-
Sites:
-
Using Hashcat:
-
-m
option is the kind of hash you are trying to break- Identify the kind of hash with hash identifier
- Also identify the kind of hash with hash-analyzer
- Also identify the kind of hash with: haiti or run:
-
Basic command:
haiti b16f211a8ad7f97778e5006c7cecdf31
-
Wordlists of hashes:
- SecLists
- tool: wordlistctl, for searching all leaked or composed wordlists (around 6300)
- Example usage:
wordlistctl search rockyou
- Download one you find:
sudo python3 wordlistctl.py fetch malenames-usa-top1000
- Example usage:
-
Tools:
- Rule mode: consists on using a wordlist by adding it some pattern or mangle the string. For example, adding the current year or appending a common special character
- Creating a custom rule for john:
- Command to extract necessary data of a wordlist and piping it to what we need:
- Examples with john
-
Ideas of mutation rules, of course several can be combined together.
-
Border mutationย - commonly used combinations of digits and special symbols can be added at the end or at the beginning, or both
-
Freak mutationย - letters are replaced with similarly looking special symbols
-
Case mutationย - the program checks all variations of uppercase/lowercase letters for any character
-
Order mutationย - character order is reversed
-
Repetition mutationย - the same group of characters are repeated several times
-
Vowels mutationย - vowels are omitted or capitalized
-
Strip mutationย - one or several characters are removed
-
Swap mutationย - some characters are swapped and change places
-
Duplicate mutationย - some characters are duplicated
-
Delimiter mutationย -ย delimiters are added between characters
-
Depending of your distribution, the John configuration may be located at
/etc/john/john.conf
and/or/usr/share/john/john.conf
. To locate the JtR install directory runlocate john.conf
, then createjohn-local.conf
in the same directory (in my case/usr/share/john/john-local.conf
) and create our rules in here. -
Add a new rule on the new john file:
-
Generate mutations on wordlists with Mentalist
-
Generate specific wordlists with Cewl
- Example cewl command:
cewl -d 2 -w $(pwd)/example.txt https://example.org
- The
-d
option is the depth (number of link level the spider will follow)
- Example cewl command:
-
Craft wordlists from scratch with TTPassGen
- Example command to create a wordlist containing all 4 digits PIN code value:
ttpassgen --rule '[?d]{4:4:*}' pin.txt
- Example command to generate a list of all lowercase chars combinations of length 1 to 3:
ttpassgen --rule '[?l]{1:3:*}' abc.txt
- Example to create a wordlist that is a combination of several wordlists (PIN +
-
+ letter):ttpassgen --dictlist 'pin.txt,abc.txt' --rule '$0[-]{1}$1' combination.txt
- Be warned combining wordlists quickly generated huge files, here combination.txt is 1.64 GB.
- Example command to create a wordlist containing all 4 digits PIN code value:
-
Use the tool lyricpass to download the lyrics of all the songs made by a group or musician.
- Example:
lyricpass.py -a "Adele"
- Example:
-
For stego challenges, if you do not find anything with common methods (like cracking with john or hashcat) try this web: md5hashing.net
Rooms
- Check the Thm Crack the Hash Level 2