【密码守护者】让弱密码无处遁形,保护你的UOS系统安全!

           欢迎点赞、关注、分享,后期将会有更多的工作小工具分享给大家,嘻嘻

           

密码,是守护我们数字世界的钥匙。一个强大、复杂的密码,能够有效地抵御黑客攻击和信息泄露的风险。但在日常使用中,许多人因为方便记忆而选择了简单易猜的“弱密码”,这无疑给自己的信息安全埋下了隐患。今天,我们就来使用john来探测下主机上面的弱密码用户,让弱密码无处可逃!

版本环境

        系统版本                   备注

uos 1050 桌面专业版

(需要root权限)

来测试所有用户是否存在弱密码,不是修改密码

经测试,只要是系统架构匹配,部分桌面还是服务器都可以使用

效果展示:

小编测试完成后,会自动释放该主机,工作中千万不要学习小编的123456。

弱密码情报站

         弱密码通常指的是那些容易被猜测或破解的密码,比如连续的数字(如"123456")、重复的字符(如"aaaaaa")、常见的组合(如"password")等。这些密码对于黑客来说,几乎是不设防的。

来看看你的系统里面有几个弱密码用户

思路

  • 安装部署john

  • 创建测试账号

  • 进行弱密码探测

  • 进行验证

        john是一个专门的密码爆破工具,当然既然他能爆破密码,那他是不是也可以帮我们测试密码呢?是的,我们可以给john提供弱密码口令本,也可以使用john自己本身的暴力破解,对于弱密码来说,john是可以轻轻松松拿捏。

开搞

一、安装john软件包

1、在桌面空白处,邮件,【在终端中打开】

2、下载john的源码包。

liushuai@liushuai-PC:~/Desktop$ wget https://www.openwall.com/john/k/john-1.9.0.tar.gz--2024-05-09 13:32:31--  https://www.openwall.com/john/k/john-1.9.0.tar.gz正在解析主机 www.openwall.com (www.openwall.com)... 193.110.157.242正在连接 www.openwall.com (www.openwall.com)|193.110.157.242|:443... 已连接。已发出 HTTP 请求,正在等待回应... 200 OK长度:13110145 (13M) [application/octet-stream]正在保存至: “john-1.9.0.tar.gz”john-1.9.0.tar.gz                           100%[===========================================================================================>]  12.50M   404KB/s  用时 1m 57s  2024-05-09 13:34:30 (110 KB/s) - 已保存 “john-1.9.0.tar.gz” [13110145/13110145])

等下载成100%。

3、检查是否下载成功

liushuai@liushuai-PC:~/Desktop$ ls360safe.desktop   com.tencent.wechat.desktop  deepin-album.desktop       uninstall360safe.desktop            wps-office-pdf.desktop         wps-office-wps.desktop文件共享专用      dde-computer.desktop        deepin-calculator.desktop  wps-office-et.desktop               wps-office-prometheus.desktop新建Word文档.doc  dde-trash.desktop           john-1.9.0.tar.gz          wps-office-officeassistant.desktop  wps-office-wpp.desktop

4、创建解压后的目录。

liushuai@liushuai-PC:~/Desktop$ mkdir johnliushuai@liushuai-PC:~/Desktop$ ls360safe.desktop   com.tencent.wechat.desktop  deepin-album.desktop       john-1.9.0.tar.gz         wps-office-officeassistant.desktop  wps-office-wpp.desktop文件共享专用      dde-computer.desktop        deepin-calculator.desktop  uninstall360safe.desktop  wps-office-pdf.desktop              wps-office-wps.desktop新建Word文档.doc  dde-trash.desktop           john                       wps-office-et.desktop     wps-office-prometheus.desktop

5、对源码进行解压到指定目录

liushuai@liushuai-PC:~/Desktop$ tar -xvf john-1.9.0.tar.gz -C john/john-1.9.0/doc/CHANGESjohn-1.9.0/doc/CONFIG省略部分john-1.9.0/src/x86-any.hjohn-1.9.0/src/x86-mmx.Sjohn-1.9.0/src/x86-mmx.hjohn-1.9.0/src/x86-sse.Sjohn-1.9.0/src/x86-sse.hjohn-1.9.0/src/x86.S

