首页 > 代码库 > Ubuntu 安装 spark
Ubuntu 安装 spark
[申明]本文章仅供学习交流只用,切勿用作商业用途,请勿违反当地法规,否则后果自负。
转载请注明本文出处:http://blog.csdn.net/hk_jh/article/details/27368279
1、什么是wordpress?
关于wordpress的介绍请自行参照维基百科:http://zh.wikipedia.org/wiki/Wordpress
其实只要掌握了其加密原理,再用高效的语言实现之,暴力破解不就很容易了吗?
2、wordpress用户密码的加密算法
首先,wordpress是开源的,大家可以从官网下载源代码。另外wordpress是用php语言编写的。
wordpress用户密码加密后的密文格式:
$P$BcSda3/tRXQcRZMPj3cUI0jZJFdMgL0
$P$BNclJc4wbM.vSjKPYxKggDPtw3siXQ0
$P$BNclJc4wbM.vSjKPYxKggDPtw3siXQ0
以下是其解压后文件夹/include下的class-phpass.php文件的代码,主要包含了对用户密码进行加密的类及函数;
<?php
/**
* Portable PHP password hashing framework.
* @package phpass
* @since 2.5.0
* @version 0.3 / WordPress
* @link http://www.openwall.com/phpass/
*/
#
# Written by Solar Designer <solar at openwall.com> in 2004-2006 and placed in
# the public domain. Revised in subsequent years, still public domain.
#
# There's absolutely no warranty.
#
# Please be sure to update the Version line if you edit this file in any way.
# It is suggested that you leave the main version number intact, but indicate
# your project name (after the slash) and add your own revision information.
#
# Please do not change the "private" password hashing method implemented in
# here, thereby making your hashes incompatible. However, if you must, please
# change the hash type identifier (the "$P$") to something different.
#
# Obviously, since this code is in the public domain, the above are not
# requirements (there can be none), but merely suggestions.
#
/**
* Portable PHP password hashing framework.
*
* @package phpass
* @version 0.3 / WordPress
* @link http://www.openwall.com/phpass/
* @since 2.5.0
*/
class PasswordHash {
var $itoa64;
var $iteration_count_log2;
var $portable_hashes;
var $random_state;
function PasswordHash($iteration_count_log2, $portable_hashes)
{
$this->itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
if ($iteration_count_log2 < 4 || $iteration_count_log2 > 31)
$iteration_count_log2 = 8;
$this->iteration_count_log2 = $iteration_count_log2;
$this->portable_hashes = $portable_hashes;
$this->random_state = microtime() . uniqid(rand(), TRUE); // removed getmypid() for compatibility reasons
}
function get_random_bytes($count)
{
$output = '';
if ( @is_readable('/dev/urandom') &&
($fh = @fopen('/dev/urandom', 'rb'))) {
$output = fread($fh, $count);
fclose($fh);
}
if (strlen($output) < $count) {
$output = '';
for ($i = 0; $i < $count; $i += 16) {
$this->random_state =
md5(microtime() . $this->random_state);
$output .=
pack('H*', md5($this->random_state));
}
$output = substr($output, 0, $count);
}
return $output;
}
function encode64($input, $count)
{
$output = '';
$i = 0;
do {
$value = http://www.mamicode.com/ord($input[$i++]);>
3、算法分析
(1)wordpress密码加密后的密文格式:
$P$B12345678huiyw4r7qhfuhs8yjmd6ef
$P$912345678huiyw4r7qhfuhs8yjmd6ef
第一段:$P$格式固定
第二段:只有一个字符。若php版本大于5.0则为B,否则为9
第三段:8位salt
第四段:22位,真正加密后的密码
(2)密文的加密方法
php版本高于5.0
[注]“.”在php中是连接运算
参数TRUR表示加密结果取16字节二进制
count取2的13次方:8192
php版本低于5.0
[注]php低于5.0 md5返回的是32位十六进制字符串形式
pack(H*) 将md5结果转化为二进制
count取2的11次方:2048
上述方法得到的 $hash 再进行base64加密:
(3)wordpress的base64算法
64位字符表比较特殊,与普通的字符表顺序有差异:
itoa64 = ‘./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz‘;
//input即hash,count=16
$P$B12345678huiyw4r7qhfuhs8yjmd6ef
$P$912345678huiyw4r7qhfuhs8yjmd6ef
第一段:$P$格式固定
第二段:只有一个字符。若php版本大于5.0则为B,否则为9
第三段:8位salt
第四段:22位,真正加密后的密码
(2)密文的加密方法
php版本高于5.0
$hash = md5($salt . $password, TRUE);
do
{
$hash = md5($hash . $password, TRUE);
} while (--$count);[注]“.”在php中是连接运算
参数TRUR表示加密结果取16字节二进制
count取2的13次方:8192
php版本低于5.0
$hash = pack('H*', md5($salt . $password));
do
{
$hash = pack('H*', md5($hash . $password));
} while (--$count);[注]php低于5.0 md5返回的是32位十六进制字符串形式
pack(H*) 将md5结果转化为二进制
count取2的11次方:2048
上述方法得到的 $hash 再进行base64加密:
(3)wordpress的base64算法
64位字符表比较特殊,与普通的字符表顺序有差异:
itoa64 = ‘./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz‘;
//input即hash,count=16
function encode64($input, $count)
{
$output = '';
$i = 0;
do
{
$value = http://www.mamicode.com/ord($input[$i++]);//返回第一个字符的acsii值>
上述方法即可得到22位加密后的密码4、用C实现wordpress的加密
以下是本人自己用C实现的代码,如有错误,敬请指正!
