-# time: /11/6 11:03# file: password-demo.py# 公众号: 玩转测试开发import timeimport requestsimport itertoolsdef guess_password(password):url = "http://ip:8888/hello"data = {"password": password}response = requests.get(url, params=data).json()print(response)if response["result"] == "密码正确":return Trueelse:return Falseif __name__ == '__main__':data = "0123456789"num = 0password_length = 4password_list = []for i in itertools.product(data, repeat=password_length):guess = "".join(i)password_list.append(guess)start = time.time()for i in password_list:if guess_password(i):breakend = time.time()print(f"破解耗时:{round(end - start, 2)}秒")
6、破解执行结果:
压缩包破解密码案例:
1、创建一个zip包,并设置是需要密码
2、手动解压的时候,确认是需要密码的
3、案例源码:
# -*- coding: utf-8 -*-# time: /11/6 11:03# file: password-demo.py# 公众号: 玩转测试开发import timeimport zipfileimport itertoolsdef extract(password, file):try:password = str(password)file.extractall(path='.', pwd=password.encode('utf-8'))print("the password is {}".format(password))return Trueexcept Exception as e:passdef main(password_length):zip_file = zipfile.ZipFile(r"a.zip", 'r')# 开始尝试data = "0123456789"num = 0for i in itertools.product(data, repeat=password_length):guess = "".join(i)print(f"当前密码长度:{password_length}, 猜测的密码为:{guess},尝试次数:{num}。")if extract(guess, zip_file):print(f"当前密码长度:{password_length}, 猜测的密码为:{guess}。实际密码为:{guess},尝试次数:{num},破解成功。")breaknum += 1if __name__ == '__main__':start = time.time()main(6)end = time.time()print(f"破解耗时:{round(end - start, 2)}秒")
4、执行结果:即只需要27秒左右即可破解6位数字密码的zip密码包。
破解后:解压出a.doc
即:理论极值下,暴力破解是可取的,但是条件及其苛刻,例如web的仅4位数字,就破解需要120多秒。6位大小写数字混合需要的时间则会增加几个数量级。