UJP - 技術情報1

I hope this helps.

不正IP報告数

Okan Sensor
 
メイン
ログイン
ブログ カテゴリ一覧

fcrackzip zipcloak rockyou

fcrackzip zipcloak rockyou


更新履歴

  • 2021.03.22

はじめに

  • このドキュメントでは,パスワード付きZIPファイルのパスワードを解析するfcrackzipをmacOS Mojaveで使ってみる.


インストール

  • 今回はすでにパッケージはインストール済み.

[code]
$ brew info fcrackzip🆑
fcrackzip: stable 1.0 (bottled)
Zip password cracker
http://oldhome.schmorp.de/marc/fcrackzip.html
/usr/local/Cellar/fcrackzip/1.0 (11 files, 72.2KB) *
  Poured from bottle on 2021-03-14 at 16:10:53
From: https://github.com/Homebrew/homebrew-core/blob/HEAD/Formula/fcrackzip.rb
License: GPL-2.0
==> Analytics
install: 691 (30 days), 1,986 (90 days), 9,658 (365 days)
install-on-request: 691 (30 days), 1,986 (90 days), 9,622 (365 days)
build-error: 0 (30 days)
[macmini2014:nobuaki 18:50:41 ~ ]
$
[/code]

  • 過去1年で9600ダウンロードなのでマズマズかな.

パスワード付きZIPファイルを作成する

  • macの標準コマンドでパスワード付きZIPファイルを作成する.
  • 念の為,設定したパスワードで展開できるかテスト.暗号化前のファイルは削除.

[code]
$ mkdir fcrackzip_test🆑
[macmini2014:nobuaki 18:54:13 ~ ]
$ cd fcrackzip_test🆑
[macmini2014:nobuaki 18:54:19 ~/fcrackzip_test ]
$ echo abc > zipfile.txt🆑
$ zip zipfile.zip zipfile.txt🆑
  adding: zipfile.txt (stored 0%)
[macmini2014:nobuaki 18:56:00 ~/fcrackzip_test ]
$ ls -la
total 8
drwxr-xr-x   4 nobuaki staff  128  3 21 18:56 .
drwxr-xr-x+ 45 nobuaki staff 1440  3 21 18:54 ..
-rw-r--r--   1 nobuaki staff    4  3 21 18:54 zipfile.txt
-rw-r--r--   1 nobuaki staff  176  3 21 18:56 zipfile.zip🈁
[macmini2014:nobuaki 18:56:04 ~/fcrackzip_test ]
$
[macmini2014:nobuaki 18:56:29 ~/fcrackzip_test ]
$ zipcloak zipfile.zip🆑
Enter password:🔑
Verify password:🔑
encrypting: zipfile.txt
[macmini2014:nobuaki 18:57:00 ~/fcrackzip_test ]
$ ls -la🆑
total 8
drwxr-xr-x   4 nobuaki staff  128  3 21 18:57 .
drwxr-xr-x+ 45 nobuaki staff 1440  3 21 18:54 ..
-rw-r--r--   1 nobuaki staff    4  3 21 18:54 zipfile.txt
-rw-r--r--   1 nobuaki staff  188  3 21 19:08 zipfile.zip🈁
[macmini2014:nobuaki 19:00:39 ~/fcrackzip_test ]
$ rm zipfile.txt🆑
[macmini2014:nobuaki 19:09:15 ~/fcrackzip_test ]
$ unzip zipfile.zip🆑
Archive:  zipfile.zip
[zipfile.zip] zipfile.txt password:🔑
 extracting: zipfile.txt
[macmini2014:nobuaki 19:10:04 ~/fcrackzip_test ]
$ ls -la🆑
total 8
drwxr-xr-x   4 nobuaki staff  128  3 21 19:10 .
drwxr-xr-x+ 45 nobuaki staff 1440  3 21 19:07 ..
-rw-r--r--   1 nobuaki staff    4  3 21 18:54 zipfile.txt🈁
-rw-r--r--   1 nobuaki staff  188  3 21 19:08 zipfile.zip
[macmini2014:nobuaki 19:10:06 ~/fcrackzip_test ]
$ rm zipfile.txt🆑
[macmini2014:nobuaki 19:10:16 ~/fcrackzip_test ]
$ ls -la
total 4
drwxr-xr-x   3 nobuaki staff   96  3 21 19:10 .
drwxr-xr-x+ 45 nobuaki staff 1440  3 21 19:07 ..
-rw-r--r--   1 nobuaki staff  188  3 21 19:08 zipfile.zip
[macmini2014:nobuaki 19:10:18 ~/fcrackzip_test ]
$[/code]