wordpress.c 文件:
#include <stdio.h>
#include <string.h>
#include "md5.h"
#include "wordpress.h"
#define WORDPRESS_MD5_CHAR_NUM 16
unsigned char base64Char[] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
void md5_to_unsigned_char(unsigned char *hash)
{
int i;
unsigned char md5[17];
for (i = 0; i < 16; i++)
{
if (hash[2*i] >= '0' && hash[2*i] <= '9')
md5[i] = (hash[2*i] - '0') << 4;
else if (hash[2*i] >= 'a' && hash[2*i] <= 'f')
md5[i] = (hash[2*i] - 'a') <<4;
if (hash[2*i+1] >= '0' && hash[2*i+1] <= '9')
md5[i] = md5[i] | ((hash[2*i+1] - '0') & 0x0f);
else if (hash[2*i+1] >= 'a' && hash[2*i+1] <= 'f')
md5[i] = md5[i] | ((hash[2*i+1] - 'a') & 0x0f);
}
md5[16] = '\0';
for (i = 0; i < 16; i++)
hash[i] = md5[i];
hash[16] = '\0';
}
void base64Encode(unsigned char *md5, unsigned char *result)
{
int num_24bits = 5;
int i;
for (i = 0; i < num_24bits; ++i)
{
result[4 * i + 0] = base64Char[(md5[3 * i] >> 2) & 0x3F];
result[4 * i + 1] = base64Char[(((md5[3 * i] & 0x3) << 4) | (md5[3 * i + 1] >> 4)) & 0x3F];
result[4 * i + 2] = base64Char[((md5[3 * i + 1] << 2) | (md5[3 * i + 2] >> 6)) & 0x3F];
result[4 * i + 3] = base64Char[md5[3 * i + 2] & 0x3F];
}
result[20] = base64Char[md5[15] >> 2];
result[21] = base64Char[(md5[15] << 4) & 0x3F];
result[22] = '\0';
}
int wordpress( unsigned char * salt, unsigned char *passwd, int count, unsigned char *code )
{
int i, j;
char symbol;
unsigned char buffer[100];
unsigned char base64_code[23];
int len = strlen( (char *)passwd );
if (strlen( (char *)salt ) != 8)
{
printf("illegal salt!\n");
return 1;
}
if (count != 8192 && count != 2048)
{
printf("illegal count!\n");
return 1;
}
//first time use md5 function with salt
strcpy( (char *)buffer, (char *)salt );
strcat( (char *)buffer, (char *)passwd );
MD5( buffer, strlen( (char *)buffer), buffer, 0 );
md5_to_unsigned_char( buffer );
//count times md5 function
for (i = 0; i < count; i++)
{
memcpy( (void *)&buffer[WORDPRESS_MD5_CHAR_NUM], passwd, len );
MD5( buffer, WORDPRESS_MD5_CHAR_NUM + len, buffer, 0 );
md5_to_unsigned_char( buffer );
}
memcpy( (void *)code, buffer, 32);
base64Encode( buffer, base64_code );
if (count == 8192)
symbol = 'B';
else if(count == 2048)
symbol = '9';
strcpy( (char *)code, "$P$" );
code[3] = symbol;
code[4] = '\0';
strcat( (char *)code, (char *)salt);
memcpy( (void *)&code[12], base64_code, 22);
return 0;
}附上以前自己写的md5代码:
#include "md5.h"
#include <stdio.h>
#include <memory.h>
#include <string.h>
#define F(x,y,z) ((x & y) | (~x & z))
#define G(x,y,z) ((x & z) | (y & ~z))
#define H(x,y,z) (x^y^z)
#define I(x,y,z) (y ^ (x | ~z))
#define ROTATE_LEFT(x,n) ((x << n) | (x >> (32-n)))
#define FF(a,b,c,d,x,s,ac) { a += F(b,c,d) + x + ac; a = ROTATE_LEFT(a,s); a += b; }
#define GG(a,b,c,d,x,s,ac) { a += G(b,c,d) + x + ac; a = ROTATE_LEFT(a,s); a += b; }
#define HH(a,b,c,d,x,s,ac) { a += H(b,c,d) + x + ac; a = ROTATE_LEFT(a,s); a += b; }
