我有一个有趣的挑战,我试图弄清楚如何获取密码。
密码使用sha256进行散列,因此无法正常进行反向工程。我想做蛮力。
这是代码:
import sys
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import hashes
print ("A-Z, a-z, 0-9. L47????P6")
try:
userInput = str(sys.argv[1])
except:
userInput = " "
digest = hashes.Hash(hashes.SHA256(), backend=default_backend())
digest.update(bytes(str(userInput), "utf-8"))
hash = digest.finalize()
#Converts the bytes hash into integer format, then casts to hex
newhash = (hex(int.from_bytes(hash, byteorder='big'))[2:])
print ("Entered password: ", userInput)
if (newhash == "8fbec71d6602c08e86bce4083194fab9e717688d5b0866ab784b9e8dfe26636e"):
print ("Valid: True")
print ("Correct! Remember the password is: ", userInput)
else:
print ("Valid: False")
[查看,我猜是L47 ???? P6是密码,您必须弄清楚自己要输入的4个字符。另外,我认为我会使用itertools,因为它似乎可以很好地用于组合。
所以我尝试了,
将行更改为具有前缀和后缀:
userInput = str("L47" + guess + "P6")
我有itertools输出想要使用的内容:
import itertools
combination = '0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'
y = ''
for c in itertools.product(combination, repeat=4):
pin = y+''.join(c)
print(pin)
然后,我尝试将其合并到我尝试制作的蛮力代码中,但是我对如何集成它感到困惑。我尝试进行while循环,但似乎只输出L47zzzzP6
这是我到目前为止所拥有的:
import sys
import itertools
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import hashes
combination = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890abcdefghijklmnopqrstuvwxyz'
y = ''
print ("A-Z, a-z, 0-9. L47????P6")
try:
userInput = str("L47" + guess + "P6")
except:
userInput = " "
digest = hashes.Hash(hashes.SHA256(), backend=default_backend())
digest.update(bytes(str(userInput), "utf-8"))
hash = digest.finalize()
newhash = (hex(int.from_bytes(hash, byteorder='big'))[2:])
print ("Entered password: ", userInput)
while (newhash != "8fbec71d6602c08e86bce4083194fab9e717688d5b0866ab784b9e8dfe26636e"):
for c in itertools.product(combination, repeat=4):
guess = y+''.join(c)
if (newhash == "8fbec71d6602c08e86bce4083194fab9e717688d5b0866ab784b9e8dfe26636e"):
print ("Valid: True")
print ("Correct! Remember this password: ", userInput)
如何正确迭代并找出密码?
您需要在相关功能中添加代码。
def my_hash(string):
digest = hashes.Hash(hashes.SHA256(), backend=default_backend())
digest.update(bytes(str(userInput), "utf-8"))
hash = digest.finalize()
return (hex(int.from_bytes(hash, byteorder='big'))[2:])
def pass_generator():
combination = '0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'
for c in itertools.product(combination, repeat=4):
middle = ''.join(c)
pass = f"L47{middle}P6"
yield pass, my_hash(pass)
最后,您可以要求用户输入密码并尝试猜测。
user_pass = input("please enter a password: ")
user_pass_hash = my_hash(user_pass)
for pass, hash_pass in pass_generator():
if hash_pass == user_pass_hash:
print(f"user password is : {pass}")
break
生成器是必需的,它可以加快处理速度并避免生成所有可能性,此处匹配将停止迭代。