차이
문서의 선택한 두 판 사이의 차이를 보여줍니다.
양쪽 이전 판 이전 판 다음 판 | 이전 판 다음 판 양쪽 다음 판 | ||
software:hashcat [2024/04/25 01:35] 14.63.160.16 이전 판으로 되돌림 (2023/11/24 09:39) |
software:hashcat [2024/05/05 19:32] 127.0.0.1 이전 판으로 되돌림 (2023/11/17 07:52) |
||
---|---|---|---|
줄 1: | 줄 1: | ||
+ | ====== Hashcat (소프트웨어) ====== | ||
+ | |||
+ | Hashcat(해시캣)은 파일의 암호화를 해제하기 위한 무작위 대입(사전, | ||
+ | |||
+ | ===== 암호 해제(Windows 10, Microsoft Excel 2013 기준) ====== | ||
+ | |||
+ | ==== 해제 전 준비 ==== | ||
+ | [[https:// | ||
+ | |||
+ | 현재 기준으로 파이선 최신버전은 [[https:// | ||
+ | |||
+ | ==== 해제 과정 ==== | ||
+ | |||
+ | 1. [[https:// | ||
+ | |||
+ | |||
+ | 2. 압축을 푼다. | ||
+ | |||
+ | 3. 명령 프롬프트(cmd) 창을 열고 pushd 명령으로 압축을 푼 폴더 위치로 이동한다. | ||
+ | |||
+ | **pushd C: | ||
+ | |||
+ | |||
+ | 4. 아래 명령을 실행하면 패스워드를 풀 수 있는 해시를 확인할 수 있다. | ||
+ | |||
+ | **python office2john.py C: | ||
+ | |||
+ | {{: | ||
+ | |||
+ | |||
+ | 5. [[https:// | ||
+ | |||
+ | |||
+ | 6. Office 버전에 맞는 플래그 번호를 찾는다. (오른쪽 4자리 번호) | ||
+ | |||
+ | Office 97-03(MD5+RC4, | ||
+ | Office 97-03(MD5+RC4, | ||
+ | Office 97-03(MD5+RC4, | ||
+ | Office 97-03(SHA1+RC4, | ||
+ | Office 97-03(SHA1+RC4, | ||
+ | Office 97-03(SHA1+RC4, | ||
+ | Office 2007: flag -m 9400 | ||
+ | Office 2010: flag -m 9500 | ||
+ | Office 2013: flag -m 9600 | ||
+ | |||
+ | |||
+ | ===== 지원 소프트웨어 ==== | ||
+ | * MD4 | ||
+ | * MD5 | ||
+ | * SHA1 | ||
+ | * SHA2-224 | ||
+ | * SHA2-256 | ||
+ | * SHA2-384 | ||
+ | * SHA2-512 | ||
+ | * SHA3-224 | ||
+ | * SHA3-256 | ||
+ | * SHA3-384 | ||
+ | * SHA3-512 | ||
+ | * RIPEMD-160 | ||
+ | * BLAKE2b-512 | ||
+ | * GOST R 34.11-2012 (Streebog) 256-bit, big-endian | ||
+ | * GOST R 34.11-2012 (Streebog) 512-bit, big-endian | ||
+ | * GOST R 34.11-94 | ||
+ | * Half MD5 | ||
+ | * Keccak-224 | ||
+ | * Keccak-256 | ||
+ | * Keccak-384 | ||
+ | * Keccak-512 | ||
+ | * Whirlpool | ||
+ | * SipHash | ||
+ | * md5(utf16le($pass)) | ||
+ | * sha1(utf16le($pass)) | ||
+ | * sha256(utf16le($pass)) | ||
+ | * sha384(utf16le($pass)) | ||
+ | * sha512(utf16le($pass)) | ||
+ | * md5($pass.$salt) | ||
+ | * md5($salt.$pass) | ||
+ | * md5($salt.$pass.$salt) | ||
+ | * md5($salt.md5($pass)) | ||
+ | * md5($salt.md5($pass.$salt)) | ||
+ | * md5($salt.md5($salt.$pass)) | ||
+ | * md5($salt.sha1($salt.$pass)) | ||
+ | * md5($salt.utf16le($pass)) | ||
+ | * md5(md5($pass)) | ||
+ | * md5(md5($pass).md5($salt)) | ||
+ | * md5(md5(md5($pass))) | ||
+ | * md5(sha1($pass)) | ||
+ | * md5(sha1($pass).md5($pass).sha1($pass)) | ||
+ | * md5(sha1($salt).md5($pass)) | ||
