понедельник, 6 января 2014 г.

Подбор паролей к кейстору

словарь pass.txt скачивается с тырнета

import java.io.BufferedReader;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.List;

public class TestKeyStore{

    public static void main( String[] args ) throws IOException, KeyStoreException{
        KeyStore ks = KeyStore.getInstance( KeyStore.getDefaultType() );

        boolean passwordFromKeyStoreFound = false;

        for( String pass : getAvailablePasswords() ){

            FileInputStream fis = null;
            try{
                fis = new FileInputStream( "nemo_keystore" );
                ks.load( fis, pass == null ? null : pass.toCharArray() );
                passwordFromKeyStoreFound = true;
                System.out.println( "Password from keystore: " + pass );

                System.out.println( "Size: " + ks.size() );
                System.out.println( "Type: " + ks.getType() );

                System.out.println( "Aliases:" );
                Enumeration<String> aliasese = ks.aliases();
                while( aliasese.hasMoreElements() ){
                    String alias = aliasese.nextElement();
                    System.out.println( alias );

                    System.out.println( "----------- certificate info ----------" );

                    Certificate cert = ks.getCertificate( alias );
                    System.out.println( cert );

                    System.out.println( "Certificate type: " + cert.getType() );
                    System.out.println( "Public key: " + cert.getPublicKey() );

                    System.out.println( "------------ password known bruteforce ------------" );
                    for( String availablepass : getAvailablePasswords() ){
                        try{
                            ks.getKey( alias, availablepass == null ? null : availablepass.toCharArray() );
                            System.out.println( availablepass + " valid!!!!!" );
                        }
                        catch( UnrecoverableKeyException e ){

                        }
                    }

                    System.out.println( "------------ password bruteforce ------------" );
                    List<String> passwords = new ArrayList<String>();
                    FileInputStream pfis = new FileInputStream( "pass.txt" );
                    BufferedReader pbr = new BufferedReader( new InputStreamReader( pfis ) );

                    for( ;; ){
                        String line = pbr.readLine();
                        if( line == null ){
                            break;
                        }
                        passwords.add( line );

                    }

                    System.out.println( "read of dictionary completed. start bruteforce " );

                    for( String password : passwords ){
                        try{
                            Key key = ks.getKey( alias, password == null ? null : password.toCharArray() );
                            System.out.println( "!!! Password for " + alias + " found. It's: " + password + " !!!" );
                            System.out.println( key );
                        }
                        catch( UnrecoverableKeyException e ){

                        }
                    }

                }

            }
            catch( Exception e ){
            }
            finally{
                if( fis != null ){
                    fis.close();
                }
            }
            if( passwordFromKeyStoreFound ){
                break;
            }
        }

        System.out.println( "------------ end ------------" );
    }

    public static List<String> getAvailablePasswords(){
        return new ArrayList<String>(){
            private static final long serialVersionUID = 1L;

            {
                add( "tallink12" );
                add( "Tallink12" );
                add( "tallink13" );
                add( "Tallink13" );
                add( "tallink12345" );
                add( "Tallink12345" );
                add( "12345" );
                add( "qwerty12345" );
                add( "qwerty12" );
                add( "tallink" );
                add( null );
                add( "" );
                add( "Passw0rd1" );
                add( "Passw0rd" );

            }
        };
    }
}