在很多情況下，我們需要進(jìn)行各種各樣的分析工作，這里為大家介紹一款密碼分析工具——Pipal。

Pipal是一款密碼分析工具，功能主要是進(jìn)行密碼合集文件分析。說白了，就是對拿到的褲子中的密碼進(jìn)行特征分析，找出其中的“各種最”，你沒看錯，這個東西功能就是這么簡單。。不過，工具的分析的速度還是很快的，同時也會從各個方面給出相應(yīng)的分析結(jié)果。工具是作者為了滿足自己和朋友的需要寫的，現(xiàn)在被掛在了Git上面，這里我搬運(yùn)過來，希望能為大家?guī)韼椭?/p>

工具安裝

這個不用多說，git一下就好了：

git clone https://github.com/digininja/pipal.git /opt/pipal

運(yùn)行環(huán)境

Pipal是運(yùn)行在ruby下的，需要的ruby版本是1.9.x，其他環(huán)境會報錯無法運(yùn)行，這點需要大家注意一下。

簡要介紹

工具本身帶的參數(shù)不多，我們可以使用./pipal.rb -?來查看幫助界面：

可用選項不多，也很簡潔。只說一下里面的top參數(shù)。top參數(shù)指定在所分析的密碼文件中位于最高頻率的前N位，N即為top的參數(shù)，比如我們需要待分析的密碼文件中的頻率前50的密碼，我們可以使用:

./pipal.rb --top 50 exmple.file

默認(rèn)的top值為10.

使用很簡單，直接在命令后面跟上待分析的文件就可以了，比如我這里隨便分析一個文件

./pipal.rb 100W.txt

會顯示一個進(jìn)度條

分析的速度也是比較快的。我這里找了一個100W左右的文件作為示例(9.4M)，大約用了不到5分鐘的時間就給出了分析結(jié)果。

分析結(jié)果

root@linvex:/opt/pipal# ./pipal.rb 100W.TXT
Generating stats, hit CTRL-C to finish early and dump stats on words already processed.
Please wait...
Processing:    100% |ooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo| Time: 00:03:54
Basic Results
Total entries = 1000001
Total unique entries = 999754
Top 10 passwords
palaeodendrologi = 4 (0.0%)
palaeodictyopter = 4 (0.0%)
microspectroscop = 3 (0.0%)
hypsibrachycepha = 3 (0.0%)
hypsidolichoceph = 3 (0.0%)
hypsistenocephal = 3 (0.0%)
labyrinthibranch = 3 (0.0%)
microcinematogra = 3 (0.0%)
hyperdolichoceph = 3 (0.0%)
nonrepresentatio = 3 (0.0%)
Top 10 base words
ghjkl = 635 (0.06%)
guest = 379 (0.04%)
pass = 378 (0.04%)
love = 378 (0.04%)
info = 378 (0.04%)
happy = 378 (0.04%)
lady = 378 (0.04%)
moon = 378 (0.04%)
money = 378 (0.04%)
lucky = 378 (0.04%)
Password length (length ordered)
1 = 1 (0.0%)
2 = 38 (0.0%)
3 = 354 (0.04%)
4 = 1306 (0.13%)
5 = 30082 (3.01%)
6 = 49142 (4.91%)
7 = 54443 (5.44%)
8 = 206435 (20.64%)
9 = 286516 (28.65%)
10 = 325970 (32.6%)
11 = 19805 (1.98%)
12 = 14092 (1.41%)
13 = 4702 (0.47%)
14 = 3017 (0.3%)
15 = 1897 (0.19%)
16 = 2201 (0.22%)
Password length (count ordered)
10 = 325970 (32.6%)
9 = 286516 (28.65%)
8 = 206435 (20.64%)
7 = 54443 (5.44%)
6 = 49142 (4.91%)
5 = 30082 (3.01%)
11 = 19805 (1.98%)
12 = 14092 (1.41%)
13 = 4702 (0.47%)
14 = 3017 (0.3%)
16 = 2201 (0.22%)
15 = 1897 (0.19%)
4 = 1306 (0.13%)
3 = 354 (0.04%)
2 = 38 (0.0%)
1 = 1 (0.0%)
          |                                                             
         ||                                                             
         ||                                                             
         ||                                                             
         ||                                                             
        |||                                                             
        |||                                                             
        |||                                                             
        |||                                                             
        |||                                                             
        |||                                                             
        |||                                                             
        |||                                                             
      |||||                                                             
     ||||||                                                             
|||||||||||||||||                                                       
00000000001111111
01234567890123456
One to six characters = 80923 (8.09%)
One to eight characters = 341801 (34.18'%)
More than eight characters = 658200 (65.82%)
Only lowercase alpha = 819102 (81.91%)
Only uppercase alpha = 0 (0.0%)
Only alpha = 819102 (81.91%)
Only numeric = 0 (0.0%)
First capital last symbol = 0 (0.0%)
First capital last number = 0 (0.0%)
Single digit on the end = 6178 (0.62%)
Two digits on the end = 10472 (1.05%)
Three digits on the end = 45573 (4.56%)
……SNIP……
        |                                                               
        |                                                               
        |                                                               
        |                                                               
        |                                                               
        |                                                               
|       |                                                               
|       |                                                               
|  |    |                                                               
|| |    ||                                                              
||||  ||||                                                              
||||||||||                                                              
||||||||||                                                              
||||||||||                                                              
||||||||||                                                              
||||||||||                                                              
0123456789
……SNIP……

根據(jù)上面的回顯我們大體就可以看出分析結(jié)果中所包含的部分，主要有密碼頻率TOP N，詞語頻率TOP N，密碼長度頻率分析(同時從序列和排名兩項給出)，更加創(chuàng)新的在terminal中給出了一個圖形化的分析(這點可是讓作者本人十分自豪的說)，等等還有很多，大家可以自行挖掘。

最后放上git地址，防止有人問我為什么不給下載鏈接：https://github.com/digininja/pipal/