차이
문서의 선택한 두 판 사이의 차이를 보여줍니다.
양쪽 이전 판 이전 판 다음 판 | 이전 판 다음 판 양쪽 다음 판 | ||
software:hashcat [2024/05/04 21:01] 127.0.0.1 이전 판으로 되돌림 (2023/11/17 07:59) |
software:hashcat [2024/05/06 04:21] 127.0.0.1 이전 판으로 되돌림 (2023/11/10 08:22) |
||
---|---|---|---|
줄 3: | 줄 3: | ||
Hashcat(해시캣)은 파일의 암호화를 해제하기 위한 무작위 대입(사전, | Hashcat(해시캣)은 파일의 암호화를 해제하기 위한 무작위 대입(사전, | ||
- | ===== 암호 해제 | + | ===== 암호 해제(Windows 10, Microsoft Excel 2013 기준) ====== |
==== 해제 전 준비 ==== | ==== 해제 전 준비 ==== | ||
- | [[https:// | + | [[https:// |
+ | 현재 기준으로 파이선 최신버전은 [[https:// | ||
==== 해제 과정 ==== | ==== 해제 과정 ==== | ||
- | - [[https:// | + | 1. [[https:// |
- | - 압축을 푼다. | + | |
- | - 명령 프롬프트(cmd) 창을 열고 pushd 명령으로 압축을 푼 폴더 위치로 이동한다. 'pushd [압축을 푼 폴더 경로]' | + | |
- | - `office2john.py` 파일을 아래와 같이 실행한다. 아래 명령을 실행하면 패스워드를 풀 수 있는 해시를 확인할 수 있다. | ||
- | python office2john.py example.xlsx (엑셀 파일 경로) | + | 2. 압축을 푼다. |
- | | + | |
+ | 3. 명령 프롬프트(cmd) 창을 열고 pushd 명령으로 압축을 푼 폴더 위치로 이동한다. | ||
+ | **pushd C: | ||
- | ===== 지원 소프트웨어 ==== | + | 4. 아래 명령을 실행하면 패스워드를 풀 수 있는 해시를 확인할 수 있다. |
- | * MD4 | + | |
- | * MD5 | + | |
- | * SHA1 | + | |
- | * SHA2-224 | + | |
- | * SHA2-256 | + | |
- | * SHA2-384 | + | |
- | * SHA2-512 | + | |
- | * SHA3-224 | + | |
- | * SHA3-256 | + | |
- | * SHA3-384 | + | |
- | * SHA3-512 | + | |
- | * RIPEMD-160 | + | |
- | * BLAKE2b-512 | + | |
- | * GOST R 34.11-2012 (Streebog) 256-bit, big-endian | + | |
- | * GOST R 34.11-2012 (Streebog) 512-bit, big-endian | + | |
- | * GOST R 34.11-94 | + | |
- | * Half MD5 | + | |
- | * Keccak-224 | + | |
- | * Keccak-256 | + | |
- | * Keccak-384 | + | |
- | * Keccak-512 | + | |
- | * Whirlpool | + | |
- | * SipHash | + | |
- | * md5(utf16le($pass)) | + | |
- | * sha1(utf16le($pass)) | + | |
- | * sha256(utf16le($pass)) | + | |
- | * sha384(utf16le($pass)) | + | |
- | * sha512(utf16le($pass)) | + | |
- | * md5($pass.$salt) | + | |
- | * md5($salt.$pass) | + | |
- | * md5($salt.$pass.$salt) | + | |
- | * md5($salt.md5($pass)) | + | |
- | * md5($salt.md5($pass.$salt)) | + | |
- | * md5($salt.md5($salt.$pass)) | + | |
- | * md5($salt.sha1($salt.$pass)) | + | |
- | * md5($salt.utf16le($pass)) | + | |
- | * md5(md5($pass)) | + | |
- | * md5(md5($pass).md5($salt)) | + | |
- | * md5(md5(md5($pass))) | + | |
- | * md5(sha1($pass)) | + | |
- | * md5(sha1($pass).md5($pass).sha1($pass)) | + | |
- | * md5(sha1($salt).md5($pass)) | + | |
- | * md5(strtoupper(md5($pass))) | + | |
- | * md5(utf16le($pass).$salt) | + | |
- | * sha1($pass.$salt) | + | |
- | * sha1($salt.$pass) | + | |
- | * sha1($salt.$pass.$salt) | + | |
- | * sha1($salt.sha1($pass)) | + | |
- | * sha1($salt.sha1($pass.$salt)) | + | |
- | * sha1($salt.utf16le($pass)) | + | |
- | * sha1($salt1.$pass.$salt2) | + | |
- | * sha1(CX) | + | |
- | * sha1(md5($pass)) | + | |
- | * sha1(md5($pass).$salt) | + | |
- | * sha1(md5($pass.$salt)) | + | |
- | * sha1(md5(md5($pass))) | + | |
- | * sha1(sha1($pass)) | + | |
- | * sha1(sha1($pass).$salt) | + | |
- | * sha1(sha1($salt.$pass.$salt)) | + | |
- | * sha1(utf16le($pass).$salt) | + | |
- | * sha256($pass.$salt) | + | |
- | * sha256($salt.$pass) | + | |
- | * sha256($salt.$pass.$salt) | + | |
- | * sha256($salt.sha256($pass)) | + | |
- | * sha256($salt.utf16le($pass)) | + | |
- | * sha256(md5($pass)) | + | |
- | * sha256(sha256($pass).$salt) | + | |
- | * sha256(sha256_bin($pass)) | + | |
- | * sha256(utf16le($pass).$salt) | + | |
- | * sha384($pass.$salt) | + | |
- | * sha384($salt.$pass) | + | |
- | * sha384($salt.utf16le($pass)) | + | |
- | * sha384(utf16le($pass).$salt) | + | |
- | * sha512($pass.$salt) | + | |
- | * sha512($salt.$pass) | + | |
- | * sha512($salt.utf16le($pass)) | + | |
- | * sha512(utf16le($pass).$salt) | + | |
- | * HMAC-MD5 (key = $pass) | + | |
- | * HMAC-MD5 (key = $salt) | + | |
- | * HMAC-SHA1 (key = $pass) | + | |
- | * HMAC-SHA1 (key = $salt) | + | |
- | * HMAC-SHA256 (key = $pass) | + | |
- | * HMAC-SHA256 (key = $salt) | + | |
- | * HMAC-SHA512 (key = $pass) | + | |
- | * HMAC-SHA512 (key = $salt) | + | |
- | * HMAC-Streebog-256 (key = $pass), big-endian | + | |
- | * HMAC-Streebog-256 (key = $salt), big-endian | + | |
- | * HMAC-Streebog-512 (key = $pass), big-endian | + | |
- | * HMAC-Streebog-512 (key = $salt), big-endian | + | |
- | * CRC32 | + | |
- | * Java Object hashCode() | + | |
- | * MurmurHash | + | |
- | * 3DES | + | |
- | * DES | + | |
- | * AES-128-ECB NOKDF | + | |
- | * AES-192-ECB NOKDF | + | |
- | * AES-256-ECB NOKDF | + | |
- | * ChaCha20 | + | |
- | * Linux Kernel Crypto API (2.4) | + | |
- | * Skip32 | + | |
- | * PBKDF2-HMAC-MD5 | + | |
- | * PBKDF2-HMAC-SHA1 | + | |
- | * PBKDF2-HMAC-SHA256 | + | |
- | * PBKDF2-HMAC-SHA512 | + | |
- | * scrypt | + | |
- | * phpass | + | |
- | * TACACS+ | + | |
- | * SIP digest authentication (MD5) | + | |
- | * IKE-PSK MD5 | + | |
- | * IKE-PSK SHA1 | + | |
- | * WPA-EAPOL-PBKDF2 | + | |
- | * WPA-EAPOL-PMK | + | |
- | * WPA-PBKDF2-PMKID+EAPOL | + | |
- | * WPA-PMK-PMKID+EAPOL | + | |
- | * WPA-PMKID-PBKDF2 | + | |
- | * WPA-PMKID-PMK | + | |
- | * IPMI2 RAKP HMAC-SHA1 | + | |
- | * CRAM-MD5 | + | |
- | * JWT (JSON Web Token) | + | |
- | * Kerberos 5, etype 17, TGS-REP | + | |
- | * Kerberos 5, etype 17, Pre-Auth | + | |
- | * Kerberos 5, etype 18, TGS-REP | + | |
- | * Kerberos 5, etype 18, Pre-Auth | + | |
- | * Kerberos 5, etype 23, AS-REQ Pre-Auth | + | |
- | * Kerberos 5, etype 23, TGS-REP | + | |
- | * Kerberos 5, etype 23, AS-REP | + | |
- | * NetNTLMv1 / NetNTLMv1+ESS | + | |
- | * NetNTLMv2 | + | |
- | * iSCSI CHAP authentication, | + | |
- | * RACF | + | |
- | * AIX {smd5} | + | |
- | * AIX {ssha1} | + | |
- | * AIX {ssha256} | + | |
- | * AIX {ssha512} | + | |
- | * LM | + | |
