如何破解密码的哈希值，破解双MD5密码值

这是关于我如何破解密码的哈希值1亿2200万* John the Ripper和oclHashcat-plus故事.

这是几个月前，当我看到一条推特：从korelogic约含共1亿4600万个密码的密码哈希表的torrent文件。这个非常大的数量的密码哈希起初让我很沮丧，因为我自己只有一台经典配置的AMD Phenom II 4核3.2 MHz的电脑,外加一个ATI/AMD 5770显卡。但我真的很想给尝试一下，因为该领域的密码破解让我着迷。

在这漫长的旅程中我用的密码破解工具是John the Ripper和oclHashcat-puls。这篇文章是关于破解korelogic提供的MD5哈希值，但同样的策略也适用于SHA1哈希破解。

更新：

08/29/2012 –新的例子在John the Ripper部分: "在dict2hash.pl脚本的帮助下破解双MD5密码值"

08/29/2012 – 所有的都进行过排序和整理新的版本下载。

处理哈希值：

首先，所有的korelogic torrent文件必须被解压缩，它包含一个命名为“校验”文件夹。让我们检查这个文件夹的内容…

root@m3g9tr0n:~/hashes$ ls
longer_salts raw-md5.hashes.txt salted_with_md5 SHA1 vBulletin-v3.8.4

从现在起我们集中在raw-md5.hashes.txt文件列表，这个文件是4.3GB，通过wc工具可以看出它包括139444502行。

root@m3g9tr0n:~/hashes$ wc -l raw-md5.hashes.txt
139444502 raw-md5.hashes.txt

正如你可以假设，无论是John the Ripper和oclHashcat-plus都无法加载该文件，因为它太大了。出于这个原因，我们需要分割该文件。在Linux下，我们有一个很好的工具称为split 做这件工作得很好：

root@m3g9tr0n:~$ split --help
Usage: split [OPTION]... [INPUT [PREFIX]]
Output fixed-size pieces of INPUT to PREFIXaa, PREFIXab, ...; default
size is 1000 lines, and default PREFIX is `x'. With no INPUT, or when INPUT
is -, read standard input.
Mandatory arguments to long options are mandatory for short options too.
-a, --suffix-length=N use suffixes of length N (default 2)
-b, --bytes=SIZE put SIZE bytes per output file
-C, --line-bytes=SIZE put at most SIZE bytes of lines per output file
-d, --numeric-suffixes use numeric suffixes instead of alphabetic
-l, --lines=NUMBER put NUMBER lines per output file
--verbose print a diagnostic just before each
output file is opened
--help display this help and exit
--version output version information and exit
SIZE may be (or may be an integer optionally followed by) one of following:
KB 1000, K 1024, MB 1000*1000, M 1024*1024, and so on for G, T, P, E, Z, Y.
We can use the --lines=NUMBER parameter to split our raw-md5.hashes.txt file.

我们可以使用“--lines=NUMBER”参数来分割我们的原始md5.hashes.txt文件。

root@m3g9tr0n:~/hashes$ split -l 3000000 raw-md5.hashes.txt part

请注意，考虑到每个MD5哈希是32字节长，我们还可以基于MB来进行文件分割。

使用oclHashcat-plus来破解密码

我开始玩oclHashcat-plus，因为它包含了-remove选项，一旦被破解它从hashfile删除破解成功的哈希值，这是真的很方便。oclHashcat-plus唯一的限制，是它对密码长度的限制。换句话说，它仅能够破解密码最多15个字符。我使用oclHashcat-plus规则是base64.rule，passwordspro.rule，T0XlC.rule在某些情况下d3ad0ne.rule。这些规则可以直接从oclHashcat-plus中找到。

暴力破解技术是不是我的第一选择。我用的字典是从g0tm1lk的BlogSpot下载的(http://blog.g0tmi1k.com/2011/06/dictionaries-wordlists/?redirect)。在g0tmi1k的文章其他外部链接中你会发现更多的字典。破解过程中最大的一部分是通过使用这些字典与上述规则进行。让我们来看看一些例子

使用单一规则：

./oclHashcat-plus64.bin -m 0 ~/hashes/md5_1 ~/Wordlists/d3ad0ne.dic -r rules/best64.rule -o Ultimate_Crack/eNtr0pY_1 --remove

