@onlyamedic said:
not sure if someone is messing with the box, but I’ve ran hydra + rockyou + some other pw wordlists on the 2nd to last high port with a list of potential usernames (including the users with sa*** & su**** + a bunch of “default” accounts). Can’t auth to anything. Am I missing something?
This box is terrible in every way. I have everything I need and know the way to root, I just can’t do it because I need a powerful machine to crack that hash!
I recommend resetting the machine before you attempt to access the user accounts. People kept changing the password when I was doing it & caused me to second guess myself for a long time.
@ZaYoOoD said:
This box is terrible in every way. I have everything I need and know the way to root, I just can’t do it because I need a powerful machine to crack that hash!
Really not worth the time for 20 poinp.
possibly not using the correct tool and word list. i am able to crack the hash in some time with 4 GB of VM.
@ZaYoOoD said:
This box is terrible in every way. I have everything I need and know the way to root, I just can’t do it because I need a powerful machine to crack that hash!
Really not worth the time for 20 poinp.
I think you need to look at the tools you’re using, or how you use the tools maybe provide different wordlists? I cracked the hashes in 32.2 seconds on a VM
@ZaYoOoD said:
This box is terrible in every way. I have everything I need and know the way to root, I just can’t do it because I need a powerful machine to crack that hash!
Really not worth the time for 20 poinp.
I think you need to look at the tools you’re using, or how you use the tools maybe provide different wordlists? I cracked the hashes in 32.2 seconds on a VM
I tried using John, it returned the pass I knew, and the other one it didn’t.
I tried using hashcat, but I keep getting segmentation errors, even though I tried on 3 different machines.
@ZaYoOoD said:
This box is terrible in every way. I have everything I need and know the way to root, I just can’t do it because I need a powerful machine to crack that hash!
Really not worth the time for 20 poinp.
I think you need to look at the tools you’re using, or how you use the tools maybe provide different wordlists? I cracked the hashes in 32.2 seconds on a VM
I tried using John, it returned the pass I knew, and the other one it didn’t.
I tried using hashcat, but I keep getting segmentation errors, even though I tried on 3 different machines.
I ended up creating a new Windows VM, installing hashcat on it, and then I was able to crack the hash, on which I’ve been stuck for a week
After that I got root in no time…
I think there’re at least 3-4 ways to get root on this machine once you have the other user.
@ZaYoOoD said:
This box is terrible in every way. I have everything I need and know the way to root, I just can’t do it because I need a powerful machine to crack that hash!
Really not worth the time for 20 poinp.
I think you need to look at the tools you’re using, or how you use the tools maybe provide different wordlists? I cracked the hashes in 32.2 seconds on a VM
I tried using John, it returned the pass I knew, and the other one it didn’t.
I tried using hashcat, but I keep getting segmentation errors, even though I tried on 3 different machines.
I ended up creating a new Windows VM, installing hashcat on it, and then I was able to crack the hash, on which I’ve been stuck for a week
After that I got root in no time…
I think there’re at least 3-4 ways to get root on this machine once you have the other user.
@ZaYoOoD said:
This box is terrible in every way. I have everything I need and know the way to root, I just can’t do it because I need a powerful machine to crack that hash!
Really not worth the time for 20 poinp.
I think you need to look at the tools you’re using, or how you use the tools maybe provide different wordlists? I cracked the hashes in 32.2 seconds on a VM
I tried using John, it returned the pass I knew, and the other one it didn’t.
I tried using hashcat, but I keep getting segmentation errors, even though I tried on 3 different machines.
I ended up creating a new Windows VM, installing hashcat on it, and then I was able to crack the hash, on which I’ve been stuck for a week
After that I got root in no time…
I think there’re at least 3-4 ways to get root on this machine once you have the other user.
Thanks, but it aint helped
you’re on the right track…
Like I said, if it doesn’t work on your machine just try another to crack it…
But don’t use Hydra… use another…
@J3rryBl4nks said:
Is Hashcat the right tool? I am worried I am using the wrong hash number for cracking.
Any hash-cracker should work really as long as it supports the hash type. Do some research on what kind of hashes are stored in the file you found and then to hashcat --help | grep -i "<your-hash-type" to find the correlating number for hashcat.
If this still doesn’t give you any result, try another wordlist or even reset the box and pull the file contents before someone can ■■■■ them up.
can you stop fucking up the system? etc passwd is empty and I’m trying to solve the challenge. I’m believing whoever said here no exploits needed and taking my time to look around…
Guys. If you’re struggling to crack the hash your syntax for the tools are wrong. You can crack this hash in 30-90 seconds with the correct syntax. You need to give the tools what they need.
The format of the hash.
The wordlists.
If you’ve used John. You can’t just run John as standard good old John some more info to go on