我已经开始学习Python了,我开始使用Violent Python这本书。第一章描述了在crypt
类的帮助下破解基于* nix的密码哈希的脚本。这是代码:
import crypt
def testPass(cryptPass):
salt = cryptPass[0:2]
dictFile = open('dictionary.txt','r')
for word in dictFile.readlines():
word = word.strip('\n')
cryptWord = crypt.crypt(word,salt)
print cryptPass+":"cryptWord
if(cryptPass == cryptWord):
print "[+] Password found : "+word
return
print "[-] Password Not Found.\n"
return
def main():
passFile = open('passwords.txt')
for line in passFile.readlines():
if ":" in line:
user = line.split(':')[0]
cryptPass = line.split(':')[1].strip(' ')
print "[*] Cracking Password For: "+user
testPass(cryptPass)
if __name__ == "__main__":
main()
我有一个passwords.txt文件,其中包含用户名:password(密码哈希)字符串,另一个名为dictionary.txt的文件包含字典词。这些是passwords.txt文件的内容:
apple:HXJintBqUVCEY
mango:HXInAjNhZF7YA
banana:HXKfazJbFHORc
grapes:HXtZSWbomS0xQ
和dictionary.txt:
apple
abcd
efgh
ijkl
mnop
当我打印两者时,从testpass()方法计算的密码哈希和来自passwords.txt的用户名apple的密码哈希是相等的。但是这里所有4个用户名的输出是" [ - ]未找到密码"。为什么==测试在这里失败?
答案 0 :(得分:1)
也许你在行尾有一个尾随\n
。尝试更改:
cryptPass = line.split(':')[1].strip(' ')
为:
cryptPass = line.split(':')[1].strip('\n').strip(' ')
甚至更简单(如评论中所示):
cryptPass = line.split(':')[1].strip()