使用组合规则：

./oclHashcat-plus64.bin -m 0 ~/hashes/md5_1 ~/Wordlists/d3ad0ne.dic -r rules/best64.rule r rules/passwordspro.rule -o Ultimate_Crack/eNtr0pY_1 --remove

使用掩码进行暴力破解攻击(可以指定任何你想要的字符集)：

./oclHashcat-plus64.bin -a 3 -1 ?l?d?u?s -m 0 ~/hashes/md5_1 ?1?1?1?1?1?1?1?1 -o Ultimate_Crack/eNtr0pY_1 --remove

组合破解：

./oclHashcat-plus64.bin -a 1 -m 0 ~/hashes/md5_1 ~/Wordlists/d3ad0ne.dic ~/Wordlists/list -o Ultimate_Crack/eNtr0pY_1 --remove

使用规则进行组合破解：

./oclHashcat-plus64.bin -a 1 -m 0 ~/hashes/md5_1 ~/Wordlists/d3ad0ne.dic ~/Wordlists/list -r rules/passwordspro.rule -o Ultimate_Crack/eNtr0pY_1 --remove

排列组合破解：

./oclHashcat-plus64.bin -a 4 -m 0 ~/hashes/md5_1 ~/Wordlists/d3ad0ne.dic -o Ultimate_Crack/eNtr0pY_1 --remove

排列组合规则破解：

./oclHashcat-plus64.bin -a 4 -m 0 ~/hashes/md5_1 ~/Wordlists/d3ad0ne.dic -r rules/best64.rule -o Ultimate_Crack/eNtr0pY_1 --remove

在某些情况下，我使用了混合 + 掩码攻击技术：

./oclHashcat-plus64.bin -a 6 -1 ?l?d -m 0 ~/hashes/md5_1 ~/Wordlists/d3ad0ne.dic ?1?1 -o Ultimate_Crack/eNtr0pY_1 --remove

混合掩码规则破解：

./oclHashcat-plus64.bin -a 6 -1 ?l?d -m 0 ~/hashes/md5_1 ~/Wordlists/d3ad0ne.dic ?1?1 -r rules/best64.rule -o Ultimate_Crack/eNtr0pY_1 --remove

在这一点上，我没有用最后两个方法，因为他们是非常耗时的。我宁愿为John the Ripper 找到一个更好的KoreLogic的规则，将John the Ripper 的输出管道到oclHashcat-plus。正如我所说，oclHashcat-plus能够破解的密码最多15个字符。出于这个原因，我不得不通过“--stdout”选项限定每一次所产生的单词长度。如果你拥有一个非常快速的GPU可以跳过下面的例子。

./john --wordlist=~/Wordlists/all.lst -rules:KoreLogicRulesPrependYears --stdout=10 | ./oclHashcat-plus64.bin -m 0 ~/hashes/md5_1 -o Ultimate_Crack/eNtr0pY_1 --remove

当然你也可以使用来自Korelogic创建的其他前置的规则，像KoreLogicRulesPrependNumNum，甚至更好的创建自己的规则!是时候从破解密码的单词表中生成字典来破解剩余哈希值了。从eNtr0pY_1，使用以下命令我删除了MD5哈希值。

cut -b34- eNtr0pY_1 > eNtr0pY_1.dic

通过使用上述制造的字典，大量MD5哈希值被这种指纹攻击破解。你可以阅读更多关于马丁博斯@purehate这种攻击，我向你保证，这个技术是非常成功的!

当然，你也可以使用hashcat-utils中的二进制文件以及每一个管道到oclHashcat-plus的输出。

root@m3g9tr0n:~/oclHashcat-plus-0.08/hashcat-utils$ ls
combinator.bin expander.bin gate.bin len.bin mp32.bin permute.bin prepare.bin req.bin splitlen.bin

使用John the Ripper破解密码

测试完所有我收集的字典以及几天后，是时候转移到john the Ripper来破解密码哈希值的剩余部分...

我用的Magnum-ripper编译OpenCL支持ATI / AMD显卡，因为我想用“--format=raw-md5-opencl参数”。相比“--format=raw-md5”，这是更快的方式为它使用你的CPU和GPU。

与john the Ripper中使用的规则是：

wordlist
Single
NT
Extra
KoreLogicRulesAppendNumbersandSpecials_Simple
KoreLogicRulesAppend6Num
KoreLogicRulesPrependAndAppendSpecial
KoreLogicRulesAppendNumNum_AddSpecialEverywhere
KoreLogicRulesAppendNumNumNum_AddSpecialEverywhere
KoreLogicRulesL33t.

