ctf md5类常用脚本总结
作者:互联网
①已知MD5值与前面部分内容爆破值
确定长度类
脚本类型1
#coding: utf-8
import hashlib
dic = '0123456789'
for i in range(1000):
for a in dic:
t =str(a)+'admin'
md5 = hashlib.md5(t.encode('utf-8')).hexdigest()
#print t
if md5[:32] == 'ae8b63d93b14eadd1adb347c9e26595a':
print (t)
类型2
import string
import hashlib
a='TASC?O3RJMV?WDJKX?ZM'
b='e9032???da???08????911513?0???a2'
dic1=string.digits+string.ascii_lowercase+string.ascii_uppercase
for i1 in dic1:
for i2 in dic1:
for i3 in dic1:
bb='TASC'+i1+'O3RJMV'+i2+'WDJKX'+i3+'ZM'
aa=hashlib.md5(bb.encode('utf-8'))
bbb=aa.hexdigest()
if bbb[:5]=='e9032':
print i1,i2,i3
import hashlib
a=hashlib.md5('TASCJO3RJMVKWDJKXLZM'.encode('utf-8'))
print a.hexdigest()
截断验证码
import hashlib
def md5(s):
return hashlib.md5(str(s).encode('utf-8')).hexdigest()
def main(s):
for i in range(1,99999999):
if md5(i)[0:6] == str(s):
print(i)
exit(0)
if __name__ == '__main__':
main("xxxx")
import hashlib
dic = 'abcdefghijklmnopqrstuvwxyz1234567890ABCDEFGHIJKLMNOPQRSTUVWXYZ'
for i in range(999999999):
h = hashlib.md5(str(i).encode()).hexdigest()[:6]
if h == '45ef3d':
print(i)
break
不确定长度类
# -*- coding:utf-8 -*-
__author__ = 'Administrator'
#from ultrapower.fd
import itertools as its
import md5
#暴力破解
def uncipher(maxlenth,salt,ciphertext_s,str_letter):
ciphertext_s=ciphertext_s
salt = salt
maxlenth=int(maxlenth)
str_letter=str_letter
ciphertext=''
for i in range(1, maxlenth+1):
# 迭代生成明文(例如abc,repeat=2 结果为(a,a)(a,b)(a,c)(b,b)(b,a)(b,c)(c,c)(c,a)(c,b)
r = its.product(str_letter, repeat=i)
for j in r:
plaintext = "".join(j) #连接成字符串
plaintext = "%s%s" % (plaintext, salt) #把盐加到明文的后面 每次生成的最终明文
#print plaintext #打印明文
# 开始解密,方法是,每个明文进来,加密成密文,然后密文与密文做对比
md501 = md5.new()
md501.update(plaintext)
ciphertext = md501.hexdigest()
# 对比密文确认明文
if ciphertext == ciphertext_s: #如果密文一致 退出2层循环
break
if ciphertext == ciphertext_s: #如果密文一致,退出1层循环,打印结果
print "task finished(plain,cipher)"
print "%s:%s" % (plaintext, ciphertext) #打印结果
break
②与时间戳相互结合的考法
import hashlib
import time
import string
t = str(int(time.time()))#时间戳规范成10位,即消去了float类型状况思路
for i in range(1,100000000000000):
word = str(t)
tmp = hashlib.md5(word.encode('utf-8')).hexdigest()#进行md5加密的方法
x=tmp[0:19]#截断值的作用
y=x+'admin'
z=hashlib.md5(y.encode('utf-8')).hexdigest()
if 'ae8b63d93b14eadd1adb347c9e26595a' == z:
print (x)
③MD5加密快速构造提交包的一种做法–>直接构造后面的时间进行循环遍历
import requests
import re
def getFlag():
url = 'http://106.75.214.10:5598/login.php'
header={
'cookie':'username=a;session=73c6f70a63b154d81ff45e6555c1a93d'
}
html=requests.get(url, headers=header).text
info=re.findall(r'<h1>([\s\S]*)</h1>',html)
print(header)
print (info)
for i in range(1000):
getFlag()
标签:脚本,hashlib,ciphertext,ctf,str,print,import,md5 来源: https://blog.csdn.net/qq_33942040/article/details/109923453