已加密的Zip压缩包暴力破解方式Archpr+John
生活随笔
收集整理的這篇文章主要介紹了
已加密的Zip压缩包暴力破解方式Archpr+John
小編覺得挺不錯的,現(xiàn)在分享給大家,幫大家做個參考.
本文主要記錄已加密zip壓縮包的破解,密碼為數(shù)字的暴力破解方式,僅用于實(shí)驗(yàn)研究。
我只嘗試了兩種破解方式,一種是利用Archpr工具(僅windows平臺可用),另一種利用了John(kali系統(tǒng)內(nèi)置,支持windows和linux系統(tǒng)),主要思路為java利用
Runtime.getRuntime();調(diào)用cmd命令去執(zhí)行破解工作,然后分析破解后的密碼文件,獲取密碼,進(jìn)行下一步的解壓縮,解壓縮成功后,可以將過程中的文件清除,減少硬盤占用,本次示例代碼截至到獲取密碼階段,后續(xù)代碼就不贅述了。
直接上代碼,首先是Archpr版
package org.example;import java.io.*; import java.util.ArrayList; import java.util.List; import java.util.concurrent.ExecutionException;/*** Hello world!**/ public class Archpr2Zip {static String url = "E:\\Elcomsoft Password Recovery\\Advanced Archive Password Recovery\\ARCHPR.exe ";static String pwdFileRoot ="E:\\";public static void main(String[] args) throws ExecutionException, InterruptedException {String pwdFile = pwdFileRoot+String.valueOf(System.currentTimeMillis());String zipFile = "E:\\c.zip";//解壓路徑execCommand(zipFile,pwdFile);System.out.println("密碼:"+getPwd(pwdFile));// UnZipUtils.unZip(zipFile,dest,pwd);}public static void execCommand(String zipName,String pwdFile) {try {Runtime runtime = Runtime.getRuntime();// 打開任務(wù)管理器,exec方法調(diào)用后返回 Process 進(jìn)程對象String cmd = " /a:b /c:d /min:6 /max:6 /sf:000000 /smartexit:"+pwdFile+ " "+zipName;Process process = runtime.exec(url+cmd);// 等待進(jìn)程對象執(zhí)行完成,并返回“退出值”,0 為正常,其他為異常BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(process.getInputStream(),"GBK"));String line = "";while ((line=bufferedReader.readLine())!=null){System.out.println(line);}int exitValue = process.waitFor();System.out.println("exitValue: " + exitValue);// 銷毀process對象process.destroy();} catch (IOException | InterruptedException e) {e.printStackTrace();}}public static String getPwd(String pwdFile) {//--------------讀取文本-------------//BufferedReader br = null;try {File file = new File(pwdFile);FileInputStream fis = new FileInputStream(file);InputStreamReader isr = new InputStreamReader(fis, "UTF16");//避免中文亂碼br = new BufferedReader(isr);List<String> list = new ArrayList<String>();String str_line = "";//逐行讀取文本while ((str_line = br.readLine()) != null) {list.add(str_line);if (str_line.indexOf("這個文件的口令 :") > -1) {String pwd = str_line.substring(str_line.indexOf("這個文件的口令 :")+10);return pwd;}}//讀取文件并執(zhí)行業(yè)務(wù)//.... list} catch (UnsupportedEncodingException e) {e.printStackTrace();} catch (FileNotFoundException e) {e.printStackTrace();} catch (IOException e) {e.printStackTrace();} finally {try {if (br != null) {br.close();}} catch (Exception e) {e.printStackTrace();}}return "";} }另一種是John版本
