CN114499951A - Identity authentication information cracking method and device and electronic equipment - Google Patents

Identity authentication information cracking method and device and electronic equipment Download PDF

Info

Publication number
CN114499951A
CN114499951A CN202111591441.XA CN202111591441A CN114499951A CN 114499951 A CN114499951 A CN 114499951A CN 202111591441 A CN202111591441 A CN 202111591441A CN 114499951 A CN114499951 A CN 114499951A
Authority
CN
China
Prior art keywords
target
information
identity authentication
authentication information
preset
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111591441.XA
Other languages
Chinese (zh)
Inventor
李敏
梁镜汶
吕雪松
綦乃正
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Qi'an Pangu Shanghai Information Technology Co ltd
Original Assignee
Qi'an Pangu Shanghai Information Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Qi'an Pangu Shanghai Information Technology Co ltd filed Critical Qi'an Pangu Shanghai Information Technology Co ltd
Priority to CN202111591441.XA priority Critical patent/CN114499951A/en
Publication of CN114499951A publication Critical patent/CN114499951A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The invention provides a cracking method and a cracking device of identity authentication information and electronic equipment, wherein the method comprises the following steps: obtaining a background login page of target equipment; determining a target input box corresponding to target identity authentication information based on the background login page; cracking the target identity authentication information based on a preset dictionary and the target input box; the preset dictionary stores a plurality of preset identity authentication information. The method and the device for cracking the identity authentication information and the electronic equipment provided by the invention realize the automatic cracking of the target identity authentication information.

