A simple Go script to brute force or parse a password-protected PKCS#12 (PFX/P12) file.

Related tags

Security p12tool
Overview

P12tool

学习golang写的一个用来解析和爆破p12证书的小工具,代码写的有点戳,能用就行。

Usage


██████╗  ██╗██████╗ ████████╗ ██████╗  ██████╗ ██╗
██╔══██╗███║╚════██╗╚══██╔══╝██╔═══██╗██╔═══██╗██║
██████╔╝╚██║ █████╔╝   ██║   ██║   ██║██║   ██║██║
██╔═══╝  ██║██╔═══╝    ██║   ██║   ██║██║   ██║██║
██║      ██║███████╗   ██║   ╚██████╔╝╚██████╔╝███████╗
╚═╝      ╚═╝╚══════╝   ╚═╝    ╚═════╝  ╚═════╝ ╚══════╝

Version: dev (n/a) - 12/31/20 - Evi1cg

NAME:
   p12tool - A tool to parse p12 cert file or bruteforce attacks against cert password

USAGE:
   main [global options] command [command options] [arguments...]

AUTHOR:
   Evi1cg

COMMANDS:
   parse    Parse p12 file and print cert info
   crack    Crack p12 file password.
   help, h  Shows a list of commands or help for one command

GLOBAL OPTIONS:
   --cert value, -c value  The cert file you choice.
   --debug, -d             Debug mode. (default: false)
   --help, -h              show help (default: false)

crack

go run cmd/main.go crack -c file.pfx -f passwords.txt

可选: -t 指定线程,-d 开启debug模式,-o 将破解成功的密码输出至指定文件。

parse

go run cmd/main.go parse -c file.pfx -p password

对证书进行解析,输出证书信息,顺便输出是否可对程序进行签名,免去手动验证的烦恼。 ~~

2020年推得最后一个小工具,祝大家新年快乐!!

参考

You might also like...
Password generator written in Go

go-generate-password Password generator written in Go. Use as a library or as a CLI. Usage CLI go-generate-password can be used on the cli, just insta

Validate the Strength of a Password in Go
Validate the Strength of a Password in Go

go-password-validator Simple password validator using raw entropy values. Hit the project with a star if you find it useful ⭐ Supported by Qvault This

:key: Idiotproof golang password validation library inspired by Python's passlib

passlib for go Python's passlib is quite an amazing library. I'm not sure there's a password library in existence with more thought put into it, or wi

A convenience library for generating, comparing and inspecting password hashes using the scrypt KDF in Go 🔑

simple-scrypt simple-scrypt provides a convenience wrapper around Go's existing scrypt package that makes it easier to securely derive strong keys ("h

EarlyBird is a sensitive data detection tool capable of scanning source code repositories for clear text password violations, PII, outdated cryptography methods, key files and more.
EarlyBird is a sensitive data detection tool capable of scanning source code repositories for clear text password violations, PII, outdated cryptography methods, key files and more.

EarlyBird is a sensitive data detection tool capable of scanning source code repositories for clear text password violations, PII, outdated cryptograp

Secure Remote Password library for Go

go-srp NOTE: This is a port of node-srp to Go. I recommend reading their README for general information about the use of SRP. Installation go get gith

Not Yet Another Password Manager written in Go using libsodium

secrets Secure and simple passwords manager written in Go. It aims to be NYAPM (Not Yet Another Password Manager), but tries to be different from othe

password manager using age for encryption

page ====== password manager using age (https://age-encryption.org/) for encryption. encrypted secrets are files in the $PAGE_SECRETS/ directory that

Owner
Evi1cg
持一颗清静无为平淡心,宠辱不惊,来去不忧。
Evi1cg
ZipExec is a Proof-of-Concept (POC) tool to wrap binary-based tools into a password-protected zip file.

ZipExec ZipExec is a Proof-of-Concept (POC) tool to wrap binary-based tools into a password-protected zip file. This zip file is then base64 encoded i

Tylous 923 Oct 4, 2022
GoLang script that checks for password leaks by sending email address to the BreachDirectory API

GoLang script that checks for password leaks by sending email address to the BreachDirectory API

null 11 Feb 17, 2022
Program brute forcing the passphrase of a private key

Description This project provide a program brute forcing the passphrase of a private key (EC/RSA). ℹ️ This project was created to allow me to learn th

Dominique RIGHETTO 1 Oct 27, 2021
gup aka Get All Urls parameters to create wordlists for brute forcing parameters.

Description GUP is a tool to create wrodlists from the urls. Purpose The purpose of this tool is to create wordlists for brute forcing parameters. Ins

Chan Nyein Wai 14 Feb 25, 2022
A port scan and service weakpass brute tool build by golang.

A port scan and service weakpass brute tool build by golang.

M1ku 6 Aug 26, 2022
Simple password manager app in GO

Introduction This is my first project in Go, a password manager application. A humble attempt at execution of an idea I've had for some time now. The

Dhruv 12 Sep 13, 2022
A simple port scanner script.

A-simple-port-scanner Description: A basic port scanner which checks if a port is opened, closed, or filtered. This scanner can be improved in many wa

KUCH 0 Dec 18, 2021
A light package for generating and comparing password hashing with argon2 in Go

argon2-hashing argon2-hashing provides a light wrapper around Go's argon2 package. Argon2 was the winner of the Password Hashing Competition that make

Andrey Skurlatov 19 Sep 27, 2022
Argon2 password hashing package for go with constant time hash comparison

argon2pw Argon2 password hashing package with constant time hash comparison Preface: Argon2 was selected as the winner of the Password Hashing Competi

Raja Bhatia 88 Jun 26, 2022