您可以下载这些规则，并将其添加到您的john.conf文件中：

http://paste2.org/p/2048517

http://paste2.org/p/2048512

现在，让我们看到john the Ripper的一些例子...

使用--rules=Single：

./john --format=raw-md5-opencl --wordlist=../../Wordlists/all.lst --rules:Single ~/hashes/md5_1

哈希破解结果存储在默认文件john.pot中。您可以使用cat，more，head和tail检查它的内容。

root@m3g9tr0n:~/Tools/Password_Cracking/magnum-jumbo-OpenCL/run$ tail -n 9 john.pot

$MD5$0fad81e7a61b47d387dde893fcf8e88a:anacarolinagu

$MD5$0f82fc9a81f5db07eb9289767390fd2b:fabulousfoodsu

$MD5$0e22933267b2e7df062703c4e5842029:fabuloustravelu

$MD5$0d40086a54fefe993c9816d1441672ac:modularhomeu

$MD5$0ed8181fc4d18e260dd8e36633124bfd:greenshoppingu

$MD5$0d6e8da4017ec5c384ac5536087da44d:lawofattractionu

$MD5$0eb916d3c6a66a32cedd4acc6edb1dbb:hotreportu

$MD5$0e241f99b5c13d56686ec618ab54d5fa:flightsandholidaysu

$MD5$0f3c99478362aae389d2cbf716394269:stthomasmoresu

To generate a wordlist from the john.pot file, you can use the following command.

要从john.pot文件生成从一个字典，可以使用下面的命令。

cut -d: -f 2- john.pot | sort -u > cracked.dic

生成的字典可以与上述规则相结合来破解哈希值。

当我使用oclHashcat-plus破解MD5哈希值时，我观察到，一些生成的密码被拒绝。这是因为oclHashcat-plus有一个关于字符串长度的限制。出于这个原因，我管道hashcat的结果输出到john the Ripper，并且在john the Ripper中更好的使用hashcat规则。

./hashcat-cli64.bin --stdout ~/Wordlists/d3ad0ne.dic -r rules/best64.rule | ./john --format=raw-md5-opencl --stdin ~/hashes/md5_1

尝试所有字典与上述规则相结合后，是时候使用john the Ripper进行暴力破解破解。不幸的是，john the Ripper暴力破解攻击时不使用掩码攻击以产生密码。我们有基于包含在破解的密码来创建我们自己的字符集john.pot。

./john --make-charset=eNtr0pY.chr

Loaded 7948325 plaintexts

Generating charsets... 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 DONE

Generating cracking order... DONE

Successfully written charset file: eNtr0pY.chr (95 characters)

你们中许多人会想知道“DONE 31”......这仅仅是因为我编译john the Ripper用31个字符长度。默认情况下，john the Ripper被编译为8个字符长度的支持，所以最好通过修改头文件params.h中的以下行来改变，它位于john the Ripper的scr文件夹中。

#define CHARSET_MIN ' '

#define CHARSET_MAX 0x7E

#define CHARSET_SIZE (CHARSET_MAX - CHARSET_MIN + 1)

#define CHARSET_LENGTH 8 //更改为31或者你期待的值

最后，在john.conf中你必须包括您所创建的字符集，以如本例中规定：

# Incremental modes

[Incremental:eNtr0pY]

File = $JOHN/eNtr0pY.chr

MinLen = 0

MaxLen = 31

CharCount = 95

Now it is time to use bruteforce attacks with our own charstet!

现在是时候用我们自己的字符串来进行暴力破解攻击!

./john --format=raw-md5-opencl --incremental=eNtr0pY ~/hashes/md5_1

如果你查看john.conf，你会看到一些暴力破解攻击模式分为外部。这些都是双重的，带键盘(使用从键盘字符产生的相邻组合)，KnownForce，日期时间，重复，顺序，亚群和DumbForce为疯狂的密码格式。

./john --format=raw-md5-opencl --external=DumbForce ~/hashes/md5_1

在这里提供的dict2hash.pl脚本帮助下，我们也喜欢破解双重MD5哈希值。

perl dict2hash.pl < rockyou.txt | ./john --format=raw-md5-opencl --stdin ~/md5_1

在这里，您可以看到与john the Ripper破获MD5值的一些示例：

http://pastebin.com/uaGFXkBA

http://pastebin.com/LT5Gda9L

Personally, I believe a password like "$MD5$0b26a0faf1344d6e772bf55628e10e29:n34=mn { .clipboard $me }" is impossible to crack with bruteforce attacks.