Description

Identity authentication information cracking method and device and electronic equipment
Technical Field
The invention relates to the technical field of data processing, in particular to a method and a device for cracking identity authentication information and electronic equipment.
Background
A Global System for Mobile Internet Protocol (GOIP) device is a network communication device, supports the access of a Mobile phone card, and can convert a traditional telephone signal into a network signal. One GOIP device can be used for simultaneously operating hundreds of mobile phone SIM cards, and can also remotely control a Subscriber Identity Module (SIM) card and GOIP devices in different places to make calls, receive and send short messages and the like, so that the separation of people and the SIM card is realized, and the GOIP device becomes a new means for fraudulently moleculae to achieve the purposes of hiding identities and avoiding attacks.
In the related art, when the GOIP device is located, the background system of the GOIP device can be accessed only by logging in account information and password information. Therefore, the account password of the GOIP device needs to be cracked.
Disclosure of Invention
Aiming at the problems in the prior art, the invention provides a method and a device for cracking identity authentication information and electronic equipment.
The invention provides a cracking method of identity authentication information, which comprises the following steps:
obtaining a background login page of target equipment;
determining a target input box corresponding to target identity authentication information based on the background login page;
cracking the target identity authentication information based on a preset dictionary and the target input box; the preset dictionary stores a plurality of preset identity authentication information.
According to the method for cracking the identity authentication information provided by the invention, the obtaining of the background login page of the target device comprises the following steps:
acquiring address information of the target equipment based on a batch processing command; wherein the address information comprises an IP address and a physical address;
and acquiring the background login page based on the address information.
According to the method for cracking the identity authentication information, the target identity authentication information is cracked based on the preset dictionary and the target input box, and the method comprises the following steps:
inputting each preset identity authentication information into the target input box;
receiving each return message sent by the target equipment; the return information is a verification result of the target equipment on the preset identity authentication information;
and when the length of the target return information is determined to be the same as the preset length, determining the preset identity authentication information corresponding to the target return information as the target identity authentication information.
The method for cracking the identity authentication information provided by the invention further comprises the following steps:
when the length of each piece of return information is determined to be different from the preset length, recreating the target dictionary;
and cracking the target identity authentication information based on the target dictionary and the target input box.
According to the cracking method of the identity authentication information provided by the invention, the target input frame corresponding to the target identity authentication information is determined based on the background login page, and the method comprises the following steps:
acquiring identification information of each input box in the background login page;
searching target identification information matched with the target identity authentication information in the identification information of each input box;
and determining the input box corresponding to the target identification information as the target input box.
According to the cracking method of the identity authentication information provided by the invention, the target identity authentication information comprises account information and/or password information;
searching target identification information matched with the target identity authentication information in the identification information of each input box; determining an input box corresponding to the target identification information as the target input box, including:
searching first target identification information matched with the account information in the identification information of each input box, and determining the input box corresponding to the first target identification information as a target account input box; and/or the presence of a gas in the gas,
and searching second target identification information matched with the password information in the identification information of each input box, and determining the input box corresponding to the second target identification information as a target password input box.
According to the cracking method of the identity authentication information provided by the invention, the preset identity authentication information comprises preset account information and/or preset password information;
the inputting each preset identity authentication information into the target input box comprises:
and inputting each piece of preset account information into the target account input box, and/or inputting each piece of preset password information into the target password input box.
According to the method for cracking the identity authentication information provided by the invention, when the length of the target return information is determined to be the same as the preset length, the preset identity authentication information corresponding to the target return information is determined as the target identity authentication information, and the method comprises the following steps:
when the length of the target return information is determined to be the same as the preset length, determining preset account information corresponding to the target return information as the target account information; and/or the presence of a gas in the gas,
and when the length of the target return information is determined to be the same as the preset length, determining the preset password information corresponding to the target return information as the target password information.
The invention also provides a cracking device of the identity authentication information, which comprises:
the acquisition unit is used for acquiring a background login page of the target equipment;
the determining unit is used for determining a target input box corresponding to the target identity authentication information based on the background login page;
the cracking unit is used for cracking the target identity authentication information based on a preset dictionary and the target input box; the preset dictionary stores a plurality of preset identity authentication information.
The invention also provides an electronic device, which comprises a memory, a processor and a computer program which is stored on the memory and can run on the processor, wherein the processor executes the program to realize the steps of any one of the identity authentication information cracking methods.
The present invention also provides a non-transitory computer readable storage medium having stored thereon a computer program which, when executed by a processor, performs the steps of the method for cracking identity authentication information as described in any of the above.
The invention also provides a computer program product comprising a computer program, wherein the computer program realizes the steps of the identity authentication information cracking method when being executed by a processor.
According to the method and the device for cracking the identity authentication information and the electronic equipment, when the background login page of the target equipment is obtained, the target input frame corresponding to the target identity authentication information is determined based on the background login page, and then the target identity authentication information is cracked based on the preset dictionary and the target input frame, so that the automatic cracking of the target identity authentication information is realized.