- | * QNX /etc/shadow (MD5) | + | |
- | * QNX /etc/shadow (SHA256) | + | |
- | * QNX /etc/shadow (SHA512) | + | |
- | * DPAPI masterkey file v1 | + | |
- | * DPAPI masterkey file v2 | + | |
- | * GRUB 2 | + | |
- | * MS-AzureSync PBKDF2-HMAC-SHA256 | + | |
- | * BSDi Crypt, Extended DES | + | |
- | * NTLM | + | |
- | * Radmin2 | + | |
- | * Samsung Android Password/ | + | |
- | * Windows Phone 8+ PIN/ | + | |
- | * Cisco-ASA MD5 | + | |
- | * Cisco-IOS $8$ (PBKDF2-SHA256) | + | |
- | * Cisco-IOS $9$ (scrypt) | + | |
- | * Cisco-IOS type 4 (SHA256) | + | |
- | * Cisco-PIX MD5 | + | |
- | * Citrix NetScaler (SHA1) | + | |
- | * Citrix NetScaler (SHA512) | + | |
- | * Domain Cached Credentials (DCC), MS Cache | + | |
- | * Domain Cached Credentials 2 (DCC2), MS Cache 2 | + | |
- | * FortiGate (FortiOS) | + | |
- | * FortiGate256 (FortiOS256) | + | |
- | * ArubaOS | + | |
- | * Juniper IVE | + | |
- | * Juniper NetScreen/ | + | |
- | * Juniper/ | + | |
- | * iPhone passcode (UID key + System Keybag) | + | |
- | * macOS v10.4, macOS v10.5, MacOS v10.6 | + | |
- | * macOS v10.7 | + | |
- | * macOS v10.8+ (PBKDF2-SHA512) | + | |
- | * bcrypt $2*$, Blowfish (Unix) | + | |
- | * md5crypt, MD5 (Unix), Cisco-IOS $1$ (MD5) | + | |
- | * descrypt, DES (Unix), Traditional DES | + | |
- | * sha256crypt $5$, SHA256 (Unix) | + | |
- | * sha512crypt $6$, SHA512 (Unix) | + | |
- | * SQLCipher | + | |
- | * MSSQL (2000) | + | |
- | * MSSQL (2005) | + | |
- | * MSSQL (2012, 2014) | + | |
- | * MongoDB ServerKey SCRAM-SHA-1 | + | |
- | * MongoDB ServerKey SCRAM-SHA-256 | + | |
- | * PostgreSQL | + | |
- | * PostgreSQL CRAM (MD5) | + | |
- | * Oracle H: Type (Oracle 7+) | + | |
- | * Oracle S: Type (Oracle 11+) | + | |
- | * Oracle T: Type (Oracle 12+) | + | |
- | * MySQL $A$ (sha256crypt) | + | |
- | * MySQL CRAM (SHA1) | + | |
- | * MySQL323 | + | |
- | * MySQL4.1/ | + | |
- | * Sybase ASE | + | |
- | * DNSSEC (NSEC3) | + | |
- | * KNX IP Secure - Device Authentication Code | + | |
- | * CRAM-MD5 Dovecot | + | |
- | * SSHA-256(Base64), | + | |
- | * SSHA-512(Base64), | + | |
- | * Dahua Authentication MD5 | + | |
- | * RedHat 389-DS LDAP (PBKDF2-HMAC-SHA256) | + | |
- | * FileZilla Server >= 0.9.55 | + | |
- | * ColdFusion 10+ | + | |
- | * Apache $apr1$ MD5, md5apr1, MD5 (APR) | + | |
- | * Episerver 6.x < .NET 4 | + | |
- | * Episerver 6.x >= .NET 4 | + | |
- | * hMailServer | + | |
- | * nsldap, SHA-1(Base64), | + | |
- | * nsldaps, SSHA-1(Base64), | + | |
- | * SAP CODVN B (BCODE) | + | |
- | * SAP CODVN B (BCODE) from RFC_READ_TABLE | + | |
- | * SAP CODVN F/G (PASSCODE) | + | |
- | * SAP CODVN F/G (PASSCODE) from RFC_READ_TABLE | + | |
- | * SAP CODVN H (PWDSALTEDHASH) iSSHA-1 | + | |
- | * PeopleSoft | + | |
- | * PeopleSoft PS_TOKEN | + | |
- | * SolarWinds Orion | + | |
- | * SolarWinds Orion v2 | + | |