Note: All the abovementioned techniques can be used with oclHashcat-plus by defining -m 100 and with John the Ripper by defining --format=raw-sha1-opencl for SHA1 cracking with OpenCL!

就个人而言，我相信密码像“ $ MD5 $ 0b26a0faf1344d6e772bf55628e10e29：N34 = {MN $ .clipboard$me} ”是不可能使用暴力破解攻击来破解。

注：所有上述技术可以在oclHashcat-plus定义参数“-m 100”使用，john the Ripper定义“--format=raw-sha1-opencl”使用OpenCL破解SHA1

密码分析

最后，值得一看的分析使用pipal(密码分析者)从破解结果中收集的样本。

root@m3g9tr0n:~/pipal$ ruby1.9.1 pipal.rb \

-o eNtr0pY_1 ~/Wordlists/Ultimate/Part1/eNtr0pY_5.dic

Total entries = 759103

Total unique entries = 758299

Top 10 passwords

niezgadniesz123 = 3 (0.0%)

ubqu = 3 (0.0%)

amonys = 3 (0.0%)

centralitie = 3 (0.0%)

bobydu = 3 (0.0%)

hanghuynh = 3 (0.0%)

hmadyousi = 3 (0.0%)

matthewperman = 3 (0.0%)

shadowninja2 = 3 (0.0%)

lhz4 = 3 (0.0%)

Top 10 基本密码

august = 219 (0.03%)

july = 205 (0.03%)

april = 199 (0.03%)

june = 195 (0.03%)

march = 165 (0.02%)

alex = 161 (0.02%)

love = 132 (0.02%)

chris = 130 (0.02%)

daniel = 128 (0.02%)

dragon = 122 (0.02%)

密码长度(以长度进行排序)

1 = 13 (0.0%)

2 = 103 (0.01%)

3 = 1332 (0.18%)

4 = 16781 (2.21%)

5 = 19831 (2.61%)

6 = 95800 (12.62%)

7 = 202414 (26.66%)

8 = 158562 (20.89%)

9 = 103855 (13.68%)

10 = 75652 (9.97%)

11 = 46023 (6.06%)

12 = 24997 (3.29%)

13 = 8423 (1.11%)

14 = 3772 (0.5%)

15 = 1560 (0.21%)

密码长度(以计数排序)

7 = 202414 (26.66%)

8 = 158562 (20.89%)

9 = 103855 (13.68%)

6 = 95800 (12.62%)

10 = 75652 (9.97%)

11 = 46023 (6.06%)

12 = 24997 (3.29%)

5 = 19831 (2.61%)

4 = 16781 (2.21%)

13 = 8423 (1.11%)

14 = 3772 (0.5%)

15 = 1560 (0.21%)

3 = 1332 (0.18%)

2 = 103 (0.01%)

1 = 13 (0.0%)

|

|

|

||

||

||

||

|||

||||

||||

|||||

|||||

||||||

||||||

|||||||||

|||||||||||||||||

00000000001111111

01234567890123456

One to six characters = 133854 (17.63%)

One to eight characters = 494828 (65.19%)

More than eight characters = 264275 (34.81%)

Only lowercase alpha = 154996 (20.42%)

Only uppercase alpha = 14072 (1.85%)

Only alpha = 169068 (22.27%)

Only numeric = 119581 (15.75%)

First capital last symbol = 6088 (0.8%)

First capital last number = 73611 (9.7%)

Months

january = 109 (0.01%)

february = 45 (0.01%)

march = 247 (0.03%)

april = 251 (0.03%)

may = 850 (0.11%)

june = 246 (0.03%)

july = 223 (0.03%)

august = 300 (0.04%)

september = 80 (0.01%)

october = 134 (0.02%)

november = 113 (0.01%)

december = 115 (0.02%)

Days

monday = 59 (0.01%)

tuesday = 20 (0.0%)

wednesday = 7 (0.0%)

thursday = 38 (0.01%)

friday = 46 (0.01%)

saturday = 7 (0.0%)

sunday = 70 (0.01%)

