WEB attack and defense - weak password brute force cracking (including tools, dictionary download address)

Enterprise 2023-05-05 20:27:06 views: null

Table of contents

1. Overview of weak passwords

2. Web Class - Encryption & Verification Code Background Guessing

3. Service category - SSH&RDP remote terminal guessing

4. Application class - ZIP&Word file compression package guessing solution

1. Overview of weak passwords

        Weak password (weak password) has no strict and accurate definition. It is generally considered that the passwords that are easy to be guessed by others (they may know you well) or cracked by cracking tools are weak passwords, which are usually related to the security awareness of the management and the platform. Initial configuration and other related, through the weak password of the system, hackers can directly obtain the system control authority. 
        In common security tests, weak passwords will lead to various areas of security, including web applications, security devices, platform components, operating systems, etc.; how to obtain and use weak passwords has become the key to such security issues!

2. Web Class - Encryption & Verification Code Background Guessing

1. Come to the target site.

 2. After entering the account password, click Login, and capture the data package.

 

3. But there is a problem here. Its password is encrypted. The website encrypts the password and then submits it. Therefore, we should also encrypt the value in our dictionary when blasting.

4. After selecting the password part, click "add".

5. Perform the following operations to select a good dictionary.

6. The password loaded above is in plain text, we need to convert it into cipher text.

7. Perform the following operations to change the password to ciphertext.

8. After everything is set, click Start.

9. At this point, burp will upload the encrypted content.

10. After a period of time, it is found that there is a different value here, so the value inside should be the correct password that was blasted out.

11. We decrypt it and get the correct password after decryption. 

12. The above is only a blasting of the password.

13. The following demonstrates blasting the account and password at the same time.

14. Select the account number and password respectively, and click "add" after selection.

15. Change this to the mode shown in the figure below.

16. At this point, you can see that two dictionaries can be added here.

 17. After a certain configuration, start again and you can see that it can blast two positions at the same time.

3. Service category - SSH&RDP remote terminal guessing

1. Hydra profile:

  • hydra download address: https://github.com/vanhauser-thc/thc-hydra
  • hydra is an automated blasting tool that can crack weak passwords by brute force. It is a blasting tool that supports many protocols. It has been integrated into KaliLinux and can be opened directly in the terminal.
  • Common commands:
-s PORT 可通过这个参数指定非默认端口。
-l LOGIN 指定破解的用户,对特定用户破解。
-L FILE 指定用户名字典。
-p PASS 小写,指定密码破解,少用,一般是采用密码字典。
-P FILE 大写,指定密码字典。
-e ns 可选选项,n:空密码试探,s:使用指定用户和密码试探。
-C FILE 使用冒号分割格式,例如“登录名:密码”来代替-L/-P 参数。
-M FILE 指定目标列表文件一行一条。
-o FILE 指定结果输出文件。
-f 在使用-M 参数以后,找到第一对登录名或者密码的时候中止破解。
-t TASKS 同时运行的线程数,默认为 16。
-w TIME 设置最大超时的时间,单位秒,默认是 30s。
-v / -V 显示详细过程。
  • Supported protocols:
service 指定服务名,支持的服务和协议:telnet ftp pop3[-ntlm] imap[-ntlm] smb smbnt 
http-{head|get} http-{get|post}-form 
http-proxycisco cisco-enable vnc ldap2 ldap3 mssql mysql oracle-listenerpostgres 
nntp socks5 rexec rlogin pcnfs snmp rsh cvs svn icqsapr3 ssh smtp-auth[-ntlm] 
pcanywhere teamspeak sip vmauthdfirebird ncp afp 等等。

2. Invoke the tool hydra in kali and write the following command.

3. Execute the command.

4. After a period of time, you can see that the password has been successfully obtained.

5. We try to connect.

6. Enter the password you just obtained, and click OK to connect after entering.

7. After clicking OK, it is found that the connection has been successfully made and the service x has been obtained.

8. Next, we demonstrate the brute force cracking of the Windows system password, and start executing after entering the command.

9. You can see that the account and password have been successfully obtained.

10. We will enter the obtained account number and password, and then click OK to try to connect.

11. You can see that you have successfully logged in, but because our requests just now were too frequent, the following page appeared.

4. Application class - ZIP&Word file compression package guessing solution

1. We prepare a zip file. When we open this file, we can see that we need to enter a password.

2. We open a simple cracking tool, drag and drop the zip file that needs to be cracked just now, and you can see that the software starts to crack it automatically.

3. Let's try another software.

4. Add the encrypted file to the software, and you can see that the password has been successfully cracked.

Guess you like

Origin blog.csdn.net/weixin_62808713/article/details/130175239
Recommended
Ranking
#2019110700005
What materials and procedures are required for patent transfer
What is the blockchain Ethereum triplet state root transaction root receipt root
Front-end study notes 04 --- About the insertion of html pictures and videos
Documents required for the filing of WeChat Mini Programs in special industries, the filing process of WeChat Mini Programs in special industries, how to file WeChat Mini Programs in special industries
2017 Qingdao-site tournament I The Squared Mosquito Coil
[BZOJ3165][HEOI2013]Segment (line segment tree without marking)
Kettle series: KettleEasyExpand, an open source Kettle universal plugin by Ma Jinju
The latest tutorial on making framework for iOS
DAX Section 6: Statistical Functions
Daily
More
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)

Code World

© 2018 codetd.com