- | * SolarWinds Serv-U | + | |
- | * Lotus Notes/ | + | |
- | * Lotus Notes/ | + | |
- | * Lotus Notes/ | + | |
- | * OpenEdge Progress Encode | + | |
- | * Oracle Transportation Management (SHA256) | + | |
- | * Huawei sha1(md5($pass).$salt) | + | |
- | * AuthMe sha256 | + | |
- | * AES Crypt (SHA256) | + | |
- | * LUKS | + | |
- | * VeraCrypt | + | |
- | * BestCrypt v3 Volume Encryption | + | |
- | * FileVault 2 | + | |
- | * DiskCryptor | + | |
- | * BitLocker | + | |
- | * Android FDE (Samsung DEK) | + | |
- | * Android FDE <= 4.3 | + | |
- | * Apple File System (APFS) | + | |
- | * TrueCrypt | + | |
- | * eCryptfs | + | |
- | * PDF 1.1 - 1.3 (Acrobat 2 - 4) | + | |
- | * PDF 1.1 - 1.3 (Acrobat 2 - 4), collider #1 | + | |
- | * PDF 1.1 - 1.3 (Acrobat 2 - 4), collider #2 | + | |
- | * PDF 1.4 - 1.6 (Acrobat 5 - 8) | + | |
- | * PDF 1.4 - 1.6 (Acrobat 5 - 8) - edit password | + | |
- | * PDF 1.7 Level 3 (Acrobat 9) | + | |
- | * PDF 1.7 Level 8 (Acrobat 10 - 11) | + | |
- | * MS Office 2007 | + | |
- | * MS Office 2010 | + | |
- | * MS Office 2013 | + | |
- | * MS Office 2016 - SheetProtection | + | |
- | * MS Office <= 2003 $0/$1, MD5 + RC4 | + | |
- | * MS Office <= 2003 $0/$1, MD5 + RC4, collider #1 | + | |
- | * MS Office <= 2003 $0/$1, MD5 + RC4, collider #2 | + | |
- | * MS Office <= 2003 $3, SHA1 + RC4, collider #1 | + | |
- | * MS Office <= 2003 $3, SHA1 + RC4, collider #2 | + | |
- | * MS Office <= 2003 $3/$4, SHA1 + RC4 | + | |
- | * Open Document Format (ODF) 1.2 (SHA-256, AES) | + | |
- | * Open Document Format (ODF) 1.1 (SHA-1, Blowfish) | + | |
- | * Apple Secure Notes | + | |
- | * Apple iWork | + | |
- | * 1Password, agilekeychain | + | |
- | * 1Password, cloudkeychain | + | |
- | * Password Safe v2 | + | |
- | * Password Safe v3 | + | |
- | * LastPass + LastPass sniffed | + | |
- | * KeePass 1 (AES/ | + | |
- | * Bitwarden | + | |
- | * Ansible Vault | + | |
- | * Mozilla key3.db | + | |
- | * Mozilla key4.db | + | |
- | * Apple Keychain | + | |
- | * 7-Zip | + | |
- | * RAR3-hp | + | |
- | * RAR3-p (Compressed) | + | |
- | * RAR3-p (Uncompressed) | + | |
- | * RAR5 | + | |
- | * PKZIP (Compressed Multi-File) | + | |
- | * PKZIP (Compressed) | + | |
- | * PKZIP (Mixed Multi-File) | + | |
- | * PKZIP (Mixed Multi-File Checksum-Only) | + | |
- | * PKZIP (Uncompressed) | + | |
- | * PKZIP Master Key | + | |
- | * PKZIP Master Key (6 byte optimization) | + | |
- | * SecureZIP AES-128 | + | |
- | * SecureZIP AES-192 | + | |
- | * SecureZIP AES-256 | + | |
- | * WinZip | + | |
- | * Android Backup | + | |
- | * Stuffit5 | + | |
- | * AxCrypt 1 | + | |
- | * AxCrypt 1 in-memory SHA1 | + | |
- | * AxCrypt 2 AES-128 | + | |
- | * AxCrypt 2 AES-256 | + | |
- | * iTunes backup < 10.0 | + | |
- | * iTunes backup >= 10.0 | + | |
- | * WBB3 (Woltlab Burning Board) | + | |
- | * PHPS | + | |
