John 破解rar 或者 zip密码

<–more–>

安装

win环境
Ubuntu

要求

1
sudo apt-get install build-essential libssl-dev

编译

创建临时目录用来编译源代码

1
mkdir temp

改变工作目录

1
cd temp

从官网下载源代码

1
wget http://www.openwall.com/john/j/john-1.8.0-jumbo-1.tar.gz

解压缩

1
tar xfz john-1.8.0-jumbo-1.tar.gz

配置脚本

1
2
3
cd john-1.8.0-jumbo-1/src/

./configure

编译

1
make -s

编译可以运行目录

1
cd ../run

可以从目录直接执行命令

简单安装

目录创建

1
mkdir -p ~/apps/john

复制程序到目录

1
cp ~/temp/john-1.8.0-jumbo-1/run/* ~/apps/john/
1
cd ~/apps/john/ && ./john --test

使用

我这里window环境做演示
首先我手头有一个 test.zip 压缩包密码是 123

用zip2john或者rar2john提取hash密码

1
zip2john.exe test.zip > zip.hashes

john破解hash密码

1
john zip.hashes

结果应该是这样的

1
2
3
4
5
6
7
8
9
10
11
Loaded 1 password hash (PKZIP [32/64])

guesses: 0 time: 0:00:40:29 0.00% (3) c/s: 2278K trying: eDTvw - ekTsl
guesses: 0 time: 0:01:25:10 0.00% (3) c/s: 1248K trying: ctshm#ni - ctshfon9
guesses: 0 time: 0:02:56:40 0.00% (3) c/s: 1499K trying: BR489a - BR48jf
guesses: 0 time: 0:03:56:04 0.00% (3) c/s: 1703K trying: fjmis5od - fjmidia0
guesses: 0 time: 0:04:46:09 0.00% (3) c/s: 1748K trying: Difg1ek - DifgbpS
guesses: 0 time: 0:05:21:22 0.00% (3) c/s: 1855K trying: btkululp - btkulene
guesses: 0 time: 0:06:02:43 0.00% (3) c/s: 1857K trying: ghmnymik - ghmnyasd
test4321 (../test.zip)
guesses: 1 time: 0:06:32:34 DONE (Mon Jul 28 17:50:22 2014) c/s: 1895K trying: telkuwhy – test43ac

如果要看到密码可以用下面的命令

1
john zip.hashes --show

其他链接

https://blog.sleeplessbeastie.eu/2015/05/25/how-to-crack-archive-password-faster/
http://www.cybercrimetech.com/2014/07/how-to-cracking-zip-and-rar-protected.html