Drawings
In order to more clearly illustrate the technical solutions of the present invention or the prior art, the drawings needed for the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and those skilled in the art can also obtain other drawings according to the drawings without creative efforts.
Fig. 1 is one of the flow diagrams of the method for cracking the identity authentication information provided by the present invention;
FIG. 2 is a schematic diagram of a backstage supporter's landing page provided by the present invention;
fig. 3 is a second schematic flowchart of the method for cracking the identity authentication information according to the present invention;
fig. 4 is a third schematic flow chart of a cracking method of the identity authentication information provided by the present invention;
fig. 5 is a schematic structural diagram of a cracking device of the identity authentication information provided by the present invention;
fig. 6 is a schematic physical structure diagram of an electronic device provided in the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention clearer, the technical solutions of the present invention will be clearly and completely described below with reference to the accompanying drawings, and it is obvious that the described embodiments are some, but not all embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The method for cracking the identity authentication information according to the present invention is described below with reference to fig. 1 to 4.
Fig. 1 is a schematic flow diagram of a cracking method of identity authentication information provided in the present invention, and as shown in fig. 1, the cracking method of identity authentication information includes the following steps:
step 101, obtaining a background login page of a target device.
Wherein the target device comprises a GOIP device.
For example, a user may first attempt to log in to a background system of a target device using a default Internet Protocol (IP) address, a default physical address, a default account number, and a default password in a manufacturer manual, where the default account number and the default password of each manufacturer are shown in table 1; when it is determined that the background system of the target device is not successfully logged in based on the default IP address, the default physical address, the default account and the default password, the account and the password need to be cracked by adopting the cracking method provided by the invention. The default physical Address refers to a Media Access Control Address (MAC) as a default.
TABLE 1
Name of manufacturer Default account number Default password
First manufacturer admin admin
Manufacturer two root root
Third manufacturer admin admin
Manufacturer four admin admin
Manufacturer five admin admin
Specifically, an electronic device such as a notebook computer or a computer is connected with a target device, a proxy browser is arranged on the electronic device, and when an IP address and a physical address of the target device are found, the background login page of the target device is logged in through the proxy browser by using the IP address and the physical address of the target device, so that the background login page of the target device is obtained.
And 102, determining a target input box corresponding to the target identity authentication information based on the background login page.
In an example, when the proxy browser acquires a background login page of the target device, the identification information of all input boxes in the background login page is acquired, the identification information of all input boxes is packaged to obtain a data packet, then the data packet is sent to a cracking program, and the cracking program determines a target input box corresponding to the target identity authentication information based on the identification information of all input boxes in the data packet; i.e. the fields that need to be broken are determined, including the account information field and/or the password information field. For example, when the target identity authentication information is password information, determining a password input box; when the target identity authentication information is account information, determining an account input box; and when the target identity authentication information is account information and password information, determining an account input box and a password input box.
And 103, cracking the target identity authentication information based on a preset dictionary and the target input box.
The preset dictionary stores a plurality of preset identity authentication information.
Exemplarily, when a target input frame corresponding to the target identity authentication information is obtained, inputting each preset identity authentication information in a preset dictionary into the target input frame, waiting for the target device to verify each input preset identity authentication information, and completing a cracking process of the target identity authentication information when the verification passes; for example, if the target identity authentication information includes account information and password information, inputting preset account information into an account input box, inputting preset password information into a password input box, waiting for the target device to return verification results of the input preset account information and preset password information, and determining whether the account password is cracked based on each verification result.
According to the method for cracking the identity authentication information, when the background login page of the target equipment is obtained, the target input frame corresponding to the target identity authentication information is determined based on the background login page, and then the target identity authentication information is cracked based on the preset dictionary and the target input frame, so that automatic cracking of the target identity authentication information is realized.
Optionally, step 101 in fig. 1 may be specifically implemented by the following steps:
acquiring address information of the target equipment based on a batch processing command; and acquiring the background login page based on the address information.
Wherein the address information includes an IP address and a physical address.
Illustratively, when the IP address and the physical address of the target device are not found, the proxy browser obtains the IP address and the physical address of the target device connected to the proxy browser through a batch processing command, and opens a background login page of the target device in the proxy browser through the IP address and the physical address of the target device, where the specific background login page is as shown in fig. 2.
Optionally, fig. 3 is a second schematic flow chart of the method for cracking the identity authentication information provided by the present invention, as shown in fig. 3, step 102 in fig. 1 may be specifically implemented in the following manner:
and step 1021, acquiring the identification information of each input box in the background login page.
Illustratively, when the proxy browser enters the backstage supporter landing page, the identification information of each input box in the backstage supporter landing page is obtained, the identification information of each input box is packaged to obtain a data packet, and then the obtained data packet is sent to a cracking program running on the electronic equipment.
Step 1022, searching for target identification information matched with the target identity authentication information in the identification information of each input box.
Illustratively, when a cracking program receives a data packet, target identification information matched with target identity authentication information is searched in identification information of each input box in the data packet; for example, the data packet includes identification information of three input boxes, which are a user name, a password and a verification code, respectively, and if the target identity authentication information includes account information and password information, it may be determined that the input box whose identification information is the user name is an input box corresponding to the account information, and it may be determined that the input box whose identification information is the password is an input box corresponding to the password information.
And 1023, determining an input box corresponding to the target identification information as the target input box.
Illustratively, when the input frame corresponding to the target identification information is determined, the input frame corresponding to the target identification information is determined as the target input frame, and the target input frame is used for inputting the preset identity authentication information in the preset dictionary, so that the decryption of the identity authentication information is realized.
According to the identity authentication information cracking method provided by the invention, the target input frame used for inputting the preset identity authentication information in the preset dictionary is determined based on the identification information of each input frame in the background login page instead of directly acquiring the input frame in the background login page for inputting, so that the accuracy of the input position of the identity authentication information is improved.
Optionally, fig. 4 is a third schematic flow chart of the method for cracking the identity authentication information provided by the present invention, as shown in fig. 4, step 103 in fig. 1 may be specifically implemented by the following steps:
step 1031, inputting each preset identity authentication information into the target input box.
Illustratively, when a target input box is obtained, inputting each preset identity authentication information in a preset dictionary into the target input box, when the target device receives the input preset identity authentication information, verifying the preset identity authentication information, and when the verification is successful, sending return information corresponding to the preset identity authentication information to the electronic device connected with the target device, wherein the specific return information may be a character string for which the verification is successful; and when the verification fails, sending return information corresponding to the preset identity authentication information to the electronic equipment connected with the target equipment, wherein the specific return information can be a character string of which the account password verification fails.
It can be understood that when the target identity authentication information only includes the password information, it is indicated that only the password needs to be cracked, the account information already exists in the account input box at this time, and when the target device performs verification, the account information and the password information can be verified at the same time, only the verification of the password information is correct, and the return information finally returned to the electronic device is also a verification result for the account information; when the target identity authentication information includes account information and password information, it is described that the account and the password need to be decrypted at the same time, at this time, when the target device performs verification, the account information and the password information need to be verified at the same time, and the return information finally returned to the electronic device is also a verification result for the account information and the password information.
And step 1032, receiving each piece of return information sent by the target device.
And the return information is the verification result of the target equipment on the preset identity authentication information.
And 1033, when it is determined that the length of the target return information is the same as the preset length, determining preset identity authentication information corresponding to the target return information as the target identity authentication information.
Exemplarily, when each piece of return information is received, determining the length of each piece of return information, comparing the length of each piece of return information with a preset length, and when it is determined that the piece of return information has the same length as the preset length, determining the piece of return information having the same length as the preset length as the target piece of return information, and further determining the preset identity authentication information corresponding to the target piece of return information as the target identity authentication information; for example, when the return information is a character string indicating that the verification is successful, the length of the return information is 8; when the returned information is a character string indicating that the account password verification fails, the length of the returned information is 16, and if the preset length is 8, when the returned information with the length of 8 is determined in the length of each returned information, it is indicated that the preset identity authentication information corresponding to the returned information with the length of 8 is correct target identity authentication information, and the cracking is successful.
The method for cracking the identity authentication information determines whether the identity authentication information is cracked successfully or not based on the length of the returned information, realizes automatic recognition of cracking results, and does not need user participation.
Further, step 103 in fig. 1 may be specifically implemented by the following steps:
and 1034, when the length of each piece of return information is determined to be different from the preset length, recreating the target dictionary.
For example, when it is determined that the lengths of all the returned information are different from the preset length, it is indicated that the preset identity authentication information corresponding to all the returned information is wrong identity authentication information and needs to be cracked continuously; and at the moment, the target dictionary is re-created based on the dictionary generator, and the target dictionary comprises identity authentication information different from the preset identity authentication information in the preset dictionary.
And 1035, cracking the target identity authentication information based on the target dictionary and the target input box.
Illustratively, when the target dictionary is created, each piece of identity authentication information in the target dictionary is input into the target input box, so that the identity authentication information is cracked again, and a specific cracking method is similar to the cracking method based on the preset dictionary and is not described herein again.
It should be noted that when the target dictionary fails to crack the identity authentication information, a new dictionary is continuously created, and then the identity authentication information is cracked based on the new dictionary and the target input box until the cracking is successful.
It should be noted that the time required for the specific cracking depends on the complexity of the set target authentication information.
According to the identity authentication information cracking method provided by the invention, when the length of each returned message is determined to be different from the preset length, the identity authentication information is cracked continuously based on the recreated target dictionary, so that the cracking success probability is improved.
Optionally, the target identity authentication information includes account information and/or password information; step 1022 and step 1023 in fig. 3 may be specifically implemented by:
