πPassword Attacks
Username Custom Wordlist
Username list can be made with username-anarchy
ruby username-anarchy/username-anarchy -i username.txt -f flast,f.last,first.last,last.firstBruteforcing WebApps
When a website needs to be bruteforced with login use cewl to make a wordlist:
cewl http://postfish.off/team.html -m 5 -w team.txt Then use it with hydra
Normal:
hydra -l user -P /usr/share/wordlists/rockyou.txt <o[> http-post-form "/index.php:fm_usr=user&fm_pwd=^PASS^:Login failed. Invalid"Here Login failed. Invalid is the string it greps for to know the login is not successful.
fm_user is the parameter
Base64:
hydra -I -f -L custom-wordlist.txt -P custom-wordlist.txt 'http-post-form://192.168.227.61:8081/:username=^USER64^&password=^PASS64^JohnTheRipper
To crack a hash:
john --format=sha256 hashes_to_crack.txtTool
Description
pdf2john
Converts PDF documents for John
ssh2john
Converts SSH private keys for John
mscash2john
Converts MS Cash hashes for John
keychain2john
Converts OS X keychain files for John
rar2john
Converts RAR archives for John
pfx2john
Converts PKCS#12 files for John
truecrypt_volume2john
Converts TrueCrypt volumes for John
keepass2john
Converts KeePass databases for John
vncpcap2john
Converts VNC PCAP files for John
putty2john
Converts PuTTY private keys for John
zip2john
Converts ZIP archives for John
hccap2john
Converts WPA/WPA2 handshake captures for John
office2john
Converts MS Office documents for John
wpa2john
Converts WPA/WPA2 handshakes for John
To mutate the password:
hashcat --force password.list -r custom.rule --stdout | sort -u > mut_password.listIf /etc/passwd file is editable then delete the "x" in it
Algorithm Types
$1$β MD5$2a$β Blowfish$2y$β Eksblowfish$5$β SHA-256$6$β SHA-512
\
Last updated
Was this helpful?