Admin
Администратор
Генерируем варианты утерянного пароля через HashCat
Бывает что теряется доступ к
Код:
PasswordXSS!
PasswordXSS123
PasswordXSS777
PASSWORDXSS777Для этого нам необходим только https://hashcat.net/
Генерировать вариации паролей будем по правилам(https://hashcat.net/wiki/doku.php?id=rule_based_attack)
Качаем хэшкат https://hashcat.net/hashcat/
Заходим в директорию с программой/rules/ в этой папке есть примеры рулсов, если влом писать свои.
Сделаем максимально большое правило, объединив все правила из папки в 1 файл.
Код:
cat *.rule > all.rule && cat all.rule|sort|uniq > alls.ruleрегуляркой
Код:
^#(.*)Далее создаем файл lostpass.txt в котором будут оригинальные пароли для создания вариаций(PasswordXSS).
Генерируем словарь для брута
Код:
./hashcat.bin --stdout -r rules/alls.rule lostpass.txt > tmp.txt && cat tmp.txt |sort|uniq > result_dic.txt && rm tmp.txtВ итоге 1 пароль был размножен до ~100к вариаций.
Код:
0000000PasswordXSS
000000asswordXSS
000000PasswordXSS
00000asswordXSS
00000PasordXSS
00000pASSWORDxss
00000PASSWORDXSS
0000asswordXSS
0000PasswordXSS
0000Passw,rdXSS
000asswordXSS
000Pas
000PasswordXSS
00^0PasswordXSS
001PasswordXSS
002PasswordXSS
003PasswordXSS
004PasswordXSS
005PasswordXSS
006PasswordXSS
007asswordXSS
007passwordXSS
007Passwordxss
007PasswordXSS
007SSXdrowssaP
008PasswordXSS
009PasswordXSS
00asswordXSS
00MarPasswordXSS
00passwordxss
00passwordXSS
00Passwordxss
00PasswordXSS
00PASSWORDXSS
00PasswordXSS00
00PPPasswordXSS
00sswordXSS
(00sswordXSS
00sswordXSSP
00SSXdrowssaP
010203asswordXSS
010PasswordXSS
0111PasswordXSS
011PasswordXSS
0123asswordXSS
012PasswordXSS
013PasswordXSS
014PasswordXSS
015PasswordXSS
016PasswordXSS
017PasswordXSS
018PasswordXSS
019PasswordXSS
01asswordXSS
01P2asswordXSS
01passwordxss
01passwordXSS
01Passwordxss
01PasswordXSS
01PasswordXSS!
01PASSWORDXSS
01PasswordXSS01
01SSXdrowssaP
020PasswordXSS
021PasswordXSS
022PasswordXSS
023PasswordXSS
024PasswordXSS
025PasswordXSS
026PasswordXSS
027PasswordXSS
028PasswordXSS
029PasswordXSS
02asswordXSS
02PassSordXwS
02passwordxss
02passwordXSS
02Passwordxss
02PasswordXSS
02PASSWORDXSS
02SSXdrowssaP
030PasswordXSS
031PasswordXSS
032PasswordXSS
033PasswordXSS
034PasswordXSS
035PasswordXSS
036PasswordXSS
037PasswordXSS
038PasswordXSS
039PasswordXSS
03passwordxss
03passwordXSS
03Passwordxss
03PasswordXSS
03PASSWORDXSS
03SSXdrowssaP
040PasswordXSS
041PasswordXSS
042PasswordXSS
043PasswordXSS
044PasswordXSS
045PasswordXSS
046PasswordXSS
047PasswordXSS
048PasswordXSS
049PasswordXSS
04asswordXSS
04marPasswordXSS
04passwordxss
04passwordXSS
04pASSWORDxss
04Passwordxss
04PasswordXSS
04PASSWORDXSS
04SSXdrowssaP
050PasswordXSS
051PasswordXSS
052PasswordXSS
053PasswordXSS
054PasswordXSS
055PasswordXSS
056PasswordXSS
057PasswordXSS
058PasswordXSS
059PasswordXSS
05asswordXSS
05passwordXSS
05Passwordxss
05PasswordXSS
05PASSWORDXSS
05SSXdrowssaP
060PasswordXSS
061PasswordXSS
062PasswordXSS
063PasswordXSS
064PasswordXSS
065PasswordXSS