- | * SMF (Simple Machines Forum) > v1.1 | + | |
- | * MediaWiki B type | + | |
- | * Redmine | + | |
- | * Umbraco HMAC-SHA1 | + | |
- | * Joomla < 2.5.18 | + | |
- | * OpenCart | + | |
- | * PrestaShop | + | |
- | * Tripcode | + | |
- | * Drupal7 | + | |
- | * PunBB | + | |
- | * MyBB 1.2+, IPB2+ (Invision Power Board) | + | |
- | * vBulletin < v3.8.5 | + | |
- | * vBulletin >= v3.8.5 | + | |
- | * bcrypt(md5($pass)) / bcryptmd5 | + | |
- | * bcrypt(sha1($pass)) / bcryptsha1 | + | |
- | * osCommerce, xt: | + | |
- | * TOTP (HMAC-SHA1) | + | |
- | * STDOUT | + | |
- | * Plaintext | + | |
- | * Web2py pbkdf2-sha512 | + | |
- | * Django (PBKDF2-SHA256) | + | |
- | * Django (SHA-1) | + | |
- | * Atlassian (PBKDF2-HMAC-SHA1) | + | |
- | * Ruby on Rails Restful-Authentication | + | |
- | * Python passlib pbkdf2-sha512 | + | |
- | * Python passlib pbkdf2-sha256 | + | |
- | * Python passlib pbkdf2-sha1 | + | |
- | * PKCS#8 Private Keys (PBKDF2-HMAC-SHA1 + 3DES/AES) | + | |
- | * PKCS#8 Private Keys (PBKDF2-HMAC-SHA256 + 3DES/AES) | + | |
- | * JKS Java Key Store Private Keys (SHA1) | + | |
- | * RSA/ | + | |
- | * RSA/ | + | |
- | * RSA/ | + | |
- | * RSA/ | + | |
- | * RSA/ | + | |
- | * XMPP SCRAM PBKDF2-SHA1 | + | |
- | * Telegram Desktop < v2.1.14 (PBKDF2-HMAC-SHA1) | + | |
- | * Telegram Desktop >= v2.1.14 (PBKDF2-HMAC-SHA512) | + | |
- | * Telegram Mobile App Passcode (SHA256) | + | |
- | * Skype | + | |
- | * BitShares v0.x - sha512(sha512_bin(pass)) | + | |
- | * Bitcoin/ | + | |
- | * Electrum Wallet (Salt-Type 1-3) | + | |
- | * Electrum Wallet (Salt-Type 4) | + | |
- | * Electrum Wallet (Salt-Type 5) | + | |
- | * Blockchain, My Wallet | + | |
- | * Blockchain, My Wallet, V2 | + | |
- | * Blockchain, My Wallet, Second Password (SHA256) | + | |
- | * Stargazer Stellar Wallet XLM | + | |
- | * Ethereum Pre-Sale Wallet, PBKDF2-HMAC-SHA256 | + | |
- | * Ethereum Wallet, PBKDF2-HMAC-SHA256 | + | |
- | * Ethereum Wallet, SCRYPT | + | |
- | * MetaMask Wallet | + | |
- | * MultiBit Classic | + | |
- | * MultiBit HD (scrypt) | + | |
+ | **python office2john.py C: | ||
+ | {{: | ||
+ | |||
+ | |||
+ | 5. [[https:// | ||
+ | |||
+ | |||
+ | 6. Office 버전에 맞는 플래그 번호를 찾는다. (오른쪽 4자리 번호). 더 많은 유형은 [[https:// | ||
+ | |||
+ | Office 97-03(MD5+RC4, | ||
+ | Office 97-03(MD5+RC4, | ||
+ | Office 97-03(MD5+RC4, | ||
+ | Office 97-03(SHA1+RC4, | ||
+ | Office 97-03(SHA1+RC4, | ||
+ | Office 97-03(SHA1+RC4, | ||
+ | Office 2007: flag -m 9400 | ||
+ | Office 2010: flag -m 9500 | ||
+ | Office 2013: flag -m 9600 | ||
+ | |||
+ | Office 2013의 플래그 번호는 **9600**이다. | ||
+ | |||
+ | 7. 해제 시작 | ||
+ | |||
+ | **hashcat -m 9600 -a 3 [추출한 해시]** | ||
+ | |||
+ | 기다리면 해제된 결과를 확인할 수 있다. 오류가 발생하는 경우 플래그 번호가 맞지 않을 수 있으므로 해당하는 플래그 번호를 바꾸어 시도한다. | ||
![CC Attribution-Share Alike 4.0 International](/wiki/lib/images/license/button/cc-by-sa.png)