searching first target identification information matched with the account information in the identification information of each input box, and determining the input box corresponding to the first target identification information as a target account input box; and/or the presence of a gas in the gas,
and searching second target identification information matched with the password information in the identification information of each input box, and determining the input box corresponding to the second target identification information as a target password input box.
For example, in the case that the target identity authentication information includes account information, first target identification information matching the account information is searched in identification information of each input box, and an input box corresponding to the first target identification information is determined as a target account input box, that is, the target input box is the target account input box.
Under the condition that the target identity authentication information comprises the password information, second target identification information matched with the password information is searched in the identification information of each input box, and the input box corresponding to the second target identification information is determined as the target password input box, namely the target input box is the target password input box.
Under the condition that the target identity authentication information simultaneously comprises account information and password information, first target identification information matched with the account information and second target identification information matched with the password information are searched in the identification information of each input box, the input box corresponding to the first target identification information is determined as a target account input box, and the input box corresponding to the second target identification information is determined as a target password input box, namely the target input box comprises the target account input box and the target password input box.
The method for cracking the identity authentication information can automatically determine the target input frame corresponding to the target identity authentication information based on the identification information of all the input frames in the background login page, realizes automatic determination of the target input frame, does not need manual participation, and improves cracking efficiency.
Optionally, the preset identity authentication information includes preset account information and/or preset password information; step 1031 in fig. 4 may be specifically implemented by:
and inputting each piece of preset account information into the target account input box, and/or inputting each piece of preset password information into the target password input box.
For example, in a case where the target identity authentication information includes account information, the preset identity authentication information also includes preset account information, each piece of preset account information is input to the target account input box, and the target device verifies the input preset account information.
And under the condition that the target identity authentication information comprises the password information, the preset identity authentication information also comprises the preset password information, each preset password information is input into the target password input box, and the target equipment verifies the input preset password information.
When the target identity authentication information includes account information and password information, the preset identity authentication information also includes preset account information and preset password information, the preset account information needs to be input into the target account input box during each input, meanwhile, the preset password information corresponding to the preset account information is input into the target password input box, and the input preset account information and the input preset password information are verified by the target device.
According to the method for cracking the identity authentication information, the preset account information is automatically input into the target account input box, the preset password information is input into the target password input box, manual participation is not needed, and the cracking efficiency is improved.
Optionally, step 1033 in fig. 4 may be specifically implemented by:
when the length of the target return information is determined to be the same as the preset length, determining preset account information corresponding to the target return information as the target account information; and/or the presence of a gas in the gas,
and when the length of the target return information is determined to be the same as the preset length, determining the preset password information corresponding to the target return information as the target password information.
In an example, when the target identity authentication information includes account information, when it is determined that the length of the target return information is the same as the preset length, it is described that the preset account information corresponding to the target return information is correct account information, so that the preset account information corresponding to the target return information is determined as the target account information, and the target account information is displayed, so that a user can know the cracked target account information conveniently.
Under the condition that the target identity authentication information comprises the password information, when the length of the target return information is determined to be the same as the preset length, the preset password information corresponding to the target return information is indicated to be correct password information, so that the preset password information corresponding to the target return information is determined to be the target password information, the target password information is displayed, and a user can know the cracked target password information conveniently.
Under the condition that the target identity authentication information comprises account information and password information, when the length of the target return information is determined to be the same as the preset length, the preset account information corresponding to the target return information is correct account information, and the preset password information corresponding to the target return information is correct password information, so that the preset account information corresponding to the target return information is determined to be the target account information, the corresponding preset password information is determined to be the target password information, the target account information and the target password information are both displayed, and a user can know the cracked target account information and target password information conveniently.
In addition, when the target account information and the target password information are obtained through cracking, the target account information and the target password information can be input into corresponding input boxes of a background login page, at this time, the target device can normally enter a background system of the target device, and then key information for obtaining evidence can be obtained through the background system, wherein the key information can comprise a user Mobile phone number, an International Mobile Equipment Identity (IMEI), a call record, an IP address and port information of a remote control server and the like.
The method for cracking the identity authentication information determines whether the cracking of the account information and the password information is successful or not based on the length of the returned information, realizes automatic recognition of cracking results, and does not need user participation.
The device for cracking the identity authentication information provided by the invention is described below, and the device for cracking the identity authentication information described below and the method for cracking the identity authentication information described above can be referred to each other.