package org.example;import java.io.*; import java.util.ArrayList; import java.util.List; import java.util.concurrent.ExecutionException;/*** Hello world!**/ public class John2Zip {static String johnurl_zip = "E:\\john-1.9.0-jumbo-1-win64\\john-1.9.0-jumbo-1-win64\\run\\zip2john.exe";static String johnurl_john = "E:\\john-1.9.0-jumbo-1-win64\\john-1.9.0-jumbo-1-win64\\run\\john.exe";static String pwdFileRoot = "E:\\";public static void main(String[] args) throws ExecutionException, InterruptedException {String pwdFile = pwdFileRoot+String.valueOf(System.currentTimeMillis());String zipFile = "E:\\settings.zip";String dest = "E:\\test\\";//解壓路徑 // delFile(fpath);execCommandZip2John(zipFile,pwdFile);execCommandJohnHash(pwdFile);System.out.println(execCommandShow(pwdFile)); // UnZipUtils.unZip(zipFile,dest,pwd);}public static void execCommandZip2John(String zipName,String pwdFile) {try {Runtime runtime = Runtime.getRuntime();// 打開任務(wù)管理器,exec方法調(diào)用后返回 Process 進(jìn)程對象String cmd = " "+zipName+" > "+pwdFile;Process process = runtime.exec(johnurl_zip+cmd);// 等待進(jìn)程對象執(zhí)行完成,并返回“退出值”,0 為正常,其他為異常FileWriter ft = new FileWriter(pwdFile);BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(process.getInputStream(),"GBK"));String line = "";while ((line=bufferedReader.readLine())!=null){ft.write(line);System.out.println(line);}ft.flush();int exitValue = process.waitFor();System.out.println("exitValue: " + exitValue);// 銷毀process對象process.destroy();} catch (IOException | InterruptedException e) {e.printStackTrace();}}public static void execCommandJohnHash(String pwdFile) {try {Runtime runtime = Runtime.getRuntime();// 打開任務(wù)管理器,exec方法調(diào)用后返回 Process 進(jìn)程對象String cmd = " --incremental=digits "+pwdFile;Process process = runtime.exec(johnurl_john+cmd);// 等待進(jìn)程對象執(zhí)行完成,并返回“退出值”,0 為正常,其他為異常BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(process.getInputStream(),"GBK"));String line = "";while ((line=bufferedReader.readLine())!=null){System.out.println(line);}int exitValue = process.waitFor();System.out.println("exitValue: " + exitValue);// 銷毀process對象process.destroy();} catch (IOException | InterruptedException e) {e.printStackTrace();}}public static String execCommandShow(String pwdFile) {try {Runtime runtime = Runtime.getRuntime();// 打開任務(wù)管理器,exec方法調(diào)用后返回 Process 進(jìn)程對象String cmd = " --show "+pwdFile;Process process = runtime.exec(johnurl_john+cmd);// 等待進(jìn)程對象執(zhí)行完成,并返回“退出值”,0 為正常,其他為異常BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(process.getInputStream(),"GBK"));String line = "";while ((line=bufferedReader.readLine())!=null){if(line.split(":").length>1){String pwd = line.split(":")[1];System.out.println("密碼--------------->"+pwd) ;return pwd;}}int exitValue = process.waitFor();System.out.println("exitValue: " + exitValue);// 銷毀process對象process.destroy();} catch (IOException | InterruptedException e) {e.printStackTrace();}return "";}public static void delFile(String fileName){try{File file = new File(fileName);file.deleteOnExit();System.out.println("del finish");}catch (Exception e){e.printStackTrace();}} }以上就是個人的筆記,主要用于試驗(yàn)和學(xué)習(xí),望大家多多指正!
另,如果已知密碼范圍比如純數(shù)字或是有固定的格式可以自己生成一個字典,字典里面窮舉所有密碼,這時候效率會更高,命令如下:
john.exe --wordlist=dict.lst --fork=4 hash
其中dict.lst為字典文件,fork為開啟的線程數(shù),多核cpu開啟多線程,性能更高,破解更快!
總結(jié)
以上是生活随笔為你收集整理的已加密的Zip压缩包暴力破解方式Archpr+John的全部內(nèi)容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: 使用ARCHPR进行zip明文攻击
- 下一篇: 利用 ARCHPR 暴力破解 压缩包解压