如果知道

hashcat/hashcat

World’s fastest and most advanced password recovery utility https://hashcat.net/hashcat/

hashcat

hashcat is the world’s fastest and most advanced password recovery utility, supporting five unique modes of attack for over 200 highly-optimized hashing algorithms. hashcat currently supports CPUs, GPUs, and other hardware accelerators on Linux, Windows, and macOS, and has facilities to help enable distributed password cracking.

License

hashcat is licensed under the MIT license. Refer to docs/license.txt for more information.

 

恐因樹莓派『GPU』之故︰

Download

GPU Driver requirements:

• AMD GPUs on Linux require “RadeonOpenCompute (ROCm)” Software Platform (1.6.180 or later)
• AMD GPUs on Windows require “AMD Radeon Software Crimson Edition” (15.12 or later)
• Intel CPUs require “OpenCL Runtime for Intel Core and Intel Xeon Processors” (16.1.1 or later)
• Intel GPUs on Linux require “OpenCL 2.0 GPU Driver Package for Linux” (2.0 or later)
• Intel GPUs on Windows require “OpenCL Driver for Intel Iris and Intel HD Graphics”
• NVIDIA GPUs require “NVIDIA Driver” (367.x or later)

 

無法『安裝』，果然以為『好事』耶？怕不知『劊客』肚腸哩！

沒有『快意我攻』之環境，所以才『起心動念』呦！？

難道他不會『揣摩』何謂

Hash function

A hash function that maps names to integers from 0 to 15. There is a collision between keys “John Smith” and “Sandra Dee”.

A hash function is any function that can be used to map data of arbitrary size to data of a fixed size. The values returned by a hash function are called hash values, hash codes, digests, or simply hashes. Hash functions are often used in combination with a hash table, a common data structure used in computer software for rapid data lookup. Hash functions accelerate table or database lookup by detecting duplicated records in a large file. One such application is finding similar stretches in DNA sequences. They are also useful in cryptography. A cryptographic hash function allows one to easily verify that some input data maps to a given hash value, but if the input data is unknown, it is deliberately difficult to reconstruct it (or any equivalent alternatives) by knowing the stored hash value. This is used for assuring integrity of transmitted data, and is the building block for HMACs, which provide message authentication.

Hash functions are related to (and often confused with) checksums, check digits, fingerprints, lossy compression, randomization functions, error-correcting codes, and ciphers. Although the concepts overlap to some extent, each one has its own uses and requirements and is designed and optimized differently. The HashKeeper database maintained by the American National Drug Intelligence Center, for instance, is more aptly described as a catalogue of file fingerprints than of hash values.

 

『嘗試』如何加味嗎？！

Salt (cryptography)

In cryptography, a salt is random data that is used as an additional input to a one-way function that “hashes” data, a password or passphrase. Salts are used to safeguard passwords in storage. Historically a password was stored in plaintext on a system, but over time additional safeguards developed to protect a user’s password against being read from the system. A salt is one of those methods.

A new salt is randomly generated for each password. In a typical setting, the salt and the password (or its version after Key stretching) are concatenated and processed with a cryptographic hash function, and the resulting output (but not the original password) is stored with the salt in a database. Hashing allows for later authentication without keeping and therefore risking the plaintext password in the event that the authentication data store is compromised.

Salts defend against dictionary attacks or against their hashed equivalent, a pre-computed rainbow table attack.^[1] Since salts do not have to be memorized by humans they can make the size of the rainbow table required for a successful attack prohibitively large without placing a burden on the users. Since salts are different in each case, they also protect commonly used passwords, or those users who use the same password on several sites, by making all salted hash instances for the same password different from each other.

Cryptographic salts are broadly used in many modern computer systems, from Unix system credentials to Internet security.

Salts are closely related to the concept of a cryptographic nonce.

 

故而自許『素客』者，務須『深研』呀◎

藉著

hashlib — Secure hashes and message digests

Source code: Lib/hashlib.py

---

This module implements a common interface to many different secure hash and message digest algorithms. Included are the FIPS secure hash algorithms SHA1, SHA224, SHA256, SHA384, and SHA512 (defined in FIPS 180-2) as well as RSA’s MD5 algorithm (defined in Internet RFC 1321). The terms “secure hash” and “message digest” are interchangeable. Older algorithms were called message digests. The modern term is secure hash.

 

『程式庫』，經由

 

『原始碼』的『學習』︰

passlib / passlib / handlers / sha2_crypt.py

class sha512_crypt(_SHA2_Common):
    """This class implements the SHA512-Crypt password hash, and follows the :ref:`password-hash-api`.

    It supports a variable-length salt, and a variable number of rounds.

    The :meth:`~passlib.ifc.PasswordHash.using` method accepts the following optional keywords:

    :type salt: str
    :param salt:
        Optional salt string.
        If not specified, one will be autogenerated (this is recommended).
        If specified, it must be 0-16 characters, drawn from the regexp range ``[./0-9A-Za-z]``.

    :type rounds: int
    :param rounds:
        Optional number of rounds to use.
        Defaults to 656000, must be between 1000 and 999999999, inclusive.

    :type implicit_rounds: bool
    :param implicit_rounds:
        this is an internal option which generally doesn't need to be touched.

        this flag determines whether the hash should omit the rounds parameter
        when encoding it to a string; this is only permitted by the spec for rounds=5000,
        and the flag is ignored otherwise. the spec requires the two different
        encodings be preserved as they are, instead of normalizing them.

    :type relaxed: bool
    :param relaxed:
        By default, providing an invalid value for one of the other
        keywords will result in a :exc:`ValueError`. If ``relaxed=True``,
        and the error can be corrected, a :exc:`~passlib.exc.PasslibHashWarning`
        will be issued instead. Correctable errors include ``rounds``
        that are too small or too large, and ``salt`` strings that are too long.

        .. versionadded:: 1.6
    """

 

root@kali:~# python3
Python 3.6.6 (default, Jun 27 2018, 14:44:17) 
[GCC 8.1.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import passlib.hash, crypt
>>> 密碼樣態 = "6"
>>> 加密鹽 = "zWfdesqL"
>>> 加密格式 = '{}6W37U8bi4X4TBfCBbpl0Xg3igJmJpZaRLjkmEceZudlf6OJ/.BVglCb1Z8VUFpXT.mpw6FUUyqP6qZZmx9VqMh.'
>>> 
>>> 雜湊二 = crypt.crypt(密碼,加密格式)
>>> 雜湊二
'zWfdesqL$W37U8bi4X4TBfCBbpl0Xg3igJmJpZaRLjkmEceZudlf6OJ/.BVglCb1Z8VUFpXT.mpw6FUUyqP6qZZmx9VqMh.'
>>> 雜湊一 == 雜湊二
True
>>> 

 

通達密碼『演算法』強弱之旨也☆

crypt — Function to check Unix passwords

Source code: Lib/crypt.py

---

This module implements an interface to the crypt(3) routine, which is a one-way hash function based upon a modified DES algorithm; see the Unix man page for further details. Possible uses include storing hashed passwords so you can check passwords without storing the actual password, or attempting to crack Unix passwords with a dictionary.

Notice that the behavior of this module depends on the actual implementation of the crypt(3) routine in the running system. Therefore, any extensions available on the current implementation will also be available on this module.