Fig. 5 is a schematic structural diagram of a cracking device of identity authentication information provided by the present invention, and as shown in fig. 5, the cracking device of identity authentication information includes an obtaining unit 501, a determining unit 502, and a cracking unit 503; wherein:
an obtaining unit 501, configured to obtain a background login page of a target device;
a determining unit 502, configured to determine, based on the background login page, a target input box corresponding to target identity authentication information;
a cracking unit 503, configured to crack the target identity authentication information based on a preset dictionary and the target input box; the preset dictionary stores a plurality of preset identity authentication information.
According to the device for cracking the identity authentication information, when the background login page of the target equipment is obtained, the target input frame corresponding to the target identity authentication information is determined based on the background login page, and then the target identity authentication information is cracked based on the preset dictionary and the target input frame, so that automatic cracking of the target identity authentication information is realized.
Based on any of the above embodiments, the obtaining unit 501 is specifically configured to:
acquiring address information of the target equipment based on a batch processing command; wherein the address information comprises an IP address and a physical address;
and acquiring the background login page based on the address information.
Based on any of the above embodiments, the cracking unit 503 is specifically configured to:
inputting each preset identity authentication information into the target input box;
receiving each return message sent by the target equipment; the return information is a verification result of the target equipment on the preset identity authentication information;
and when the length of the target return information is determined to be the same as the preset length, determining the preset identity authentication information corresponding to the target return information as the target identity authentication information.
Based on any of the above embodiments, the cracking unit 503 is further specifically configured to:
when the length of each piece of return information is determined to be different from the preset length, a target dictionary is created again;
and cracking the target identity authentication information based on the target dictionary and the target input box.
Based on any of the above embodiments, the determining unit 502 is specifically configured to:
acquiring identification information of each input box in the background login page;
searching target identification information matched with the target identity authentication information in the identification information of each input box;
and determining the input box corresponding to the target identification information as the target input box.
Based on any of the above embodiments, the target identity authentication information includes account information and/or password information; the determining unit 502 is further specifically configured to:
searching first target identification information matched with the account information in the identification information of each input box, and determining the input box corresponding to the first target identification information as a target account input box; and/or the presence of a gas in the gas,
and searching second target identification information matched with the password information in the identification information of each input box, and determining the input box corresponding to the second target identification information as a target password input box.
Based on any one of the above embodiments, the preset identity authentication information includes preset account information and/or preset password information; the cracking unit 503 is further specifically configured to:
and inputting each piece of preset account information into the target account input box, and/or inputting each piece of preset password information into the target password input box.
Based on any of the above embodiments, the cracking unit 503 is further specifically configured to:
when the length of the target return information is determined to be the same as the preset length, determining preset account information corresponding to the target return information as the target account information; and/or the presence of a gas in the atmosphere,
and when the length of the target return information is determined to be the same as the preset length, determining the preset password information corresponding to the target return information as the target password information.
Fig. 6 is a schematic physical structure diagram of an electronic device provided in the present invention, and as shown in fig. 6, the electronic device may include: a processor (processor)610, a communication Interface 620, a memory (memory)630 and a communication bus 640, wherein the processor 610, the communication Interface 620 and the memory 630 complete communication with each other through the communication bus 640. The processor 610 may invoke logic instructions in the memory 630 to perform a method of cracking identity authentication information, the method comprising: acquiring a background login page of target equipment;
determining a target input box corresponding to target identity authentication information based on the background login page;
cracking the target identity authentication information based on a preset dictionary and the target input box; the preset dictionary stores a plurality of preset identity authentication information.
In addition, the logic instructions in the memory 630 may be implemented in the form of software functional units and stored in a computer readable storage medium when the logic instructions are sold or used as independent products. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
In another aspect, the present invention also provides a computer program product, where the computer program product includes a computer program, the computer program can be stored on a non-transitory computer readable storage medium, and when the computer program is executed by a processor, a computer can execute the method for cracking the identity authentication information provided by the above methods, and the method includes: obtaining a background login page of target equipment;
determining a target input box corresponding to target identity authentication information based on the background login page;
cracking the target identity authentication information based on a preset dictionary and the target input box; the preset dictionary stores a plurality of preset identity authentication information.
In yet another aspect, the present invention also provides a non-transitory computer-readable storage medium, on which a computer program is stored, the computer program, when executed by a processor, implementing a method for performing the cracking of the authentication information provided by the above methods, the method comprising: obtaining a background login page of target equipment;
determining a target input box corresponding to target identity authentication information based on the background login page;
cracking the target identity authentication information based on a preset dictionary and the target input box; the preset dictionary stores a plurality of preset identity authentication information.
The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
Through the above description of the embodiments, those skilled in the art will clearly understand that each embodiment can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware. With this understanding in mind, the above-described technical solutions may be embodied in the form of a software product, which can be stored in a computer-readable storage medium such as ROM/RAM, magnetic disk, optical disk, etc., and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the methods described in the embodiments or some parts of the embodiments.
Finally, it should be noted that: the above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.

