Professional Documents
Culture Documents
Password Attacks Manual
Password Attacks Manual
This is a basic lab where you’ll get an overview of 3 password attack tools.
During this lab, understand the basic functioning of password attack tools with the help of
common use case scenarios.
https://medium.com/@JAlblas/tryhackme-john-the-ripper-walkthrough-75331d14748c
https://www.md5hashgenerator.com/
o
o
o
miscellaneous tasks
o cracking /etc/shadow hashes
unshadow [path to passwd file] [path to shadow
file] > unshadowed.txt
unshadow passwd shadow > unshadowed.txt
john --wordlist=/usr/share/wordlists/rockyou.txt --
format=sha512crypt unshadowed.txt
https://assume-breach.medium.com/hacking-tutorial-how-to-ssh-to-a-remote-system-with-
a-found-private-key-fbe521bf1efa
These are the main test case scenarios, we can modify these and create new scenarios if
required.
HYDRA
Use ip address of the Ubuntu vm as the target machine. Don’t do the HTTP page password attacks.
https://www.hackingarticles.in/a-detailed-guide-on-hydra/
https://medium.com/@jbtechmaven/password-cracking-with-hydra-in-kali-linux-e1ed9de14693
HASHCAT