|
¸®´ª½º Tech °Ô½ÃÆÇ
|
2024. 05. 01. |
|
|
|
|
|
|
|
Æнº¿öµå Å©·¢ Åø John the Ripper |
|
|
|
|
|
³¯Â¥: 2005.06.10. 18:37:51 Á¶È¸: 1067 |
|
|
|
|
|
|
|
|
|
|
|
|
Æнº¿öµå Å©·¡Å· ÇÁ·Î±×·¥À¸·Î ¸¹ÀÌ »ç¿ëÇÏ°í ÀÖ´Â John the Ripper ÀÇ Æ¯Â¡À»
»ìÆ캸¸é
-ºü¸£°í °·ÂÇÏ°Ô °í¾ÈµÇ¾ú´Ù.
-Ç¥ÁØ°ú µÎ¹è±æÀÌ DES,MD5,Blowfish ¾Ë°í¸®ÁòÀ» Å©·¡Å· ÇÑ´Ù.
-crypt(3)´ë½Å ³»ºÎÀÇ ÃÖÀûÈµÈ ¸ðµâÀ» »ç¿ëÇÑ´Ù.
-¼¼¼ÇÀ» ÁßÁö½ÃÅ°°í Àç°³ÇÒ ¼ö ÀÖ´Ù.
-´Ù¸¥ Ç÷§Æû¿¡¼µµ ÀÌ¿ëÇÒ ¼ö ÀÖ¾î¼, ÇÑ ÄÄÇ»ÅÍ¿¡¼ ½ÃÀÛµÈ ÇÁ·Î±×·¥Àº ´Ù¸¥
ÄÄÇ»ÅÍ¿¡¼µµ ´Ù½Ã ½ÃÀÛÇÒ ¼öÀÖ´Ù.
-ÀÚ½ÅÀÇ ´Ü¾î¿Í ±ÔÄ¢¸ñ·ÏÀ» ¼³Á¤ÇÒ ¼ö ÀÖ´Ù.
-¹æÇØÇϰųª ÁøÇàÁßÀÎ ¼¼¼ÇÀÇ »óŸ¦ ¾òÀ»¼ö ÀÖ´Ù.
-Å©·¡Å·Çϱâ À§ÇØ ¾î¶² »ç¿ëÀÚ³ª ±×·ìÀÌ¶óµµ ¼³Á¤ ÇÒ ¼ö ÀÖ´Ù.
<b>John the Ripper ¼³Ä¡Çϱâ </b>
JohnÀÇ °ø½ÄÀûÀÎ »çÀÌÆ®¸¦ ¹æ¹®Çغ¸ÀÚ
http://www.openwall.com/john/
ÇöÀç ÃֽŠ¼Ò½º´Â ¹öÀü 1.6À̹ǷΠjohn-1.6.tar.gz¸¦ ´Ù¿î·ÎµåÇÏ¿©, ±× ¼Ò½º¸¦ Ç®ÀÚ
#tar xvzf john-1.6.tar.gz
´ÙÀ½À¸·Î »õ·Î¿î µð·ºÅ丮·Î ¹Ù²Ù°í, src µð·ºÅ丮·Î °¡¼, make¸í·ÉÀ¸·Î ÇÁ·Î±×·¥À»
Çü¼ºÇϵµ·Ï ÇÑ´Ù.
#cd john-1.6
#cd src
#make linux-x86-any-elf
ÀÌ´Â run/johnÀ̶ó´Â ¹ÙÀ̳ʸ® ÆÄÀÏÀ» ¸¸µç´Ù. runµð·ºÅ丮´Â JohnÀÌ ÀÛµ¿µÇ±â
À§ÇÑ ¸ðµç ÆÄÀÏÀ» Æ÷ÇÔÇÏ°í Àֱ⠶§¹®¿¡, ¾îµð¿¡µç º¹»çÇÒ ¼ö ÀÖ´Ù.
<b>John the Ripper ÀÛµ¿½ÃÅ°±â </b>
º¸Åë /etc/passwd ÀÇ º¹»çº»À» ÀÎÀÚ·Î ³Ñ±â¸é¼ ¸í·É¾î ¶óÀο¡¼ john À» ½ÇÇà½ÃÅ°ÀÚ.
#cd ../run
#./unshadow /etc/passwd /etc/shadow > passwd.txt
#chmod 600 passwd.txt
Å©·¡Å·µÈ Æнº¿öµå´Â Å͹̳ηΠÀμâµÇ°í ,run/john.pot¶ó°í ¸í¸íµÈ ÆÄÀÏ¿¡ ÀúÀåµÈ´Ù. JohnÀÇ ±¸µ¿°ú
john ÀÌ ¸¸µç Ãâ·ÂÀÇ ¿¹´Â ´ÙÀ½°ú °°´Ù.
#./john passwd.txt
Loaded 3 password with 3 different salts (FreeBSD MD5 [32/32])
jdoe (john)
test (test)
student (student)
johnÀÌ ÀÛµ¿µÇ´Â µ¿¾È ÇöÀç »óÅ¿¡¼ ¾Æ¹«Ä«¾Æ ´©¸£¸é µÈ´Ù.
guesses: 2 thim: 0:00:02:50 (3) c/s:15343 trying : 2bdo
ctrl+c Å°¸¦ ´©¸£¸é johnÀÌ ÁßÁöµÇ°í ctrl+c ¸¦ µÎ¹ø ´©¸£¸é ÀúÀå¾øÀÌ ÁߴܵȴÙ.
|
|
|
|
|