转自:https://www.unix-ninja.com/p/A_cheat-sheet_for_password_crackers
提取E-mail
1 | grep -E -o "\b[a-zA-Z0-9.#?$*_-]+@[a-zA-Z0-9.#?$*_-]+.[a-zA-Z0-9.-]+\b" *.txt > e-mails.txt |
提取http url
1 | grep http | grep -shoP 'http.*?[" >]' *.txt > http-urls.txt |
For extracting HTTPS, FTP and other URL format use1
grep -E '(((https|ftp|gopher)|mailto)[.:][^ >" ]*|www.[-a-z0-9.]+)[^ .,; >">):]' *.txt > urls.txt
提取浮点数
1 | grep -E -o "^[-+]?[0-9]*.?[0-9]+([eE][-+]?[0-9]+)?$" *.txt > floats.txt |
提取信用卡号码
1 | Visa |
各种hash的提取
md5 hash
1 | egrep -oE '(^|[^a-fA-F0-9])[a-fA-F0-9]{32}([^a-fA-F0-9]|$)' *.txt | egrep -o '[a-fA-F0-9]{32}' > md5-hashes.txt |
或1
sed -rn 's/.*[^a-fA-F0-9]([a-fA-F0-9]{32})[^a-fA-F0-9].*/1/p' *.txt > md5-hashes
上述代码用来查找SHA1, SHA256等其他未加salt的hash, 对于其他长度hash,只需要更改{32}中的长度
Extract valid MySQL-Old hashes
1 | grep -e "[0-7][0-9a-f]{7}[0-7][0-9a-f]{7}" *.txt > mysql-old-hashes.txt |
Extract blowfish hashes
1 | grep -e "$2a\$8\$(.){75}" *.txt > blowfish-hashes.txt |
Extract Joomla hashes
1 | egrep -o "([0-9a-zA-Z]{32}):(w{16,32})" *.txt > joomla.txt |
Extract VBulletin hashes
1 | egrep -o "([0-9a-zA-Z]{32}):(S{3,32})" *.txt > vbulletin.txt |
Extraxt phpBB3-MD5
1 | egrep -o '$H$S{31}' *.txt > phpBB3-md5.txt |
Extract Wordpress-MD5
1 | egrep -o '$P$S{31}' *.txt > wordpress-md5.txt |
Extract Drupal 7
1 | egrep -o '$S$S{52}' *.txt > drupal-7.txt |
Extract old Unix-md5
1 | egrep -o '$1$w{8}S{22}' *.txt > md5-unix-old.txt |
Extract md5-apr1
1 | egrep -o '$apr1$w{8}S{22}' *.txt > md5-apr1.txt |
Extract sha512crypt, SHA512(Unix)
1 | egrep -o '$6$w{8}S{86}' *.txt > sha512crypt.txt |