+ | * md5(strtoupper(md5($pass))) | ||
+ | * md5(utf16le($pass).$salt) | ||
+ | * sha1($pass.$salt) | ||
+ | * sha1($salt.$pass) | ||
+ | * sha1($salt.$pass.$salt) | ||
+ | * sha1($salt.sha1($pass)) | ||
+ | * sha1($salt.sha1($pass.$salt)) | ||
+ | * sha1($salt.utf16le($pass)) | ||
+ | * sha1($salt1.$pass.$salt2) | ||
+ | * sha1(CX) | ||
+ | * sha1(md5($pass)) | ||
+ | * sha1(md5($pass).$salt) | ||
+ | * sha1(md5($pass.$salt)) | ||
+ | * sha1(md5(md5($pass))) | ||
+ | * sha1(sha1($pass)) | ||
+ | * sha1(sha1($pass).$salt) | ||
+ | * sha1(sha1($salt.$pass.$salt)) | ||
+ | * sha1(utf16le($pass).$salt) | ||
+ | * sha256($pass.$salt) | ||
+ | * sha256($salt.$pass) | ||
+ | * sha256($salt.$pass.$salt) | ||
+ | * sha256($salt.sha256($pass)) | ||
+ | * sha256($salt.utf16le($pass)) | ||
+ | * sha256(md5($pass)) | ||
+ | * sha256(sha256($pass).$salt) | ||
+ | * sha256(sha256_bin($pass)) | ||
+ | * sha256(utf16le($pass).$salt) | ||
+ | * sha384($pass.$salt) | ||
+ | * sha384($salt.$pass) | ||
+ | * sha384($salt.utf16le($pass)) | ||
+ | * sha384(utf16le($pass).$salt) | ||
+ | * sha512($pass.$salt) | ||
+ | * sha512($salt.$pass) | ||
+ | * sha512($salt.utf16le($pass)) | ||
+ | * sha512(utf16le($pass).$salt) | ||
+ | * HMAC-MD5 (key = $pass) | ||
+ | * HMAC-MD5 (key = $salt) | ||
+ | * HMAC-SHA1 (key = $pass) | ||
+ | * HMAC-SHA1 (key = $salt) | ||
+ | * HMAC-SHA256 (key = $pass) | ||
+ | * HMAC-SHA256 (key = $salt) | ||
+ | * HMAC-SHA512 (key = $pass) | ||
+ | * HMAC-SHA512 (key = $salt) | ||
+ | * HMAC-Streebog-256 (key = $pass), big-endian | ||
+ | * HMAC-Streebog-256 (key = $salt), big-endian | ||
+ | * HMAC-Streebog-512 (key = $pass), big-endian | ||
+ | * HMAC-Streebog-512 (key = $salt), big-endian | ||
+ | * CRC32 | ||
+ | * Java Object hashCode() | ||
+ | * MurmurHash | ||
+ | * 3DES | ||
+ | * DES | ||
+ | * AES-128-ECB NOKDF | ||
+ | * AES-192-ECB NOKDF | ||
+ | * AES-256-ECB NOKDF | ||
+ | * ChaCha20 | ||
+ | * Linux Kernel Crypto API (2.4) | ||
+ | * Skip32 | ||
+ | * PBKDF2-HMAC-MD5 | ||
+ | * PBKDF2-HMAC-SHA1 | ||
+ | * PBKDF2-HMAC-SHA256 | ||
+ | * PBKDF2-HMAC-SHA512 | ||
+ | * scrypt | ||
+ | * phpass | ||
+ | * TACACS+ | ||
+ | * SIP digest authentication (MD5) | ||
+ | * IKE-PSK MD5 | ||
+ | * IKE-PSK SHA1 | ||
+ | * WPA-EAPOL-PBKDF2 | ||
+ | * WPA-EAPOL-PMK | ||
+ | * WPA-PBKDF2-PMKID+EAPOL | ||
+ | * WPA-PMK-PMKID+EAPOL | ||
+ | * WPA-PMKID-PBKDF2 | ||
+ | * WPA-PMKID-PMK | ||
+ | * IPMI2 RAKP HMAC-SHA1 | ||
+ | * CRAM-MD5 | ||
+ | * JWT (JSON Web Token) | ||
+ | * Kerberos 5, etype 17, TGS-REP | ||