066PasswordXSS
067PasswordXSS
068PasswordXSS
069PasswordXSS
06asswordXSS
06MarPasswordXSS
06passwordXSS
06Passwordxss
06PasswordXSS
06PASSWORDXSS
06SSXdrowssaP
070PasswordXSS
071PasswordXSS
072PasswordXSS
073PasswordXSS
074PasswordXSS
075PasswordXSS
076PasswordXSS
077PasswordXSS
078PasswordXSS
079PasswordXSS
07asswordXSS
07MarPasswordXSS
07passwordxss
07passwordXSS
07Passwordxss
07PasswordXSS
07PASSWORDXSS
07SSXdrowssaP
080PasswordXSS
081PasswordXSS
082PasswordXSS
083PasswordXSS
084PasswordXSS
085PasswordXSS
086PasswordXSS
087PasswordXSS
088PasswordXSS
089PasswordXSS
08asswordXSS
08passwordxss
08passwordXSS
08Passwordxss
08PasswordXSS
08PASSWORDXSS
08SSXdrowssaP
090PasswordXSS
091PasswordXSS
092PasswordXSS
093PasswordXSS
094PasswordXSS
095PasswordXSS
096PasswordXSS
097PasswordXSS
098765asswordXSS
098PasswordXSS
099PasswordXSS
09asswordXSS
09passwordxss
09passwordXSS
09Passwordxss
09PasswordXSS
09PASSWORDXSS
09SSXdrowssaP
0aaasswordXSS
0adXSS
0aPasswordxss
0aPasswordXSS
0aPASSWORDXSS
0aPsswordXSS
0asPswordXSS
0asrwo4dXSS
0asrwosdXSS
0ass
0assoDrdXSS
0assSn
0assword
0asswordXSs
0asswordXSS
(0asswordXSS
@0asswordXSS
0asswordXSS
0asswordXSS!
0asswordXSS@
0aSswordXSS
0asswordXSS0asswordXSS
0asswordXsS0asswordXSS0asswordXSS0asswordXSS0asswordXSS
0asswordXSSa
0asswordXSSA
0asswordXSSn
0asswordXSSP
0asswordXSSPasswordXSS
0asswordXSSs
0asswordXSSSS
0asswordXSSz
0asswordYSS
0asswoSSa
0asswPrdXSS
0astwordXSS
0BasswordXSS
0bpasswordxss
0bPasswordxss
0bPasswordXSS
0bPASSWORDXSSЭто много, поэтому желательно самому составить свое правило на основе данных о цели + очевидные варианты(в конец 123,777,!,$,# в начале первую букву в верхний регистр и тд) и работать с ними.
Так же из итогового файла нужно удалить лишние строки на подобии:
Код:
[33m[0m
[33mCannot convert rule for use on OpenCL device in file rules/alls.rule on line 26576: -64[0m
[33mCannot convert rule for use on OpenCL device in file rules/alls.rule on line 32932: -84[0m
[33mCannot convert rule for use on OpenCL device in file rules/alls.rule on line 39063: >A k c[0m
[33mCannot convert rule for use on OpenCL device in file rules/alls.rule on line 39075: >A k l[0m
[33mCannot convert rule for use on OpenCL device in file rules/alls.rule on line 39085: >A k u[0m
[33m CUDA SDK Toolkit installation required for proper device support and utilization[0m
[33m* Device #1: CUDA SDK Toolkit installation NOT detected.[0m
[33m Falling back to OpenCL Runtime[0m
[33mSkipping invalid or unsupported rule in file rules/alls.rule on line 186324: Sa@[0m
[33mSkipping invalid or unsupported rule in file rules/alls.rule on line 186395: Sa4[0m
[33mSkipping invalid or unsupported rule in file rules/alls.rule on line 196232: Sa@Se3[0m
[33mSkipping invalid or unsupported rule in file rules/alls.rule on line 196893: Sa@Si1[0m
[33mSkipping invalid or unsupported rule in file rules/alls.rule on line 197049: Sa@So0[0m
[33mSkipping invalid or unsupported rule in file rules/alls.rule on line 197144: Sa@Su4[0m