#define II(a,b,c,d,x,s,ac) { a += I(b,c,d) + x + ac; a = ROTATE_LEFT(a,s); a += b; }
void MD5Init(MD5_CTX *context);
void MD5Update(MD5_CTX *context,unsigned char *input,unsigned int inputlen);
void MD5Final(MD5_CTX *context,unsigned char digest[16]);
void MD5Transform(unsigned int state[4],unsigned char block[64]);
void MD5Encode(unsigned char *output,unsigned int *input,unsigned int len);
void MD5Decode(unsigned int *output,unsigned char *input,unsigned int len);
unsigned char PADDING[]={0x80,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0};
void MD5Init(MD5_CTX *context)
{
context->count[0] = 0;
context->count[1] = 0;
context->state[0] = 0x67452301;
context->state[1] = 0xEFCDAB89;
context->state[2] = 0x98BADCFE;
context->state[3] = 0x10325476;
}
void MD5Update(MD5_CTX *context,unsigned char *input,unsigned int inputlen)
{
unsigned int i = 0,index = 0,partlen = 0;
index = (context->count[0] >> 3) & 0x3F;
partlen = 64 - index;
context->count[0] += inputlen << 3;
if(context->count[0] < (inputlen << 3))
context->count[1]++;
context->count[1] += inputlen >> 29;
if(inputlen >= partlen)
{
memcpy(&context->buffer[index],input,partlen);
MD5Transform(context->state,context->buffer);
for(i = partlen;i+64 <= inputlen;i+=64)
MD5Transform(context->state,&input[i]);
index = 0;
}
else
{
i = 0;
}
memcpy(&context->buffer[index],&input[i],inputlen-i);
}
void MD5Final(MD5_CTX *context,unsigned char digest[16])
{
unsigned int index = 0,padlen = 0;
unsigned char bits[8];
index = (context->count[0] >> 3) & 0x3F;
padlen = (index < 56)?(56-index):(120-index);
MD5Encode(bits,context->count,8);
MD5Update(context,PADDING,padlen);
MD5Update(context,bits,8);
MD5Encode(digest,context->state,16);
}
void MD5Encode(unsigned char *output,unsigned int *input,unsigned int len)
{
unsigned int i = 0,j = 0;
while(j < len)
{
output[j] = input[i] & 0xFF;
output[j+1] = (input[i] >> 8) & 0xFF;
output[j+2] = (input[i] >> 16) & 0xFF;
output[j+3] = (input[i] >> 24) & 0xFF;
i++;
j+=4;
}
}
void MD5Decode(unsigned int *output,unsigned char *input,unsigned int len)
{
unsigned int i = 0,j = 0;
while(j < len)
{
output[i] = (input[j]) |
(input[j+1] << 8) |
(input[j+2] << 16) |
(input[j+3] << 24);
i++;
j+=4;
}
}
void MD5Transform(unsigned int state[4],unsigned char block[64])
{
unsigned int a = state[0];
unsigned int b = state[1];
unsigned int c = state[2];
unsigned int d = state[3];
unsigned int x[64];
MD5Decode(x,block,64);
FF(a, b, c, d, x[ 0], 7, 0xd76aa478);
FF(d, a, b, c, x[ 1], 12, 0xe8c7b756);
FF(c, d, a, b, x[ 2], 17, 0x242070db);
FF(b, c, d, a, x[ 3], 22, 0xc1bdceee);
FF(a, b, c, d, x[ 4], 7, 0xf57c0faf);
FF(d, a, b, c, x[ 5], 12, 0x4787c62a);
FF(c, d, a, b, x[ 6], 17, 0xa8304613);
FF(b, c, d, a, x[ 7], 22, 0xfd469501);
FF(a, b, c, d, x[ 8], 7, 0x698098d8);
FF(d, a, b, c, x[ 9], 12, 0x8b44f7af);
FF(c, d, a, b, x[10], 17, 0xffff5bb1);
FF(b, c, d, a, x[11], 22, 0x895cd7be);
FF(a, b, c, d, x[12], 7, 0x6b901122);
FF(d, a, b, c, x[13], 12, 0xfd987193);
FF(c, d, a, b, x[14], 17, 0xa679438e);
FF(b, c, d, a, x[15], 22, 0x49b40821);
GG(a, b, c, d, x[ 1], 5, 0xf61e2562);
GG(d, a, b, c, x[ 6], 9, 0xc040b340);
GG(c, d, a, b, x[11], 14, 0x265e5a51);
GG(b, c, d, a, x[ 0], 20, 0xe9b6c7aa);
GG(a, b, c, d, x[ 5], 5, 0xd62f105d);
GG(d, a, b, c, x[10], 9, 0x2441453);
GG(c, d, a, b, x[15], 14, 0xd8a1e681);
GG(b, c, d, a, x[ 4], 20, 0xe7d3fbc8);
GG(a, b, c, d, x[ 9], 5, 0x21e1cde6);
GG(d, a, b, c, x[14], 9, 0xc33707d6);
GG(c, d, a, b, x[ 3], 14, 0xf4d50d87);
GG(b, c, d, a, x[ 8], 20, 0x455a14ed);
GG(a, b, c, d, x[13], 5, 0xa9e3e905);
GG(d, a, b, c, x[ 2], 9, 0xfcefa3f8);
GG(c, d, a, b, x[ 7], 14, 0x676f02d9);
GG(b, c, d, a, x[12], 20, 0x8d2a4c8a);
HH(a, b, c, d, x[ 5], 4, 0xfffa3942);
HH(d, a, b, c, x[ 8], 11, 0x8771f681);
HH(c, d, a, b, x[11], 16, 0x6d9d6122);
HH(b, c, d, a, x[14], 23, 0xfde5380c);
HH(a, b, c, d, x[ 1], 4, 0xa4beea44);
HH(d, a, b, c, x[ 4], 11, 0x4bdecfa9);
HH(c, d, a, b, x[ 7], 16, 0xf6bb4b60);
HH(b, c, d, a, x[10], 23, 0xbebfbc70);
HH(a, b, c, d, x[13], 4, 0x289b7ec6);
HH(d, a, b, c, x[ 0], 11, 0xeaa127fa);
HH(c, d, a, b, x[ 3], 16, 0xd4ef3085);
HH(b, c, d, a, x[ 6], 23, 0x4881d05);
HH(a, b, c, d, x[ 9], 4, 0xd9d4d039);
HH(d, a, b, c, x[12], 11, 0xe6db99e5);
HH(c, d, a, b, x[15], 16, 0x1fa27cf8);
HH(b, c, d, a, x[ 2], 23, 0xc4ac5665);
II(a, b, c, d, x[ 0], 6, 0xf4292244);
II(d, a, b, c, x[ 7], 10, 0x432aff97);
II(c, d, a, b, x[14], 15, 0xab9423a7);
II(b, c, d, a, x[ 5], 21, 0xfc93a039);
II(a, b, c, d, x[12], 6, 0x655b59c3);
II(d, a, b, c, x[ 3], 10, 0x8f0ccc92);
II(c, d, a, b, x[10], 15, 0xffeff47d);
II(b, c, d, a, x[ 1], 21, 0x85845dd1);
II(a, b, c, d, x[ 8], 6, 0x6fa87e4f);
II(d, a, b, c, x[15], 10, 0xfe2ce6e0);
II(c, d, a, b, x[ 6], 15, 0xa3014314);
II(b, c, d, a, x[13], 21, 0x4e0811a1);
II(a, b, c, d, x[ 4], 6, 0xf7537e82);
II(d, a, b, c, x[11], 10, 0xbd3af235);
II(c, d, a, b, x[ 2], 15, 0x2ad7d2bb);
II(b, c, d, a, x[ 9], 21, 0xeb86d391);
state[0] += a;
state[1] += b;
state[2] += c;
state[3] += d;
}
void MD5(unsigned char * buf, unsigned int len, unsigned char *out, int type)
{
int i;
MD5_CTX md5;
unsigned char digest[16];
char hex[]="0123456789abcdef";
char HEX[]="0123456789ABCDEF";
MD5Init(&md5);
MD5Update(&md5, buf,len);
MD5Final(&md5, digest);
if (type == 0)
{
for (i = 0; i < 16; i++)
{
out[i+i] = hex[digest[i] >> 4];
out[i+i+1] = hex[digest[i] & 0x0f];
}
}
else if (type == 1)
{
for (i = 0; i < 16; i++)
{
out[i+i] = HEX[digest[i] >> 4];
out[i+i+1] = HEX[digest[i] & 0x0f];
}
}
out[i+i] = '\0';
}
#include <stdio.h>
#include "wordpress.h"
int main()
{
unsigned char passwd[] = "12345678";
unsigned char salt[] = "12345687";
unsigned char code[40];
wordpress(salt, passwd, 8192, code);
printf("code: %s\n", code);
return 0;
}
声明:以上内容来自用户投稿及互联网公开渠道收集整理发布,本网站不拥有所有权,未作人工编辑处理,也不承担相关法律责任,若内容有误或涉及侵权可进行投诉: 投诉/举报 工作人员会在5个工作日内联系你,一经查实,本站将立刻删除涉嫌侵权内容。