+ | * Kerberos 5, etype 17, Pre-Auth | ||
+ | * Kerberos 5, etype 18, TGS-REP | ||
+ | * Kerberos 5, etype 18, Pre-Auth | ||
+ | * Kerberos 5, etype 23, AS-REQ Pre-Auth | ||
+ | * Kerberos 5, etype 23, TGS-REP | ||
+ | * Kerberos 5, etype 23, AS-REP | ||
+ | * NetNTLMv1 / NetNTLMv1+ESS | ||
+ | * NetNTLMv2 | ||
+ | * iSCSI CHAP authentication, | ||
+ | * RACF | ||
+ | * AIX {smd5} | ||
+ | * AIX {ssha1} | ||
+ | * AIX {ssha256} | ||
+ | * AIX {ssha512} | ||
+ | * LM | ||
+ | * QNX /etc/shadow (MD5) | ||
+ | * QNX /etc/shadow (SHA256) | ||
+ | * QNX /etc/shadow (SHA512) | ||
+ | * DPAPI masterkey file v1 | ||
+ | * DPAPI masterkey file v2 | ||
+ | * GRUB 2 | ||
+ | * MS-AzureSync PBKDF2-HMAC-SHA256 | ||
+ | * BSDi Crypt, Extended DES | ||
+ | * NTLM | ||
+ | * Radmin2 | ||
+ | * Samsung Android Password/ | ||
+ | * Windows Phone 8+ PIN/ | ||
+ | * Cisco-ASA MD5 | ||
+ | * Cisco-IOS $8$ (PBKDF2-SHA256) | ||
+ | * Cisco-IOS $9$ (scrypt) | ||
+ | * Cisco-IOS type 4 (SHA256) | ||
+ | * Cisco-PIX MD5 | ||
+ | * Citrix NetScaler (SHA1) | ||
+ | * Citrix NetScaler (SHA512) | ||
+ | * Domain Cached Credentials (DCC), MS Cache | ||
+ | * Domain Cached Credentials 2 (DCC2), MS Cache 2 | ||
+ | * FortiGate (FortiOS) | ||
+ | * FortiGate256 (FortiOS256) | ||
+ | * ArubaOS | ||
+ | * Juniper IVE | ||
+ | * Juniper NetScreen/ | ||
+ | * Juniper/ | ||
+ | * iPhone passcode (UID key + System Keybag) | ||
+ | * macOS v10.4, macOS v10.5, MacOS v10.6 | ||
+ | * macOS v10.7 | ||
+ | * macOS v10.8+ (PBKDF2-SHA512) | ||
+ | * bcrypt $2*$, Blowfish (Unix) | ||
+ | * md5crypt, MD5 (Unix), Cisco-IOS $1$ (MD5) | ||
+ | * descrypt, DES (Unix), Traditional DES | ||
+ | * sha256crypt $5$, SHA256 (Unix) | ||
+ | * sha512crypt $6$, SHA512 (Unix) | ||
+ | * SQLCipher | ||
+ | * MSSQL (2000) | ||
+ | * MSSQL (2005) | ||
+ | * MSSQL (2012, 2014) | ||
+ | * MongoDB ServerKey SCRAM-SHA-1 | ||
+ | * MongoDB ServerKey SCRAM-SHA-256 | ||
+ | * PostgreSQL | ||
+ | * PostgreSQL CRAM (MD5) | ||
+ | * Oracle H: Type (Oracle 7+) | ||
+ | * Oracle S: Type (Oracle 11+) | ||
+ | * Oracle T: Type (Oracle 12+) | ||
+ | * MySQL $A$ (sha256crypt) | ||
+ | * MySQL CRAM (SHA1) | ||
+ | * MySQL323 | ||
+ | * MySQL4.1/ | ||
+ | * Sybase ASE | ||
+ | * DNSSEC (NSEC3) | ||
+ | * KNX IP Secure - Device Authentication Code | ||
+ | * CRAM-MD5 Dovecot | ||
+ | * SSHA-256(Base64), | ||
+ | * SSHA-512(Base64), | ||
+ | * Dahua Authentication MD5 | ||
+ | * RedHat 389-DS LDAP (PBKDF2-HMAC-SHA256) | ||
+ | * FileZilla Server >= 0.9.55 | ||
+ | * ColdFusion 10+ | ||
