NetSec

Ramblings of a NetSec addict

  • Ramblings
    • OSCP Review
    • OSCE Review
    • So you want to be a Hacker?
    • InfoSec Topics
  • Tutorials
    • Simple Buffer Overflows
    • Converting Metasploit Module to Stand Alone
  • Hacking Snippets
    • Basic Information
      • Spawning a TTY Shell
      • Finding Public Exploits
    • Metasploit
      • Creating Metasploit Payloads
    • Passwords
      • Cracking Network Passwords (Hydra)
      • Generating Wordlists
      • Identifying Hashes (Hash Identifier)
      • Cracking Hashes (oclHashcat)
      • Obtaining Windows Passwords
    • Privilege Escalation
      • Linux Privilege Escalation Scripts
    • Port Redirection
      • Port Redirection with Rinetd
      • Dynamic Port Forwarding (SSH)
      • Remote Port Forwarding (SSH)
      • Local Port Forwarding (SSH)
      • Port Forwarding with Metasploit
    • Tools
      • Netcat
  • OS Tips
    • Linux
      • Simple Linux Commands
    • Windows
      • Simple Windows Commands
    • Programs
      • Remote Desktop (rdesktop)
      • Fixing Metasploit Slow Search
      • Encoding / Decoding Base64
  • Programming
    • Python Snippets
      • Multi-Threaded Brute Forcer
      • Writing Shellcode to a File
    • Programs
  • Peach Pits
    • FTP
      • Fuzz Username / Password
      • Fuzz FTP Commands
  • Vulnerable VMs
    • Walkthroughs
      • pWnOS 2.0

Generating Wordlists

Peleus

Cracking passwords has two aspects that need to be considered when taking into account how likely it is to reveal the information you need. They are defined as follows:

  • Efficiency – The likelihood that your password set has the candidate password within it.
  • Power – How many attempts / guesses you can make per second, minute / random time frame.
  • With the increase in GPU crackers, oclHashcat being my favorite, a large emphasis has increasingly been put on power as opposed to efficiency. People suspect that because they can throw a wordlist of 1 billion entries against a hash that it’s the optimal solution. I’m not saying that you shouldn’t try it as your last resort, but perhaps there is a better way to put the odds in your favour.
    [Read more…]

    Filed Under: Passwords Tagged With: cewl, cracking, john, passwords, wordlist

    Multi-Threaded Brute Forcer

    Peleus

    Recently I undertook a challenge that needed attempt a brute force login on an application. I quickly wrote up a brute forcing script that took advantage of threads to increase the rate of attempts. This application is not usable ‘as is’ because of course you’ll need to modify and enter your own IP address and login syntax. Otherwise it should be useful as a template to threadify any tasks you wish to complete.

    The logic of the script is to read in a list of username and password values, then push the usernames onto a queue. Each username (handled by an individual thread) goes through and tests each of the passwords in the list against the application. If the text that appears in a failed login appears it will print the failed message, otherwise it will print login successful.
    [Read more…]

    Filed Under: Python Snippets Tagged With: brute force, passwords, python

    Obtaining Windows Passwords

    Peleus

    The windows passwords can be accessed in a number of different ways. The most common way would be via accessing the Security Accounts Manager (SAM) file and obtaining the system passwords in their hashed form with a number of different tools. Alternatively passwords can be read from memory which has the added benefit of recovering the passwords in plain text and avoiding the cracking requirement. In order to understand the formats you’ll see when dumping Windows system hashes a brief overview of the different storage formats is required.
    [Read more…]

    Filed Under: Passwords Tagged With: hacking, passwords, privilege escalation, windows

    Copyright © 2019 · Genesis Sample Theme on Genesis Framework · WordPress · Log in