shell脚本暴力破解密码 [英] Shell script password bruteforcing

问题描述

喜首先道歉，如果这是措辞很差，会尽量解释清楚。

Hi first of all apologies if this is poorly worded, will try to explain clearly.

我有一个二进制名为testpassword，用法可能是相当自明。去如下

I have a binary named testpassword, usage is probably fairly explanatory. goes as follows

./testpassword hello

如果你好是的正确密码，然后输出将是

if hello is correct password then output will be

pass=correct

如果你好是的不正确密码，输出将是

if hello is incorrect password, output will be

pass=incorrect

我在Linux的完全的初学者和shell脚本，但做了一个叫bruteforce.sh很简陋+简单的脚本。执行与字列表的蛮力攻击。内容如下

I'm a complete beginner at Linux and shell scripting but made a very crude + simple script called bruteforce.sh. to perform a 'brute force' attack with a list of words. contents is as follows

./testpassword hello
./testpassword jelly
./testpassword watermelon
./testpassword anotherword  
etc..

我跑了一个新的脚本如下颇有几分goggling一个非常粗略的方式来通知我时，它的成功之后，

I ran the following in a new script after quite a bit of goggling for a very rough way to notify me when it's successful

./bruteforce.sh 2 2>&1 >/dev/null | grep -n pass=correct

输出会像 12：通=正确。其中，12是bruteforce.sh行号

the output will be something like 12: pass=correct. where 12 is the line number in bruteforce.sh

当我看到这个屏幕上，我可以CTRL-C和运行

when I see this on screen I can ctrl-c and run

awk 'NR==12' bruteforce.sh

要获得对应于该线路号的正确的通行。我只是想知道，如果有一个更容易或更清洁的方式来做到这任何部分。

to get the correct pass corresponding to the line number. I was just wondering if there is an easier or cleaner way to do any part of this

在此先感谢您的任何建议。

Thanks in advance for any suggestions

推荐答案

这样的事情，也许吧。

for i in {1..1000}; do
    (echo -n "$i: " && ./testpassword $i) | grep pass=correct
done

这只是回声脚本输出之前，在当前密码。当然， {1..1000} 可与您打算使用的单词列表取代。

This just echos the current password before the script output. Of course, {1..1000} can be replaced with the list of words you intend to use.

这篇关于shell脚本暴力破解密码的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！