我有几年前的旧Macbook,我不记得密码,但我记得当时我的密码中的一些字符,所以我想我可能会使用一个版本的一个随时可用的脚本。问题是,当我使用示例中的字符串测试哈希中的“password”时,我得到的值与提供的哈希值不同。因此,我永远无法获得旧密码。以下是从http://pastebin.com/Gv6VxEZ7
中提取的相关代码#Should be 8 characters of salt + sha hash for "password" if I'm understanding this correctly
digest = "33BA7C74C318F5D3EF40EB25E1C42F312ACF905E20540226"
salt = "33BA7C74"
sha1 = "C318F5D3EF40EB25E1C42F312ACF905E20540226"
try:
salt_hex = chr(int(salt[0:2], 16)) + chr(int(salt[2:4], 16)) + chr(int(salt[4:6], 16)) + chr(int(salt[6:8], 16)) # CONVERT SALT TO HEX
check("password", salt_hex, salt)
def check(password,salt_hex, salt): # HASH PASS AND COMPARE
if not password.startswith("#!"): #IGNORE COMMENTS
sha1_guess = hashlib.sha1(salt_hex+password).hexdigest()
print("Trying with salt_hex " + password)
print sha1_guess.upper()
print "\n"
sha1_guess = hashlib.sha1(salt+password).hexdigest()
print("Trying with salt " + password)
print sha1_guess.upper()
print "\n"
if sha1 in sha1_guess.upper():
print("Cleartext password is : "+password)
exit(0)
不幸的是,这两次尝试的输出都不正确
$ python sha_crack.py
试图破解...... 33BA7C74C318F5D3EF40EB25E1C42F312ACF905E20540226
尝试使用salt_hex密码 9D8F0A15CF344F7FB35A1918AA0636A025261627
尝试使用salt密码 E105192888CC1C34B7535AAA0425EC06F653A1B9
文章我正在测试显示此哈希用于“密码”
http://www.defenceindepth.net/2009/12/cracking-os-x-passwords.html
答案 0 :(得分:0)
您正在使用的示例哈希是完全错误的。
如果我们改为使用JtR wiki中提供的测试向量,我们会看到代码按预期工作(正确的密码是" macintosh
"根据Wiki) :
import binascii
import hashlib
hash = "0E6A48F765D0FFFFF6247FA80D748E615F91DD0C7431E4D9"
salt = binascii.unhexlify(hash[0:8])
sha1 = binascii.unhexlify(hash[8:])
passwords = ["123", "password", "macintosh"]
for password in passwords:
if hashlib.sha1(salt + password).digest() == sha1:
print "Password is \"%s\"" % password
break