6、检查解压情况。

liushuai@liushuai-PC:~/Desktop$ cd john/liushuai@liushuai-PC:~/Desktop/john$ lsjohn-1.9.0liushuai@liushuai-PC:~/Desktop/john$ cd john-1.9.0/liushuai@liushuai-PC:~/Desktop/john/john-1.9.0$ lsdoc  run  src

其中doc为文档目录    run为john命令所在目录     src为需要编译的目录

7、切换到src目录里面,开始进行编译

liushuai@liushuai-PC:~/Desktop/john/john-1.9.0$ cd src/liushuai@liushuai-PC:~/Desktop/john/john-1.9.0/src$ lsAFS_fmt.c  bench.h     charset.c   cracker.c   DES_std.c   getopt.c  john.c    logger.c      memory.h   options.h   ppc32.h     rules.h     sparc32.h   tty.h       x86-64.Salpha.h    best.c      charset.h   cracker.h   DES_std.h   getopt.h  john.com  logger.h      mic.h      os.h        ppc64alt.h  sboxes.c    sparc64.h   unafs.c     x86-any.halpha.S    best.sh     common.c    crc32.c     detect.c    ia64.h    john.h    Makefile      mips32.h   params.c    ppc64.h     sboxes-s.c  status.c    unique.c    x86-mmx.harm32le.h  BF_fmt.c    common.h    crc32.h     dummy.c     idle.c    list.c    Makefile.dep  mips64.h   params.h    recovery.c  sboxes-t.c  status.h    unshadow.c  x86-mmx.Sarm64le.h  BF_std.c    compiler.c  DES_bs_b.c  external.c  idle.h    list.h    MD5_fmt.c     misc.c     pa-risc.h   recovery.h  signals.c   symlink.c   vax.h       x86.Sbatch.c    BF_std.h    compiler.h  DES_bs.c    external.h  inc.c     LM_fmt.c  MD5_std.c     misc.h     path.c      rpp.c       signals.h   times.h     wordlist.c  x86-sse.hbatch.h    BSDI_fmt.c  config.c    DES_bs.h    formats.c   inc.h     loader.c  MD5_std.h     nonstd.c   path.h      rpp.h       single.c    trip_fmt.c  wordlist.h  x86-sse.Sbench.c    c3_fmt.c    config.h    DES_fmt.c   formats.h   john.asm  loader.h  memory.c      options.c  ppc32alt.h  rules.c     single.h    tty.c       x86-64.h

8、确认下支持的系统情况,通过“make"

liushuai@liushuai-PC:~/Desktop/john/john-1.9.0/src$ makeTo build John the Ripper, type:        make clean SYSTEMwhere SYSTEM can be one of the following:linux-x86-64-avx512      Linux, x86-64 with AVX-512 (some 2017+ Intel CPUs)linux-x86-64-avx2        Linux, x86-64 with AVX2 (some 2013+ Intel CPUs)linux-x86-64-xop         Linux, x86-64 with AVX and XOP (some AMD CPUs)linux-x86-64-avx         Linux, x86-64 with AVX (some 2011+ Intel CPUs)linux-x86-64             Linux, x86-64 with SSE2 (most common)linux-x86-avx512         Linux, x86 32-bit with AVX-512 (some 2017+ Intel CPUs)linux-x86-avx2           Linux, x86 32-bit with AVX2 (some 2013+ Intel CPUs)linux-x86-xop            Linux, x86 32-bit with AVX and XOP (some AMD CPUs)linux-x86-avx            Linux, x86 32-bit with AVX (2011+ Intel CPUs)linux-x86-sse2           Linux, x86 32-bit with SSE2 (most common, if 32-bit)linux-x86-mmx            Linux, x86 32-bit with MMX (for old computers)linux-x86-any            Linux, x86 32-bit (for truly ancient computers)linux-mic                Linux, Intel MIC (first generation Xeon Phi)linux-arm64le            Linux, ARM 64-bit little-endian w/ASIMD (best)linux-arm32le-neon       Linux, ARM 32-bit little-endian w/NEON (best 32-bit)linux-arm32le            Linux, ARM 32-bit little-endianlinux-alpha              Linux, Alphalinux-sparc64            Linux, SPARC 64-bitlinux-sparc              Linux, SPARC 32-bitlinux-ppc32-altivec      Linux, PowerPC w/AltiVec (best)linux-ppc32              Linux, PowerPC 32-bitlinux-ppc64-altivec      Linux, PowerPC 64-bit w/AltiVeclinux-ppc64              Linux, PowerPC 64-bitlinux-ia64               Linux, IA-64freebsd-x86-64           FreeBSD, x86-64 with SSE2 (best)freebsd-x86-sse2         FreeBSD, x86 with SSE2 (best if 32-bit)freebsd-x86-mmx          FreeBSD, x86 with MMXfreebsd-x86-any          FreeBSD, x86freebsd-alpha            FreeBSD, Alphaopenbsd-x86-64           OpenBSD, x86-64 with SSE2 (best)openbsd-x86-sse2         OpenBSD, x86 with SSE2 (best if 32-bit)openbsd-x86-mmx          OpenBSD, x86 with MMXopenbsd-x86-any          OpenBSD, x86openbsd-alpha            OpenBSD, Alphaopenbsd-sparc64          OpenBSD, SPARC 64-bit (best)openbsd-sparc            OpenBSD, SPARC 32-bitopenbsd-ppc32            OpenBSD, PowerPC 32-bitopenbsd-ppc64            OpenBSD, PowerPC 64-bitopenbsd-pa-risc          OpenBSD, PA-RISCopenbsd-vax              OpenBSD, VAXnetbsd-sparc64           NetBSD, SPARC 64-bitnetbsd-vax               NetBSD, VAXsolaris-sparc64-cc       Solaris, SPARC V9 64-bit, cc (best)solaris-sparc64-gcc      Solaris, SPARC V9 64-bit, gccsolaris-sparcv9-cc       Solaris, SPARC V9 32-bit, ccsolaris-sparcv8-cc       Solaris, SPARC V8 32-bit, ccsolaris-sparc-gcc        Solaris, SPARC 32-bit, gccsolaris-x86-64-cc        Solaris, x86-64 with SSE2, cc (best)solaris-x86-64-gcc       Solaris, x86-64 with SSE2, gccsolaris-x86-sse2-cc      Solaris 9 4/04+, x86 with SSE2, ccsolaris-x86-sse2-gcc     Solaris 9 4/04+, x86 with SSE2, gccsolaris-x86-mmx-cc       Solaris, x86 with MMX, ccsolaris-x86-mmx-gcc      Solaris, x86 with MMX, gccsolaris-x86-any-cc       Solaris, x86, ccsolaris-x86-any-gcc      Solaris, x86, gcctru64-alpha              Tru64 (Digital UNIX, OSF/1), Alphaaix-ppc32                AIX, PowerPC 32-bitmacosx-x86-64            Mac OS X 10.5+, Xcode 3.0+, x86-64 with SSE2 (best)macosx-x86-sse2          Mac OS X, x86 with SSE2macosx-ppc32-altivec     Mac OS X, PowerPC w/AltiVec (best)macosx-ppc32             Mac OS X, PowerPC 32-bitmacosx-ppc64             Mac OS X 10.4+, PowerPC 64-bitmacosx-universal         Mac OS X, Universal Binary (x86 + x86-64 + PPC)hpux-pa-risc-gcc         HP-UX, PA-RISC, gcchpux-pa-risc-cc          HP-UX, PA-RISC, ANSI ccirix-mips64-r10k         IRIX, MIPS 64-bit (R10K) (best)irix-mips64              IRIX, MIPS 64-bitirix-mips32              IRIX, MIPS 32-bitdos-djgpp-x86-mmx        DOS, DJGPP, x86 with MMXdos-djgpp-x86-any        DOS, DJGPP, x86win32-cygwin-x86-sse2    Win32, Cygwin, x86 with SSE2 (best)win32-cygwin-x86-mmx     Win32, Cygwin, x86 with MMXwin32-cygwin-x86-any     Win32, Cygwin, x86beos-x86-sse2            BeOS, x86 with SSE2 (best)beos-x86-mmx             BeOS, x86 with MMXbeos-x86-any             BeOS, x86generic                  Any other Unix-like system with gcc

9、确认自己的系统架构

liushuai@liushuai-PC:~/Desktop/john/john-1.9.0/src$ lscpuArchitecture:        x86_64CPU op-mode(s):      32-bit, 64-bitByte Order:          Little Endian。。省略部分。。NUMA node0 CPU(s):   0-3Flags:               fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ss ht syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon nopl xtopology tsc_reliable nonstop_tsc cpuid pni pclmulqdq ssse3 fma cx16 pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm abm 3dnowprefetch cpuid_fault invpcid_single pti ssbd ibrs ibpb stibp fsgsbase tsc_adjust bmi1 avx2 smep bmi2 invpcid rdseed adx smap clflushopt xsaveopt xsavec xgetbv1 xsaves arat md_clear flush_l1d arch_capabilities

从返回结果来看,我的系统是X86_64。

10、进行编译

liushuai@liushuai-PC:~/Desktop/john/john-1.9.0/src$ make clean linux-x86-64rm -f ../run/john ../run/unshadow ../run/unafs ../run/unique ../run/john.bin ../run/john.com ../run/unshadow.com ../run/unafs.com ../run/unique.com ../run/john.exe ../run/unshadow.exe ../run/unafs.exe ../run/unique.exerm -f ../run/john.exe john-macosx-* *.o *.bak corerm -f detect bench generic.h arch.h tmp.scp /dev/null Makefile.depln -sf x86-64.h arch.hmake ../run/john ../run/unshadow ../run/unafs ../run/unique \        JOHN_OBJS="DES_fmt.o DES_std.o DES_bs.o DES_bs_b.o BSDI_fmt.o MD5_fmt.o MD5_std.o BF_fmt.o BF_std.o AFS_fmt.o LM_fmt.o trip_fmt.o dummy.o batch.o bench.o charset.o common.o compiler.o config.o cracker.o crc32.o external.o formats.o getopt.o idle.o inc.o john.o list.o loader.o logger.o memory.o misc.o options.o params.o path.o recovery.o rpp.o rules.o signals.o single.o status.o tty.o wordlist.o unshadow.o unafs.o unique.o c3_fmt.o x86-64.o" \        CFLAGS="-c -Wall -O2 -fomit-frame-pointer  -DHAVE_CRYPT" \        LDFLAGS="-s  -lcrypt"make[1]: 进入目录“/home/liushuai/Desktop/john/john-1.9.0/src”gcc -c -Wall -O2 -fomit-frame-pointer  -DHAVE_CRYPT -funroll-loops DES_fmt.c省略部分gcc DES_fmt.o DES_std.o DES_bs.o DES_bs_b.o BSDI_fmt.o MD5_fmt.o MD5_std.o BF_fmt.o BF_std.o AFS_fmt.o LM_fmt.o trip_fmt.o dummy.o batch.o bench.o charset.o common.o compiler.o config.o cracker.o crc32.o external.o formats.o getopt.o idle.o inc.o john.o list.o loader.o logger.o memory.o misc.o options.o params.o path.o recovery.o rpp.o rules.o signals.o single.o status.o tty.o wordlist.o unshadow.o unafs.o unique.o c3_fmt.o x86-64.o -s  -lcrypt -o ../run/johnrm -f ../run/unshadowln -s john ../run/unshadowrm -f ../run/unafsln -s john ../run/unafsrm -f ../run/uniqueln -s john ../run/uniquemake[1]: 离开目录“/home/liushuai/Desktop/john/john-1.9.0/src”

11、确认下上面的命令是否执行成功

liushuai@liushuai-PC:~/Desktop/john/john-1.9.0/src$ echo $?0

结果为0,说明执行成功,非0则失败。

12、切换目录到run里面,确认john命令是否正常

liushuai@liushuai-PC:~/Desktop/john/john-1.9.0/src$ cd ../run/liushuai@liushuai-PC:~/Desktop/john/john-1.9.0/run$ ./john John the Ripper password cracker, version 1.9.0Copyright (c) 1996-2019 by Solar DesignerHomepage: http://www.openwall.com/john/Usage: john [OPTIONS] [PASSWORD-FILES]--single                   "single crack" mode--wordlist=FILE --stdin    wordlist mode, read words from FILE or stdin--rules                    enable word mangling rules for wordlist mode--incremental[=MODE]       "incremental" mode [using section MODE]--external=MODE            external mode or word filter--stdout[=LENGTH]          just output candidate passwords [cut at LENGTH]--restore[=NAME]           restore an interrupted session [called NAME]--session=NAME             give a new session the NAME--status[=NAME]            print status of a session [called NAME]--make-charset=FILE        make a charset, FILE will be overwritten--show                     show cracked passwords--test[=TIME]              run tests and benchmarks for TIME seconds each--users=[-]LOGIN|UID[,..]  [do not] load this (these) user(s) only--groups=[-]GID[,..]       load users [not] of this (these) group(s) only--shells=[-]SHELL[,..]     load users with[out] this (these) shell(s) only--salts=[-]N               load salts with[out] at least N passwords only--save-memory=LEVEL        enable memory saving, at LEVEL 1..3--node=MIN[-MAX]/TOTAL     this node's number range out of TOTAL count--fork=N                   fork N processes--format=NAME              force hash type NAME: descrypt/bsdicrypt/md5crypt/                           bcrypt/LM/AFS/tripcode/dummy/crypt