  • 今回は4桁アルファベットでパスワードをつけた.

パスワード解析してみる

  • まずはコマンドのパラメータを確認.

[code]
$ fcrackzip -h🆑

fcrackzip version 1.0, a fast/free zip password cracker
written by Marc Lehmann <pcg@goof.com> You can find more info on
http://www.goof.com/pcg/marc/

USAGE: fcrackzip
          [-b|--brute-force]            use brute force algorithm
          [-D|--dictionary]             use a dictionary
          [-B|--benchmark]              execute a small benchmark
          [-c|--charset characterset]   use characters from charset
          [-h|--help]                   show this message
          [--version]                   show the version of this program
          [-V|--validate]               sanity-check the algortihm
          [-v|--verbose]                be more verbose
          [-p|--init-password string]   use string as initial password/file
          [-l|--length min-max]         check password with length min to max🈁
          [-u|--use-unzip]              use unzip to weed out wrong passwords🈁
          [-m|--method num]             use method number "num" (see below)
          [-2|--modulo r/m]             only calculcate 1/m of the password
          file...                    the zipfiles to crack

methods compiled in (* = default):

 0: cpmask
 1: zip1
*2: zip2, USE_MULT_TAB

[macmini2014:nobuaki 19:01:28 ~/fcrackzip_test ]
$
[/code]

  • 今回はパスワードは4桁だとわかっているので,-l(える)で」桁数を指定して実行.
    • パスワード長を指定しない場合,デフォルトは6文字.

[code]$ fcrackzip -l 4 -u zipfile.zip🆑
sh: -c: line 0: unexpected EOF while looking for matching `"'
sh: -c: line 1: syntax error: unexpected end of file
sh: -c: line 0: unexpected EOF while looking for matching `"'
sh: -c: line 1: syntax error: unexpected end of file
sh: -c: line 0: unexpected EOF while looking for matching `"'
sh: -c: line 1: syntax error: unexpected end of file
sh: -c: line 0: unexpected EOF while looking for matching `"'
sh: -c: line 1: syntax error: unexpected end of file
sh: -c: line 0: unexpected EOF while looking for matching `"'
sh: -c: line 1: syntax error: unexpected end of file
sh: -c: line 0: unexpected EOF while looking for matching `"'
sh: -c: line 1: syntax error: unexpected end of file
sh: -c: line 0: unexpected EOF while looking for matching `"'
sh: -c: line 1: syntax error: unexpected end of file
sh: -c: line 0: unexpected EOF while looking for matching `"'
sh: -c: line 1: syntax error: unexpected end of file
sh: -c: line 0: unexpected EOF while looking for matching `"'
sh: -c: line 1: syntax error: unexpected end of file


PASSWORD FOUND!!!!: pw == hage🈁
[macmini2014:nobuaki 19:13:53 ~/fcrackzip_test ]
$
[/code]

  • なんだかエラーが出るけれどパスワードは発見された.
  • timeコマンドで実行時間を計測.

[code]
$ time fcrackzip -l 4 -u zipfile.zip🆑
〜略〜

PASSWORD FOUND!!!!: pw == hage

real    1m28.966s🈁
user    0m32.084s
sys    0m44.241s
[macmini2014:nobuaki 19:16:42 ~/fcrackzip_test ]
$[/code]

  • 2014年の中型機で1分30秒程度か.


パスワードリスト(辞書)を使う

  • 2009年にRockyouというSNSでパスワードが漏洩している.
    • One Of The 32 Million With A RockYou Account? You May Want To Change All Your Passwords. Like Now.
    • https://techcrunch.com/2009/12/14/rockyou-hacked/
  • そのパスワードリストが,githubなどに公開されている.
  • その1つがこれ.
    • brannondorsey/naive-hashcat
      • https://github.com/brannondorsey/naive-hashcat/releases/tag/data
  • ダウンロードしたファイルがこれ.

[code]
$ ls -la🆑
total 147784
drwxr-xr-x   4 nobuaki staff       128  3 21 19:36 .
drwxr-xr-x+ 45 nobuaki staff      1440  3 21 19:38 ..
-rw-r--r--   1 nobuaki staff 139921497  3 14 16:30 rockyou.txt🈁
-rw-r--r--   1 nobuaki staff       188  3 21 19:08 zipfile.zip
[macmini2014:nobuaki 19:38:02 ~/fcrackzip_test ]
$ wc -l rockyou.txt🆑
14344391 rockyou.txt🈁
[macmini2014:nobuaki 19:38:06 ~/fcrackzip_test ]
$
[/code]

  • 1400万ワード.

[code]
$ grep -n anggandako rockyou.txt🆑
5286:anggandako
205727:anggandakoh
697215:anggandakono
1272015:sobranggandako
4466877:qanggandako
4959672:oanggandako
10088175:anggandakou
10088176:anggandakotrue
10088177:anggandakotalagasuper
10088178:anggandakosobra
10088179:anggandakop
10088180:anggandakonoh
10088181:anggandako2
10088182:anggandako1122
10088183:anggandako1
10422097:aanggandako
14344356:   anggandako🈁 ←  スペースを2つ+anggandako
[macmini2014:nobuaki 19:48:50 ~/fcrackzip_test ]
$[/code]

  • この中の14344356行目にあるanggandakoをパスワードに設定したファイルを作成.

[code]
$ echo aaa > anggandako.txt🆑
[macmini2014:nobuaki 19:43:59 ~/fcrackzip_test ]
$ zip anggandako.zip anggandako.txt🆑
  adding: anggandako.txt (stored 0%)
[macmini2014:nobuaki 19:44:09 ~/fcrackzip_test ]
$ zipcloak anggandako.zip🆑
Enter password:🔑 ←  anggandako をいれる(スペースを2つ)
Verify password:🔑  ←  anggandako をいれる(スペースを2つ)
encrypting: anggandako.txt
[macmini2014:nobuaki 19:44:32 ~/fcrackzip_test ]
$ rm anggandako.txt🆑
[macmini2014:nobuaki 19:44:44 ~/fcrackzip_test ]
$ unzip anggandako.zip🆑
Archive:  anggandako.zip
[anggandako.zip] anggandako.txt password:🔑  ←  anggandako をいれる(スペースを2つ)
 extracting: anggandako.txt
[macmini2014:nobuaki 19:44:53 ~/fcrackzip_test ]
$[/code]

  • 実行してみる.

[code]
$ fcrackzip -v -u -D -p rockyou.txt anggandako.zip🆑
found file 'anggandako.txt', (size cp/uc     16/     4, flags 1, chk 77f8)
sh: -c: line 1: syntax error: unexpected end of file
sh: -c: line 0: unexpected EOF while looking for matching ``'
sh: -c: line 1: syntax error: unexpected end of file

〜略〜

sh: -c: line 0: unexpected EOF while looking for matching `"'
sh: -c: line 1: syntax error: unexpected end of file
sh: 12: command not found
sh: -c: line 0: unexpected EOF while looking for matching ``'
sh: -c: line 1: syntax error: unexpected end of file
sh: -c: line 0: unexpected EOF while looking for matching ``'
sh: -c: line 1: syntax error: unexpected end of file
[macmini2014:nobuaki 20:03:10 ~/fcrackzip_test ]
$
[/code]

  • 残念.mac版だとエラーで終了する模様.

広告スペース
Google