Claims (12)

1. A cracking method of identity authentication information is characterized by comprising the following steps:
obtaining a background login page of target equipment;
determining a target input box corresponding to target identity authentication information based on the background login page;
cracking the target identity authentication information based on a preset dictionary and the target input box; the preset dictionary stores a plurality of preset identity authentication information.
2. The method for breaking the identity authentication information according to claim 1, wherein the obtaining a background login page of the target device includes:
acquiring address information of the target equipment based on a batch processing command; wherein the address information comprises an IP address and a physical address;
and acquiring the background login page based on the address information.
3. The method for breaking the identity authentication information according to claim 1, wherein the breaking the target identity authentication information based on the preset dictionary and the target input box comprises:
inputting each preset identity authentication information into the target input box;
receiving each return message sent by the target equipment; the return information is a verification result of the target equipment on the preset identity authentication information;
and when the length of the target return information is determined to be the same as the preset length, determining the preset identity authentication information corresponding to the target return information as the target identity authentication information.
4. The method for breaking the identity authentication information according to claim 3, further comprising:
when the length of each piece of return information is determined to be different from the preset length, a target dictionary is created again;
and cracking the target identity authentication information based on the target dictionary and the target input box.
5. The method for breaking the identity authentication information according to claim 3, wherein the determining the target input box corresponding to the target identity authentication information based on the background login page includes:
acquiring identification information of each input box in the background login page;
searching target identification information matched with the target identity authentication information in the identification information of each input box;
and determining the input box corresponding to the target identification information as the target input box.
6. The method for cracking identity authentication information according to claim 5, wherein the target identity authentication information includes account information and/or password information;
searching target identification information matched with the target identity authentication information in the identification information of each input box; determining an input box corresponding to the target identification information as the target input box, including:
searching first target identification information matched with the account information in the identification information of each input box, and determining the input box corresponding to the first target identification information as a target account input box; and/or the presence of a gas in the gas,
and searching second target identification information matched with the password information in the identification information of each input box, and determining the input box corresponding to the second target identification information as a target password input box.
7. The method for cracking the identity authentication information according to claim 6, wherein the preset identity authentication information includes preset account information and/or preset password information;
the inputting each preset identity authentication information into the target input box comprises:
and inputting each piece of preset account information into the target account input box, and/or inputting each piece of preset password information into the target password input box.
8. The method for cracking identity authentication information according to claim 7, wherein the determining that the preset identity authentication information corresponding to the target return information is the target identity authentication information when it is determined that the length of the target return information is the same as a preset length comprises:
when the length of the target return information is determined to be the same as the preset length, determining preset account information corresponding to the target return information as the target account information; and/or the presence of a gas in the gas,
and when the length of the target return information is determined to be the same as the preset length, determining the preset password information corresponding to the target return information as the target password information.
9. A cracking device of identity authentication information is characterized by comprising:
the acquisition unit is used for acquiring a background login page of the target equipment;
the determining unit is used for determining a target input box corresponding to the target identity authentication information based on the background login page;
the cracking unit is used for cracking the target identity authentication information based on a preset dictionary and the target input box; the preset dictionary stores a plurality of preset identity authentication information.
10. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor when executing the program performs the steps of the method for cracking the authentication information according to any one of claims 1 to 8.
11. A non-transitory computer readable storage medium, on which a computer program is stored, wherein the computer program, when being executed by a processor, implements the steps of the method for cracking identity authentication information according to any one of claims 1 to 8.
12. A computer program product comprising a computer program, wherein the computer program when executed by a processor performs the steps of the method of cracking identity authentication information according to any one of claims 1 to 8.
CN202111591441.XA 2021-12-23 2021-12-23 Identity authentication information cracking method and device and electronic equipment Pending CN114499951A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111591441.XA CN114499951A (en) 2021-12-23 2021-12-23 Identity authentication information cracking method and device and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111591441.XA CN114499951A (en) 2021-12-23 2021-12-23 Identity authentication information cracking method and device and electronic equipment

