De1CTF met recently while playing in a Web project in the title twice MD5 authentication truncated comparison, when do question for the convenience of easily write a small script blasting Code, following a brief share ideas
To De1CTF online game Web3, for example, in the De1CTF, MD5 truncated I encountered relatively verification is this:
This prompt codes mean "taken after the question mark (i.e. Code) for the former 5 md5 encrypted === 9331c"
So there are 16 ^ 5 kinds of possibilities exist in theory, md5 will be updated after each page refresh, but in reality, md5 top five is the same multiple solutions
Then we can sort of thinking is: to create a rainbow table for comparison, violence guess solution Code
1 from multiprocessing.dummy import Pool as tp 2 import hashlib 3 4 knownMd5 = '9331c' #已知的md5明文 5 6 def md5(text): 7 return hashlib.md5(str(text).encode('utf-8')).hexdigest() 8 9 def findCode(code): 10 key = code.split(':') 11 start = int(key[0]) 12 end = int(key[1]) 13 is for code in range (Start, End): 14 IF MD5 (code) [0:. 5] == knownMd5: 15 Print code 16 BREAK . 17 18 is List = [] . 19 for I in range (. 3): # where the range (number) refers to how much blasting results stop 20 is list.append (STR (10000000 * I) + ' : ' + STR (10000000 * (I +. 1 ))) 21 is the pool = TP () # multithreading accelerate blasting speed 22 pool.map (findCode, List) 23 is pool.close () 24 pool.join ()
Results are as follows:
Code 3 above are outputted may be used, the results may be selected for different situations a different number of blasted