Post-Exploit Password Attacks

1. Crack using the tool - john (Too slow in real world)

Locate the rockyou file.

john --wordlist=/usr/share/wordlists/rockyou.txt windows

john --show windows

Conbine the files and save as unshadow.

john --rules --wordlist=/usr/share/wordlists/rockyou.txt unshadow

2.Using Hash craker on the Internet. (Suggested)

8846F7EAEE8FB117AD06BDD830B7586C

3. Use the tool  hashcat

On Kali Linux.(Too slow locally)

hashcat -m  /usr/share/wordlists/rockyou.txt unshadow --force

On Windows

hashcat64.exe -m 500 unshadow.txt rockyou.txt

Hash Craker Websites:

https://crackstation.net/

https://hashkiller.co.uk/

Tips: If it is hard to crack the password, do not waste time on it. Just skip it and find another way.

OSCP Learning Notes - Post Exploitation(3)的更多相关文章

  1. OSCP Learning Notes - Post Exploitation(2)

    Windows Post Exploitation Target Server: IE8-Win 7 VM 1. Download and upload the fgdump, PwDump7, wc ...

  2. OSCP Learning Notes - Post Exploitation(1)

    Linux Post Exploitation Target Sever: Kioptrix Level 1 1. Search the payloads types. msfvenom -l pay ...

  3. OSCP Learning Notes - Post Exploitation(4)

    Pivoting 1. Edit the virtual network settings of the Vmware. 2. Set the Network Adapter(s) of Kali L ...

  4. OSCP Learning Notes - WebApp Exploitation(5)

    Remote File Inclusion[RFI] Prepare: Download the DVWA from the following website and deploy it on yo ...

  5. OSCP Learning Notes - WebApp Exploitation(4)

    Local File Inclusion[LFI] Target Pentester Lab: Download from the following website: https://www.vul ...

  6. OSCP Learning Notes - WebApp Exploitation(3)

    SQL Injection[SQLi] Refrence: SQL Injection Authentication Bypass Cheat Sheet https://pentestlab.blo ...

  7. OSCP Learning Notes - WebApp Exploitation(2)

    Cross-Site Scripting(XSS) 1. Using the tool - netdiscover to find the IP of target server. netdiscov ...

  8. OSCP Learning Notes - WebApp Exploitation(1)

    Installing XSS&MySQL FILE Download the Pentester Lab: XSS and MySQL FILE from the following webs ...

  9. OSCP Learning Notes - Overview

    Prerequisites: Knowledge of scripting languages(Bash/Pyhon) Understanding of basic networking concep ...

随机推荐

  1. Latex 安装 教程

    需要安装texlive和编辑器texstudio. 安装教程如https://www.cnblogs.com/dingruihfut/p/9690073.html

  2. yii2.0AR两表联查

    首先,建两个关联表. 表一 -- Table structure for article -- ---------------------------- DROP TABLE IF EXISTS `a ...

  3. 微信小程序踩坑之前端问题处理篇

    近期完成了一个小程序,自己做的前后端开发.真是惨哭我了o(╥﹏╥)o,下面几点希望大家可以避雷. 首先,想先介绍一下我遇到问题的解决思路: 1.先在postman调试接口,看数据获取是否正常, 2.在 ...

  4. Python学习日志-03

    (3)如何运行程序 交互提示模式下编写代码: 最简单的运行Python程序的办法就是在Python交互命令行中输入这些程序.在cmd中输入python,不需要任何参数就可以进入Python交互命令行 ...

  5. MonoBehaviour.StartCoroutine开启协同程序

    StartCoroutine协同程序 StartCoroutine(IEnumerator) StartCoroutine(string methodName) StartCoroutine(stri ...

  6. 成为python程序员,对疫情过后的毕业生来说,真是一个不错的方向吗?

    Python最近几年,一直被炒得很火,这其中有商业因素,但更重要的是即将到来的人工智能时代,而python就恰好是最适合的编程语言. 所以无论是在职的人,还是在校的学生,都想着跟上这一趋势,但,在今年 ...

  7. C/C++语言的学习方向

    这个世界上有太多的坑,如果我们不具备查阅资料的能力和对现实世界的思考能力,入坑是大概率的事情. C/C++语言能做什么?C/C++程序员在做什么?企业需要什么样的C/C++程序员?对初学者来说,要搞清 ...

  8. ora-06502 ORA-06512问题解决

    Plsql报错:ORA-06502:PL/SQL:数字或值错误:字符串缓冲区太小  ORA-06512:等 这里网上常见解决方案是加大变量长度,但是我发现加大长度也没什么用,实际问题出在变量赋值上 例 ...

  9. CListCtrl 控件即使跟新数据,即时刷新以及属性设置

    用 m_CtrItem.Update( i );来即使跟新每行的数据,因为有时用某些函数如SetItemText()来设置某一行一列的数据是,控件上面的显示数据没有即使跟新,这是就有update来跟新 ...

  10. 【博弈】HDU - 5963 朋友

    题目 B君在围观一群男生和一群女生玩游戏,具体来说游戏是这样的: 给出一棵n个节点的树,这棵树的每条边有一个权值,这个权值只可能是0或1. 在一局游戏开始时,会确定一个节点作为根.接下来从女生开始,双 ...