Months (Abreviated)

jan = 1482 (0.2%)

feb = 249 (0.03%)

mar = 8397 (1.11%)

apr = 692 (0.09%)

may = 850 (0.11%)

jun = 889 (0.12%)

jul = 1051 (0.14%)

aug = 785 (0.1%)

sept = 215 (0.03%)

oct = 512 (0.07%)

nov = 821 (0.11%)

dec = 874 (0.12%)

Days (Abreviated)

mon = 4319 (0.57%)

tues = 28 (0.0%)

wed = 217 (0.03%)

thurs = 44 (0.01%)

fri = 758 (0.1%)

sat = 769 (0.1%)

sun = 1018 (0.13%)

Includes years

1975 = 411 (0.05%)

1976 = 388 (0.05%)

1977 = 446 (0.06%)

1978 = 432 (0.06%)

1979 = 441 (0.06%)

1980 = 541 (0.07%)

1981 = 453 (0.06%)

1982 = 519 (0.07%)

1983 = 533 (0.07%)

1984 = 603 (0.08%)

1985 = 585 (0.08%)

1986 = 616 (0.08%)

1987 = 710 (0.09%)

1988 = 641 (0.08%)

1989 = 941 (0.12%)

1990 = 931 (0.12%)

1991 = 995 (0.13%)

1992 = 935 (0.12%)

1993 = 905 (0.12%)

1994 = 907 (0.12%)

1995 = 4021 (0.53%)

1996 = 858 (0.11%)

1997 = 486 (0.06%)

1998 = 443 (0.06%)

1999 = 416 (0.05%)

2000 = 1024 (0.13%)

2001 = 643 (0.08%)

2002 = 586 (0.08%)

2003 = 1132 (0.15%)

2004 = 1254 (0.17%)

2005 = 796 (0.1%)

2006 = 818 (0.11%)

2007 = 1442 (0.19%)

2008 = 1019 (0.13%)

2009 = 742 (0.1%)

2010 = 767 (0.1%)

2011 = 516 (0.07%)

2012 = 925 (0.12%)

2013 = 165 (0.02%)

2014 = 142 (0.02%)

2015 = 146 (0.02%)

2016 = 118 (0.02%)

2017 = 139 (0.02%)

2018 = 131 (0.02%)

2019 = 172 (0.02%)

2020 = 179 (0.02%)

Years (Top 10)

1995 = 4021 (0.53%)

2007 = 1442 (0.19%)

2004 = 1254 (0.17%)

2003 = 1132 (0.15%)

2000 = 1024 (0.13%)

2008 = 1019 (0.13%)

1991 = 995 (0.13%)

1989 = 941 (0.12%)

1992 = 935 (0.12%)

1990 = 931 (0.12%)

Colours

black = 485 (0.06%)

blue = 549 (0.07%)

brown = 184 (0.02%)

gray = 89 (0.01%)

green = 348 (0.05%)

orange = 125 (0.02%)

pink = 262 (0.03%)

purple = 73 (0.01%)

red = 2974 (0.39%)

white = 179 (0.02%)

yellow = 85 (0.01%)

violet = 63 (0.01%)

indigo = 22 (0.0%)

Single digit on the end = 92080 (12.13%)

Two digits on the end = 87587 (11.54%)

Three digits on the end = 103715 (13.66%)

Last number

0 = 45407 (5.98%)

1 = 64764 (8.53%)

2 = 52570 (6.93%)

3 = 52890 (6.97%)

4 = 43719 (5.76%)

5 = 55185 (7.27%)

6 = 42826 (5.64%)

7 = 46169 (6.08%)

8 = 42475 (5.6%)

9 = 44930 (5.92%)

|

|

| | |

||| |

|||| | | |

||||||||||

||||||||||

||||||||||

||||||||||

||||||||||

||||||||||

||||||||||

||||||||||

||||||||||

||||||||||

||||||||||

0123456789

Last digit

1 = 64764 (8.53%)

5 = 55185 (7.27%)

3 = 52890 (6.97%)

2 = 52570 (6.93%)

7 = 46169 (6.08%)

0 = 45407 (5.98%)

9 = 44930 (5.92%)

4 = 43719 (5.76%)

6 = 42826 (5.64%)