Publications (1)

Publication Number Publication Date
CN114499951A true CN114499951A (en) 2022-05-13

Family

ID=81493584

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111591441.XA Pending CN114499951A (en) 2021-12-23 2021-12-23 Identity authentication information cracking method and device and electronic equipment

Country Status (1)

Country Link
CN (1) CN114499951A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116094733A (en) * 2023-04-03 2023-05-09 中国电子科技集团公司第三十研究所 Automatic cracking method and system for challenge/response identity authentication

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105824486A (en) * 2015-01-07 2016-08-03 阿里巴巴集团控股有限公司 Method and apparatus for displaying check codes
CN109409079A (en) * 2018-10-29 2019-03-01 成都亚信网络安全产业技术研究院有限公司 Weak passwurd check method and device
CN110704816A (en) * 2019-09-29 2020-01-17 武汉极意网络科技有限公司 Interface cracking recognition method, device, equipment and storage medium
CN113094696A (en) * 2021-06-09 2021-07-09 中国电子信息产业集团有限公司第六研究所 Password cracking effect evaluation method and device, electronic equipment and storage medium
CN113392303A (en) * 2021-08-17 2021-09-14 北京华云安信息技术有限公司 Background blasting method, device, equipment and computer readable storage medium

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105824486A (en) * 2015-01-07 2016-08-03 阿里巴巴集团控股有限公司 Method and apparatus for displaying check codes
CN109409079A (en) * 2018-10-29 2019-03-01 成都亚信网络安全产业技术研究院有限公司 Weak passwurd check method and device
CN110704816A (en) * 2019-09-29 2020-01-17 武汉极意网络科技有限公司 Interface cracking recognition method, device, equipment and storage medium
CN113094696A (en) * 2021-06-09 2021-07-09 中国电子信息产业集团有限公司第六研究所 Password cracking effect evaluation method and device, electronic equipment and storage medium
CN113392303A (en) * 2021-08-17 2021-09-14 北京华云安信息技术有限公司 Background blasting method, device, equipment and computer readable storage medium

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116094733A (en) * 2023-04-03 2023-05-09 中国电子科技集团公司第三十研究所 Automatic cracking method and system for challenge/response identity authentication
CN116094733B (en) * 2023-04-03 2023-08-22 中国电子科技集团公司第三十研究所 Automatic cracking method and system for challenge/response identity authentication

Similar Documents

Publication Publication Date Title
US9979721B2 (en) Method, server, client and system for verifying verification codes
US9882916B2 (en) Method for verifying sensitive operations, terminal device, server, and verification system
WO2017000830A1 (en) Cross-terminal login-free method and device
US20170092276A1 (en) Voiceprint Verification Method And Device
CN106341372A (en) Terminal authentication processing method and device, and terminal authentication method, device and system
CN104468531A (en) Authorization method, device and system for sensitive data
CN104834839B (en) A kind of code generating method, method for authenticating and associated terminal based on bar code
US20160248747A1 (en) Method, terminal and system for associating user resource information
CN105791246B (en) Verification method, the apparatus and system of verification information
CN104917722B (en) The method, apparatus and system of authentication
CN107086979A (en) A kind of user terminal method for verifying login and device
CN111953668B (en) Network security information processing method and device
CN104092653B (en) Data processing method and system
CN104253818A (en) Server and terminal authentication method, server, terminal
CN107517180B (en) Login method and device
CN111931188A (en) Vulnerability testing method and system under login scene
CN104618356B (en) Auth method and device
CN114499951A (en) Identity authentication information cracking method and device and electronic equipment
CN106713242A (en) Data request processing method and device
CN107580002A (en) Double factor authentication safety management machine login system and method
CN108259436B (en) User identity authentication processing method, application server and authentication system server
CN105207777A (en) Network information verification method and apparatus
CN113836509B (en) Information acquisition method, device, electronic equipment and storage medium
CN115243256A (en) Gateway dynamic login method and device
CN114727276A (en) Method and system for determining account information in user non-login state

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination