源码
import crypt
import sys
from colorama import Fore
# argv 接收输入
user_dictionary=sys.argv[1]
password_dictionary=sys.argv[2]
def compare(user_dictionary,password_dictionary):
with open(password_dictionary) as f:
# 遍历密码本的每一条密码
for pwd_line in f:
with open(user_dictionary) as f2:
# 遍历 shadow 文件中的每日一条数据
for shadow_line in f2:
shadow_line_list = shadow_line.strip().split(":")
# 截取用户名
name = shadow_line_list[0]
# 截取密码 hash 值
hash = shadow_line_list[1]
# 筛选有密码的用户
if hash!="*" and hash !="!" and hash != "!*":
# 提取盐值
salt = hash[hash.find("$"):hash.rfind("$") + 1]
# 将密码本中原密码 hash
password_hash = crypt.crypt(pwd_line.strip(), salt)
# 判断 hash 后的密码本中的密码是否与目标密码匹配
if password_hash == hash:
# 匹配成功输出绿色字体,直接跳出函数
print(Fore.GREEN + f"[+] {name} 的密码是 {pwd_line}")
return
else:
print(f"[-] 尝试 {pwd_line}", end="")
compare(user_dictionary,password_dictionary)
使用
脚本命名为 pass.py
python pass.py shadow字典 密码字典