1

我的 SSL 证书有一个 RSA 私钥。不幸的是,我忘记了密码。这是标题信息:

-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-256-CBC,9A3F1B0DB81DA3C64E5BCA3534544E04

我想执行字典攻击来尝试破解它。谁能告诉我该怎么做?也许使用像 John The Ripper 这样的工具。

4

1 回答 1

1

我写了一个小的python脚本来做我想做的事。我将密钥放在名称“ssl.key”下,并将单词列表放在一个名为“wl.lst”的文件中。

这是完整的代码:

from subprocess import PIPE, Popen
import subprocess
import sys

def cmdline(command):
    proc = subprocess.Popen(str(command), stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True)
    (out, err) = proc.communicate()
    return err

def combinations(words, length):
    if length == 0:
        return []
    result = [[word] for word in words]
    while length > 1:
        new_result = []
        for combo in result:
            new_result.extend(combo + [word] for word in words)
        result = new_result[:]
        length -= 1
    return result

def main():
    words = [line.strip() for line in open('wl.lst')]
    s = b'writing RSA key\r\n';
    print("\n")

    res = combinations(words, 1)
    c = len(res)-1
    for idx, result in enumerate(res):
        str1 = "openssl rsa -in ssl.key -out ssld.key -passin pass:"+result[0]
        if cmdline(str1) == s:
            print("\nKey Found! The key is: "+result[0])
            sys.exit()
        print(str(idx)+"/"+str(c))
    print("\n")

    res = combinations(words, 2)
    c = len(res)-1
    for idx, result in enumerate(res):
        str1 = "openssl rsa -in ssl.key -out ssld.key -passin pass:"+result[0]+result[1]
        if cmdline(str1) == s:
            print("\nKey Found! The key is: "+result[0]+result[1])
            sys.exit()
        print(str(idx)+"/"+str(c))
    print("\n")

    res = combinations(words, 3)
    c = len(res)-1
    for idx, result in enumerate(res):
        str1 = "openssl rsa -in ssl.key -out ssld.key -passin pass:"+result[0]+result[1]+result[2]
        if cmdline(str1) == s:
            print("\nKey Found! The key is: "+result[0]+result[1]+result[2])
            sys.exit()
        print(str(idx)+"/"+str(c))
    print("\n")

    res = combinations(words, 4)
    c = len(res)-1
    for idx, result in enumerate(res):
        str1 = "openssl rsa -in ssl.key -out ssld.key -passin pass:"+result[0]+result[1]+result[2]+result[3]
        if cmdline(str1) == s:
            print("\nKey Found! The key is: "+result[0]+result[1]+result[2]+result[3])
            sys.exit()
        if idx%25 == 0:
            print(str(idx)+"/"+str(c))
    print("\n")

    res = combinations(words, 5)
    c = len(res)-1
    for idx, result in enumerate(res):
        str1 = "openssl rsa -in ssl.key -out ssld.key -passin pass:"+result[0]+result[1]+result[2]+result[3]+result[4]
        if cmdline(str1) == s:
            print("\nKey Found! The key is: "+result[0]+result[1]+result[2]+result[3]+result[4])
            sys.exit()
        if idx%100 == 0:
            print(str(idx)+"/"+str(c))
    print("\n")

if __name__ == '__main__':
    main()

这个脚本是跨平台的。要增加或减少组合中使用的单词数量,只需添加/删除适当的代码块。

注意:移除状态显示可以显着提高速度。

于 2015-05-25T06:02:09.340 回答