HTB Academy - Service Authentication Brute Forcing

Hello, I am just looking for a bit of clarification on this section. Are we supposed to make our username / password for the box using Bill Gates like in the example shown above the question? Or are we using common usernames/password lists for hydra? The question isn’t so clear on this.

Thanks!

–FIGURED IT OUT

Type your comment> @0xc0pper said:

Hello, I am just looking for a bit of clarification on this section. Are we supposed to make our username / password for the box using Bill Gates like in the example shown above the question? Or are we using common usernames/password lists for hydra? The question isn’t so clear on this.

Thanks!

–FIGURED IT OUT

Hello, could you give a little help? Ive used /opt/useful/SecLists/Passwords/Default-Credentials/ssh-betterdefaultpasslist.txt for passwords of “b.gates” and rockyou-10 also but got nothing

.

I’m confused too. When you start reading the module it seems there’s no other information other than an IP and a Port number…

Yep, I have the same question too. Not sure if we have to use same dictionary generated in previous sections “William.txt” or generate ours with different words. Not clear. Nowhere to enumerate.

I recall that you should use the william.txt as wordlist

Hi,
On friday I was working on this assesment. It was completely unsuccesful. The issue was a definition problem. HTB should explain better their assesments. When they say employee I thought it was an employee from the previous lessons. But they actually talk about the previous assesment. So, the assesments are actually conencted. The same situation that old starting point (which also was unexplained). So, once I find out this (thaks to a tip) I solve the assesment in 5 minutes. So, williams.txt is a wrong choice, I guess :slight_smile:

I’ve also been stuck on “LOGIN BRUTE FORCING - Skills Assessment - Website”… which user or password list to take or generate. Do you have a tip?

u did it? im stuck :confused:

i did it

hei, could someone here please give me some directions? when I ssh’d using b.gates credentials, I did a cat of the /etc/passwd and there is also a m.gates user. so I have generated also a cupp file for her and used sed to fit the policy… but still no joy… am I at least on the right path? since this is learning, it would be helpful to have some guidelines on how long should the task take…

Did you find out? I am also stuck there…

For clarification you will need the information generated in the section before this “Personalized Wordlists”

Tried making a word list with Firstname Bill and surname Gates and even his birthday and partner Melinda but does not work… Which wordlist to use???

HINTS:

  1. Just like in the course: Create Personalized Password Wordlist for the given person: Bill Gates, use cupp
  2. Just like in the course: Create Personalized Username Wordlist for the given person: Bill Gates, use username-anarchy

yes right and then it takes 142 hours to finish…

this solution worked for me :slight_smile:
1- delete the old file williams.txt
2- create another one using the same " cupp -i "
3- make sure to execute the same password policies (sed -ri…) with copy pasting exactly the same commands, (for me this was the main problem, i have deleted some password by misstyping the commands)
4- try the command :

hydra -l b.gates -P william.txt -u -f ssh://xx.xx.xx.xx:xx -t 4 -I

by those steps i takes around 15 seconds to find the password.

gooood luck … :grin:

1 Like

For this one make sure to follow along with the previous sections to make your own password and username text files (dont forget to use the ‘sed’ commands to cut your file size to an appropriate size). One thing I goofed up on was when using the ftp password check was…use the ip in the command, youll see.