FreeBoard Tools Challenge Auth Rank Find Password  ::Notice  ::Encoder  ::AsciiCode  ::ChattingRoom Today : 79 Total : 102986  FreeBoard 14¹ø $6$ shadow password file format ¼ø¼­ : [11] ÀÛ¼ºÀÚ : iceicebaby ÀÛ¼º³¯Â¥ : 2012-04-16 Á¶È¸¼ö : 727 ´õ ¸¹Àº hash typeÀÇ formatÀ» Áö¿øÇÏ´Â John the Ripper password cracker, ver: 1.7.9-jumbo-5 [win32-cygwin-x86-sse2i] Á¡º¸ ¹öÀüÀ¸·Î --format=NAME             force hash type NAME: des/bsdi/md5/bf/afs/lm/                           dynamic_n/bfegg/dmd5/dominosec/epi/hdaa/ipb2/krb4/                           krb5/mschapv2/mysql-fast/mysql/netlm/netlmv2/netntlm/                           netntlmv2/nethalflm/md5ns/nt/phps/po/xsha/crc32/                           hmac-md5/lotus5/md4-gen/mediawiki/mscash/mscash2/                           mskrb5/mssql/mssql05/mysql-sha1/nsldap/nt2/oracle11/                           oracle/phpass-md5/pix-md5/pkzip/raw-md4/raw-md5thick/                           raw-md5/raw-sha1/raw-sha/raw-md5u/salted-sha1/sapb/                           sapg/sha1-gen/raw-sha224/raw-sha256/raw-sha384/                           raw-sha512/xsha512/hmailserver/sybasease/trip/ssh/pdf/                           rar/zip/dummy ¸ðµÎ ´ëÀÔÇØ ºÁµµ ¾ÈµÇ´Âµ¥.. --subformat=LIST          get a listing of all 'dynamic_n' formats <-- À̺κп¡ ¹¹°¡ ÀÖ´Â °ÇÁö? $6$·Î hashÈ­ µÈ °ÍÀÌ SHA512°¡ ¾Æ´Ï¶ó¸é µµ´ëü ¹«½¼ Æ÷¸äÀÎÁö ÂüÁ¶ÇÒ URL Link Á» ºÎŹµå¸³´Ï´Ù. ¹®Á¦¸¦ ³»½Å °Ç ÁÁÀºµ¥ ¾îÁö°£È÷ ²¿¿Í¼­ ³½ ´À³¦ Áö¿ï ¼ö°¡ ¾ø³×¿ä! cf. hashcat À̶ó´Â toolµµ Àֳ׿ä! ¹®Á¦¸¦ Ǫ½Ã´Â ºÐµé ¾Æ·¡ ¸µÅ©µµ ÂüÁ¶ÇϽñæ.. http://hashcat.net                   * ½á´Ï³ªÅ¸½º     2012-04-17 ¿ÀÀü 2:47:05 °ü½É°¡Á® Áּż­ ´ë´ÜÈ÷ °¨»çÇÕ´Ï´Ù. ¾î°ÅÁö·Î ²¿À¸·Á°í ÀǵµÇÑ°Ç ¾ø¾ú´Âµ¥... ¿ÀÇØÇÏÁö ¸¶½Ã±¸¿ä... ^^; BT5¿¡ ÀÖ´Â JTRÀ» »ç¿ëÇØ º¸¼¼¿ä~ ^^; * Santeria     2012-04-17 ¿ÀÀü 11:05:15 windows¿ë johnÀ¸·Î ÇÏ´Â°Ç Æ÷±âÇÏ½Ã´Â°Ô ÁÁÀ¸½Ç²¨ °°±¸¿ä Á¤½ÄÆÇ john¿¡¼­ sha256, sha512°¡ Àνĵǵµ·Ï ÆÐÄ¡¸¦ ÇؾߵDZ¸¿ä °ü·Ã URLÀº : http://blog.tevora.com/authentication/resuscitating-john-for-password-auditing/ ±Û ³»¿ëÁß Dr. Junjun Mao¡¯s blog ¶ó´Â ¸µÅ©¸¦ Ÿ°í°¡½Ã¸é ÀÚ¼¼ÇÑ ÆÐÄ¡¹æ¹ýÀÌ ÀÖ½À´Ï´Ù. BT5¿¡ johnÀ» ÀÌ¿ëÇÏ½Ã´Â°É ÃßõÇÕ´Ï´Ù. ÀÌ¹Ì ÆÐÄ¡µÇ¾î ÀÖÀ¸´Ï±ñ¿ä ¤¾¤¾ * jin03     2012-04-17 ¿ÀÈÄ 3:59:23 crypt(3)¶ó´Â ¾Ïȣȭ ¹æ½ÄÀÌ ¿ø·¡ JTR¿¡ ÀÖ¾ú´Âµ¥ ³ªÁß¿£ JTR Pro ¹öÀü¿¡¸¸ crypt(3)¸¦ Áö¿øÇÏ°Ô ÇÏ°í ¿ø·¡ ¹öÀüÀº crypt(3)Å©·¡Å· ±â´ÉÀ» »èÁ¦ÇÑ °ÍÀÔ´Ï´Ù. * ½á´Ï³ªÅ¸½º     2012-04-17 ¿ÀÈÄ 4:50:49 Santeria´Ô, jin03´Ô Very Good!!! °¨»çÇÕ´Ï´Ù... * substr_sql     2012-04-17 ¿ÀÈÄ 11:17:46 ´ä¿¡ °ü·ÃµÈ ÈùÆ®°°Àº°ÍÀ» Áֽô ±âºÐ °°³×¿ä.. (..) * iceicebaby     2012-04-29 ¿ÀÈÄ 12:29:17 °á±¹ bt5 jtr·Î ÇØ°áÇß½À´Ï´Ù. Thanks! root@bt:/pentest/passwords/john# john -show suninatas.txt ........(»ý·«)........ 1 password hash cracked, 0 left root@bt:/pentest/passwords/john# uname -a Linux bt 3.2.6 #1 SMP Fri Feb 17 10:40:05 EST 2012 i686 GNU/Linux cf. bt5 ftp download ftp://hook7346.ignorelist.com/ id : bt5r2ko pw : gksrmfakstp! Copyright(c) 2012 SuNiNaTaS All Rights Reserved. (suninatas@gmail.com) Since April 1, 2012 with blackkey, wkdrnlwnd, 2theT0P