i am unable to crack the hash that i obtained from the u****.php. i have used several online services as well as hashcat and its turning into a time suck. any tips would be greatly appreciated.
I’ve found a hash for h***. I can’t seem to crack it with john or hashcat. They just finish immediately. Should I be using a non standard wordlist?
Hey. I assume that you got the hash from appropriate version of bludit from the initial shell.
Once you got the hash, i suggest you to analyze the type of hashing used with the below link. Hash Analyzer - TunnelsUP
Then use John or Hashcat to perform cracking based on the hash format you got from the above link.
John/Hashcat will crack it against rockyou.txt.
You can get the rockyou.txt file in here https://github.com/finnfassnacht/rockyou.txt
If not worked out, then you can use the below link to crack the hash without mentioning the has format.
(**Note this link will work only for very commonly used passwords.) http://www.hashes.com
Hope this will help you out.
Good luck.
I’ve already cracked with john and it seems didn’t get the right password. I’m still investigate it what’s wrong with the format.
i am unable to crack the hash that i obtained from the u****.php. i have used several online services as well as hashcat and its turning into a time suck. any tips would be greatly appreciated.
Are you 100% sure you have a hash that is crackable? For example, are you able to match it to an account on the system you want to use it against?
I’ve found a hash for h***. I can’t seem to crack it with john or hashcat. They just finish immediately. Should I be using a non standard wordlist?
Hey. I assume that you got the hash from appropriate version of bludit from the initial shell.
Once you got the hash, i suggest you to analyze the type of hashing used with the below link. Hash Analyzer - TunnelsUP
Then use John or Hashcat to perform cracking based on the hash format you got from the above link.
John/Hashcat will crack it against rockyou.txt.
You can get the rockyou.txt file in here https://github.com/finnfassnacht/rockyou.txt
If not worked out, then you can use the below link to crack the hash without mentioning the has format.
(**Note this link will work only for very commonly used passwords.) http://www.hashes.com
Hope this will help you out.
Good luck.
I’ve already cracked with john and it seems didn’t get the right password. I’m still investigate it what’s wrong with the format.
I’ve already rooted this box. Got a clue from the box maker. Thanks @egotisticalSW for the box and the clue.
I’m stuggling with the initial foothold i guess i have the username (which is really common for the management page). I tried to bruteforce the password with no result…
I need some help (in DM) for privilege escalation.
I’m stuck on www-data user.
I used LinEnum and LinPeas to look for some clues but I didn’t find anything.
I searched for zip and backup file … nothing.
I searched for (valid) passwords in text files … nothing.
I searched on Google for “Ubuntu 19.10 privilege escalation”, I found something about sudo but it’s not applicable.
Thanks in advance
[EDIT]
Uhm … I haven’t tried the bruteforce of the u*****. php file yet … my next step
Scripts didn’t help me, when I was rooting the box> @BIGGYBBQ said:
Hi,
I’m stuggling with the initial foothold i guess i have the username (which is really common for the management page). I tried to bruteforce the password with no result…
I’ve found a hash for h***. I can’t seem to crack it with john or hashcat. They just finish immediately. Should I be using a non standard wordlist?
Hey. I assume that you got the hash from appropriate version of bludit from the initial shell.
Once you got the hash, i suggest you to analyze the type of hashing used with the below link. Hash Analyzer - TunnelsUP
Then use John or Hashcat to perform cracking based on the hash format you got from the above link.
John/Hashcat will crack it against rockyou.txt.
You can get the rockyou.txt file in here https://github.com/finnfassnacht/rockyou.txt
If not worked out, then you can use the below link to crack the hash without mentioning the has format.
(**Note this link will work only for very commonly used passwords.) http://www.hashes.com
Hope this will help you out.
Good luck.
m doing it with hashcat (s**1 -algorithm)…still it terminates as soon as i start it!
and the websites you mentioned couldnt guess it!
anything else i should try?!!
you sure its in rockyou?
@in3vitab13 did you try “–force” ? Also, can anyone help me with the username I’m lost? I think I have tried all the ones I can think of with a cool list of words. Any help would be appreciated.
I need some help (in DM) for privilege escalation.
I’m stuck on www-data user.
I used LinEnum and LinPeas to look for some clues but I didn’t find anything.
I searched for zip and backup file … nothing.
I searched for (valid) passwords in text files … nothing.
I searched on Google for “Ubuntu 19.10 privilege escalation”, I found something about sudo but it’s not applicable.
In very general terms manual enumeration is much better than scripts.
Thanks in advance
[EDIT]
Uhm … I haven’t tried the bruteforce of the u*****. php file yet … my next step
As a rule of thumb for HTB, if it doesn’t crack quickly it might not be the right thing. For attacks like this, try to have an idea of what account you are looking for and a reason to think it should be active on the machine.
m doing it with hashcat (s**1 -algorithm)…still it terminates as soon as i start it!
and the websites you mentioned couldnt guess it!
anything else i should try?!!
you sure its in rockyou?
I don’t think it is in the default rockyou, but I could be wrong. If you have the right thing, there is an online tool which solves this for you in seconds.
If you have the wrong thing, you could spend months on this. If you are in any doubt, check you have a good reason to think the thing you have will work.
I’m stuggling with the initial foothold i guess i have the username (which is really common for the management page). I tried to bruteforce the password with no result…