8 = 42475 (5.6%)

Last 2 digits (Top 10)

95 = 14675 (1.93%)

23 = 12192 (1.61%)

12 = 9230 (1.22%)

11 = 8214 (1.08%)

01 = 7606 (1.0%)

00 = 7131 (0.94%)

07 = 6295 (0.83%)

10 = 6182 (0.81%)

21 = 5881 (0.77%)

99 = 5868 (0.77%)

Last 3 digits (Top 10)

123 = 6857 (0.9%)

995 = 4122 (0.54%)

971 = 2916 (0.38%)

972 = 2850 (0.38%)

007 = 2514 (0.33%)

000 = 1868 (0.25%)

234 = 1725 (0.23%)

666 = 1465 (0.19%)

777 = 1389 (0.18%)

004 = 1347 (0.18%)

Last 4 digits (Top 10)

1995 = 3886 (0.51%)

1234 = 1379 (0.18%)

2007 = 1325 (0.17%)

2004 = 1121 (0.15%)

2003 = 1016 (0.13%)

2008 = 869 (0.11%)

2000 = 846 (0.11%)

1991 = 819 (0.11%)

2012 = 809 (0.11%)

1990 = 789 (0.1%)

Last 5 digits (Top 10)

12345 = 743 (0.1%)

23456 = 652 (0.09%)

54321 = 189 (0.02%)

23123 = 140 (0.02%)

56789 = 127 (0.02%)

34567 = 102 (0.01%)

11111 = 99 (0.01%)

45678 = 75 (0.01%)

00000 = 73 (0.01%)

88888 = 68 (0.01%)

US Area Codes

971 = Oregon: Metropolitan Portland,

Salem/Keizer area,

incl Cricket Wireless (OR)

972 = Texas: Dallas Metro (TX)

234 = NE Ohio: Canton, Akron (OH)

Character sets

loweralphanum: 330937 (43.6%)

loweralpha: 154996 (20.42%)

numeric: 119581 (15.75%)

mixedalphanum: 41121 (5.42%)

upperalphanum: 41078 (5.41%)

mixedalpha: 28464 (3.75%)

upperalpha: 14072 (1.85%)

loweralphaspecial: 10222 (1.35%)

loweralphaspecialnum: 5735 (0.76%)

mixedalphaspecial: 4724 (0.62%)

upperalphaspecial: 2939 (0.39%)

mixedalphaspecialnum: 2247 (0.3%)

specialnum: 648 (0.09%)

upperalphaspecialnum: 374 (0.05%)

special: 47 (0.01%)

Character set ordering

stringdigit: 349534 (46.05%)

allstring: 197532 (26.02%)

alldigit: 119581 (15.75%)

digitstring: 28873 (3.8%)

othermask: 18649 (2.46%)

stringdigitstring: 14577 (1.92%)

stringspecial: 10441 (1.38%)

digitstringdigit: 9981 (1.31%)

stringspecialstring: 5469 (0.72%)

stringspecialdigit: 3075 (0.41%)

specialstring: 834 (0.11%)

specialstringspecial: 510 (0.07%)

allspecial: 47 (0.01%)

Hashcat masks (Top 10)

?d?d?d?d?d?d?d: 85053 (11.2%)

?l?l?l?l?l?l: 38400 (5.06%)

?l?l?l?l?l?l?l?l: 36217 (4.77%)

?l?l?l?l?l?l?l: 35468 (4.67%)

?l?l?l?l?l?l?d?d?d: 24051 (3.17%)

?l?l?l?l?l?l?d?d: 18591 (2.45%)

?l?l?l?l?l?d?d?d: 18047 (2.38%)

?d?d?d?d?d?d: 16048 (2.11%)

?l?l?l?l?l?l?l?l?l: 14236 (1.88%)

?l?l?l?l?d?d?d: 13802 (1.82%)

结论

这是一个非常耗费时间和艰苦的工作，因为我不拥有最快的显卡。整个破解过程历时约5个月来完成，因为我必须完成我的CCNP认证学习。

从中学到的教训是，一个好的智能词典结合方便的规则，使用Hashcat或John the Ripper甚至可以破解强密码。基于以上情况，管理员应该使用更强的哈希算法(加盐)来存储你的密码，并在在定期的基础上更改自己的密码。

参考：

查md5啦 [ http://cmd5.la ]