出现以上情况则代表命令是正常的,可以正常使用。

二、创建测试用户

1、切换到root用户,创建一个弱口令密码的用户

liushuai@liushuai-PC:~/Desktop/john/john-1.9.0/run$ sudo -i请输入密码:验证成功root@liushuai-PC:~# useradd ceshiroot@liushuai-PC:~# passwd ceshi新的 密码:重新输入新的 密码:passwd:已成功更新密码

2、切换到john所在的目录

root@liushuai-PC:~# cd /home/liushuai/Desktop/john/john-1.9.0/runroot@liushuai-PC:/home/liushuai/Desktop/john/john-1.9.0/run# lsalnum.chr  alpha.chr  ascii.chr  digits.chr  john  john.conf  lm_ascii.chr  lower.chr  lowernum.chr  lowerspace.chr  mailer  makechr  password.lst  relbench  unafs  unique  unshadow  upper.chr  uppernum.chr

cd /home/liushuai/Desktop/john/john-1.9.0/run ,如果你的这步执行报错,原因是你没有这个路径,请将路径中的  liushuai  换成安装john所用的  用户名

3、查看john自带的密码本

root@liushuai-PC:/home/liushuai/Desktop/john/john-1.9.0/run# cat password.lst #!comment: This list has been compiled by Solar Designer of Openwall Project#!comment: in 1996 through 2011.  It is assumed to be in the public domain.#!comment:#!comment: This list is based on passwords most commonly seen on a set of Unix#!comment: systems in mid-1990's, sorted for decreasing number of occurrences#!comment: (that is, more common passwords are listed first).  It has been#!comment: revised to also include common website passwords from public lists#!comment: of "top N passwords" from major community website compromises that#!comment: occurred in 2006 through 2010.#!comment:#!comment: Last update: 2011/11/20 (3546 entries)#!comment:#!comment: For more wordlists, see http://www.openwall.com/wordlists/12345612345passwordpassword1123456789123456781234567890
以下进行省略

三、开始测试是否存在弱密码

1、开始测试

root@liushuai-PC:/home/liushuai/Desktop/john/john-1.9.0/run# ./john -w:password.lst /etc/shadowLoaded 4 password hashes with 4 different salts (crypt, generic crypt(3) [?/64])Press 'q' or Ctrl-C to abort, almost any other key for status123456           (liushuai)123456           (root)123456           (ceshi)123456           (test)4g 0:00:00:00 100% 4.347g/s 104.3p/s 417.3c/s 417.3C/s 123456..pepperUse the "--show" option to display all of the cracked passwords reliablySession completed

本机上的弱口令用户,无处可逃了,统统拿下

结束语

加油吧!你一定会感谢现在努力的自己

如果你是linux,unix(含aix小机)的其他系统,还请查阅以下技术文档

linux密码破解[离线]--john 探测(爆破)弱口令(包含linux机器,aix小机)/linux上的shadow文件破解,亲测可用_john jumbo-CSDN博客

号外

小编最近在弄一个微信公众号,当前没有几篇文章,但是小编会努力的,博客和公众号同步更新,如果有需要的,还请关注下小编,谢谢

  • 13
    点赞
  • 20
    收藏
    觉得还不错? 一键收藏
  • 打赏
    打赏
  • 8
    评论

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论 8
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包

打赏作者

刘帅0952

你的鼓励将是我创作的最大动力

¥1 ¥2 ¥4 ¥6 ¥10 ¥20
扫码支付:¥1
获取中
扫码支付

您的余额不足,请更换扫码支付或充值

打赏作者

实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值