+ | * Apache $apr1$ MD5, md5apr1, MD5 (APR) | ||
+ | * Episerver 6.x < .NET 4 | ||
+ | * Episerver 6.x >= .NET 4 | ||
+ | * hMailServer | ||
+ | * nsldap, SHA-1(Base64), | ||
+ | * nsldaps, SSHA-1(Base64), | ||
+ | * SAP CODVN B (BCODE) | ||
+ | * SAP CODVN B (BCODE) from RFC_READ_TABLE | ||
+ | * SAP CODVN F/G (PASSCODE) | ||
+ | * SAP CODVN F/G (PASSCODE) from RFC_READ_TABLE | ||
+ | * SAP CODVN H (PWDSALTEDHASH) iSSHA-1 | ||
+ | * PeopleSoft | ||
+ | * PeopleSoft PS_TOKEN | ||
+ | * SolarWinds Orion | ||
+ | * SolarWinds Orion v2 | ||
+ | * SolarWinds Serv-U | ||
+ | * Lotus Notes/ | ||
+ | * Lotus Notes/ | ||
+ | * Lotus Notes/ | ||
+ | * OpenEdge Progress Encode | ||
+ | * Oracle Transportation Management (SHA256) | ||
+ | * Huawei sha1(md5($pass).$salt) | ||
+ | * AuthMe sha256 | ||
+ | * AES Crypt (SHA256) | ||
+ | * LUKS | ||
+ | * VeraCrypt | ||
+ | * BestCrypt v3 Volume Encryption | ||
+ | * FileVault 2 | ||
+ | * DiskCryptor | ||
+ | * BitLocker | ||
+ | * Android FDE (Samsung DEK) | ||
+ | * Android FDE <= 4.3 | ||
+ | * Apple File System (APFS) | ||
+ | * TrueCrypt | ||
+ | * eCryptfs | ||
+ | * PDF 1.1 - 1.3 (Acrobat 2 - 4) | ||
+ | * PDF 1.1 - 1.3 (Acrobat 2 - 4), collider #1 | ||
+ | * PDF 1.1 - 1.3 (Acrobat 2 - 4), collider #2 | ||
+ | * PDF 1.4 - 1.6 (Acrobat 5 - 8) | ||
+ | * PDF 1.4 - 1.6 (Acrobat 5 - 8) - edit password | ||
+ | * PDF 1.7 Level 3 (Acrobat 9) | ||
+ | * PDF 1.7 Level 8 (Acrobat 10 - 11) | ||
+ | * MS Office 2007 | ||
+ | * MS Office 2010 | ||
+ | * MS Office 2013 | ||
+ | * MS Office 2016 - SheetProtection | ||
+ | * MS Office <= 2003 $0/$1, MD5 + RC4 | ||
+ | * MS Office <= 2003 $0/$1, MD5 + RC4, collider #1 | ||
+ | * MS Office <= 2003 $0/$1, MD5 + RC4, collider #2 | ||
+ | * MS Office <= 2003 $3, SHA1 + RC4, collider #1 | ||
+ | * MS Office <= 2003 $3, SHA1 + RC4, collider #2 | ||
+ | * MS Office <= 2003 $3/$4, SHA1 + RC4 | ||
+ | * Open Document Format (ODF) 1.2 (SHA-256, AES) | ||
+ | * Open Document Format (ODF) 1.1 (SHA-1, Blowfish) | ||
+ | * Apple Secure Notes | ||
+ | * Apple iWork | ||
+ | * 1Password, agilekeychain | ||
+ | * 1Password, cloudkeychain | ||
+ | * Password Safe v2 | ||
+ | * Password Safe v3 | ||
+ | * LastPass + LastPass sniffed | ||
+ | * KeePass 1 (AES/ | ||
+ | * Bitwarden | ||
+ | * Ansible Vault | ||
+ | * Mozilla key3.db | ||
+ | * Mozilla key4.db | ||
+ | * Apple Keychain | ||
+ | * 7-Zip | ||
+ | * RAR3-hp | ||
+ | * RAR3-p (Compressed) | ||
+ | * RAR3-p (Uncompressed) | ||
+ | * RAR5 | ||
+ | * PKZIP (Compressed Multi-File) | ||
