john解密rar密码

目的

john解密rar密码（不是那种未授权带密码的）

实验过程

首先你要有一个带密码的rar文件，使用rar2john算出密码hash

# rar2john Nessus.rar    
Created directory: /root/.john
Nessus.rar:$rar5$16$0664a3a72b1302f2668e54ffdcf087ad$15$9914c9ce86ec5c93eb11f7112d34960d$8$0247d2bd58f54dce

使用rar2john算出密码hash输出到文件中

# rar2john Nessus.rar >Nessus.hash

使用john 对hash文件进行破解，–wordlist 后跟字典（kali自带）

# john Nessus.hash --wordlist /usr/share/wordlists/fasttrack.txt 

Warning: only loading hashes of type "RAR5", but also saw type "tripcode"
Use the "--format=tripcode" option to force loading hashes of that type instead
Using default input encoding: UTF-8
Loaded 1 password hash (RAR5 [PBKDF2-SHA256 256/256 AVX2 8x])
Cost 1 (iteration count) is 32768 for all loaded hashes
Will run 2 OpenMP threads
Proceeding with wordlist:/usr/share/john/password.lst
Press 'q' or Ctrl-C to abort, almost any other key for status
password         (Nessus.rar)     
1g 0:00:00:00 DONE (2023-01-31 22:03) 4.000g/s 256.0p/s 256.0c/s 256.0C/s 123456..green
Use the "--show" option to display all of the cracked passwords reliably
Session completed. 

可以看到密码已经破解出来