-
Notifications
You must be signed in to change notification settings - Fork 14
Other password crack
lethanhtung01011980 edited this page Jun 19, 2020
·
21 revisions
- To crack password of zip and rar files
- To extract hash
- And to use john to crack using wordlist
ls /usr/sbin/*john*
/usr/sbin/dmg2john /usr/sbin/john /usr/sbin/keyring2john /usr/sbin/putty2john /usr/sbin/rar2john
/usr/sbin/gpg2john /usr/sbin/keepass2john /usr/sbin/kwallet2john /usr/sbin/pwsafe2john /usr/sbin/ssh2john
/usr/sbin/hccap2john /usr/sbin/keychain2john /usr/sbin/pfx2john /usr/sbin/racf2john /usr/sbin/zip2john
For example
ssh2john id_rsa.key > hash
john hash --fork=25 -w=/usr/share/wordlists/rockyou.txt
john --show hash => id_rsa.key:gustateamo
- To convert binary to base64:
base64 keys.rar
- To convert back from base64 to binary:
echo UmFyIRoHAM+gApIEAAHJvb3RhdXRob3JpemVkc3Noa2V5LnB1YnI+qg+QiYZnpO86O3+rX46ki9CMd7+qCC09p9xDL5gF8Wgwc7mZK9wkiTpvXO4vmmM50barFVJi55jD3l9J8var5iMCb8+Lrpn2e79rXFKzktBJ2e3/cSLUZRSv33cQFk2+9b43PDDjUD6IQ6FVbjc72sy6/8bMu7k8MYtJWFRHsLTwIXi0ZMrd/vydVFq7vQiUPYbt7H0SscXY4crEf9ann9iQyl6V034tluMZ9VQ6DmkXk53ekSbb3/Ck5/1hb9qj2RpBQUNTW70fQIbDXjcOp+qKerl8cfpDdo7JDRZbmJBuYd5zgFEASKHrew3spqQ/gZrNO6m/VvI/ZUa6DTmqhguHYKC838c9JzzDmW52daeuPMZtdTz2B0Enz5eBdV2XLbofx6ZA3nIYco6DJMvU9NxOfaLgnTj/JWRVAgUjoEgQUdcyWDEWoDYh+ARbAfG+qyqRhF8ujgUqYWNbXY8FxMsrTPdcWGz8348OZsMWH9NS5S8/KeIoGZU1YhfpP/6so4ihWCnWxD17AEAHAA== | base64 -d > keys.rar
- cd /usr/share/wordlists
- gunzip rockyou.txt.gz
- fcrackzip -u -D -p '/usr/share/wordlists/rockyou.txt' bank-account.zip
- unzip bank-account.zip
rar2john keys.rar > keys.hash
-
john --wordlist=jail-wlist.txt keys.hash
ORjohn --format=rar --wordlist=jail-wlist.txt keys.hash
john --show keys.hash
- To unrar: unrar x keys.rar
To install in Kali
-
git clone https://github.com/Ganapati/RsaCtfTool.git
-
cd RsaCtfTool
-
sudo apt-get install libgmp3-dev libmpc-dev
-
apt-get install python3-venv
-
python3 -m venv .
-
. bin/activate
-
apt-get install python3-dev
-
pip install -r "requirements.txt"
-
python RsaCtfTool.py --publickey ../rootauthorizedsshkey.pub --private > root.key
-
chmod 600 root.key
-
ssh root@victim-ip -i root.key
- To solve simple crypttogram: https://quipqiup.com/
- strings image.png
- apt-get install steghide
- steghide info htb2.jpg
- steghide extract -sf htb2.jpg
- S2VlcCBmb3JnZXR0aW5nIHBhc3N3b3JkIHNvIHRoaXMgd2lsbCBrZWVwIGl0IHNhZmUhDQpZMHVBSU50RzM3VGlOZ1RIIXNVemVyc1A0c3M=
- https://www.base64decode.org/