+ | * PKZIP (Compressed) | ||
+ | * PKZIP (Mixed Multi-File) | ||
+ | * PKZIP (Mixed Multi-File Checksum-Only) | ||
+ | * PKZIP (Uncompressed) | ||
+ | * PKZIP Master Key | ||
+ | * PKZIP Master Key (6 byte optimization) | ||
+ | * SecureZIP AES-128 | ||
+ | * SecureZIP AES-192 | ||
+ | * SecureZIP AES-256 | ||
+ | * WinZip | ||
+ | * Android Backup | ||
+ | * Stuffit5 | ||
+ | * AxCrypt 1 | ||
+ | * AxCrypt 1 in-memory SHA1 | ||
+ | * AxCrypt 2 AES-128 | ||
+ | * AxCrypt 2 AES-256 | ||
+ | * iTunes backup < 10.0 | ||
+ | * iTunes backup >= 10.0 | ||
+ | * WBB3 (Woltlab Burning Board) | ||
+ | * PHPS | ||
+ | * SMF (Simple Machines Forum) > v1.1 | ||
+ | * MediaWiki B type | ||
+ | * Redmine | ||
+ | * Umbraco HMAC-SHA1 | ||
+ | * Joomla < 2.5.18 | ||
+ | * OpenCart | ||
+ | * PrestaShop | ||
+ | * Tripcode | ||
+ | * Drupal7 | ||
+ | * PunBB | ||
+ | * MyBB 1.2+, IPB2+ (Invision Power Board) | ||
+ | * vBulletin < v3.8.5 | ||
+ | * vBulletin >= v3.8.5 | ||
+ | * bcrypt(md5($pass)) / bcryptmd5 | ||
+ | * bcrypt(sha1($pass)) / bcryptsha1 | ||
+ | * osCommerce, xt:Commerce | ||
+ | * TOTP (HMAC-SHA1) | ||
+ | * STDOUT | ||
+ | * Plaintext | ||
+ | * Web2py pbkdf2-sha512 | ||
+ | * Django (PBKDF2-SHA256) | ||
+ | * Django (SHA-1) | ||
+ | * Atlassian (PBKDF2-HMAC-SHA1) | ||
+ | * Ruby on Rails Restful-Authentication | ||
+ | * Python passlib pbkdf2-sha512 | ||
+ | * Python passlib pbkdf2-sha256 | ||
+ | * Python passlib pbkdf2-sha1 | ||
+ | * PKCS#8 Private Keys (PBKDF2-HMAC-SHA1 + 3DES/AES) | ||
+ | * PKCS#8 Private Keys (PBKDF2-HMAC-SHA256 + 3DES/AES) | ||
+ | * JKS Java Key Store Private Keys (SHA1) | ||
+ | * RSA/ | ||
+ | * RSA/ | ||
+ | * RSA/ | ||
+ | * RSA/ | ||
+ | * RSA/ | ||
+ | * XMPP SCRAM PBKDF2-SHA1 | ||
+ | * Telegram Desktop < v2.1.14 (PBKDF2-HMAC-SHA1) | ||
+ | * Telegram Desktop >= v2.1.14 (PBKDF2-HMAC-SHA512) | ||
+ | * Telegram Mobile App Passcode (SHA256) | ||
+ | * Skype | ||
+ | * BitShares v0.x - sha512(sha512_bin(pass)) | ||
+ | * Bitcoin/ | ||
+ | * Electrum Wallet (Salt-Type 1-3) | ||
+ | * Electrum Wallet (Salt-Type 4) | ||
+ | * Electrum Wallet (Salt-Type 5) | ||
+ | * Blockchain, My Wallet | ||
+ | * Blockchain, My Wallet, V2 | ||
+ | * Blockchain, My Wallet, Second Password (SHA256) | ||
+ | * Stargazer Stellar Wallet XLM | ||
+ | * Ethereum Pre-Sale Wallet, PBKDF2-HMAC-SHA256 | ||
+ | * Ethereum Wallet, PBKDF2-HMAC-SHA256 | ||
+ | * Ethereum Wallet, SCRYPT | ||
+ | * MetaMask Wallet | ||
+ | * MultiBit Classic .key (MD5) | ||
+ | * MultiBit HD (scrypt) | ||
+ | |||
+ | |||
+ | |||