Scribd
Upload
84 views3 pages

Bruteforce and Password Cracking

This document outlines the process of brute force password cracking on a remote host, including finding the host's IP address via ping sweep, using Nmap to check for open ports like SSH and telnet, using Hydra to find valid credentials for those services, accessing password and shadow files after logging in via SSH, copying those files locally and cracking the hashes with John the Ripper using a default password wordlist to recover passwords.

Uploaded by

contact
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
84 views3 pages

Bruteforce and Password Cracking

This document outlines the process of brute force password cracking on a remote host, including finding the host's IP address via ping sweep, using Nmap to check for open ports like SSH and telnet, using Hydra to find valid credentials for those services, accessing password and shadow files after logging in via SSH, copying those files locally and cracking the hashes with John the Ripper using a default password wordlist to recover passwords.

Uploaded by

contact
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

Bruteforce and Password Cracking

First, we need to find the ip address of the active host. For that, let's first find our ip.

We can find that the network address is 192.168.99.0/24 from this. Let's do a ping sweep and find any alive hosts.

We found our host. Let's do an nmap scan to check for open ports.

We know ssh and telnet is open. We can use hydra to find valid credentials for both services.

We found ssh credentials. Let's log in.

1/3
Now, we can access the /etc/passwd file.

We can also get the /etc/shadow file.

I copied both of these files to my local machine. Let's unshadow the passwd file and save it to a hashes file.

We can check the content of hashes file.

Now, let's use john to crack these hashes.


2/3
We got almost all of the hashes cracked using John's password.lst wordlist.

3/3

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy