Password Attacks | Academy

Can anybody give me a hint to Password/reuse/Default passwords chapter where I need to find mySQL credentials? I’m able to login as sam. Tried variations of sam and mutation variants of sam ssh password using hydra and ssh pivoting.

1 Like

You just need to use google a little, the answer is hidden on the surface

Hey man in the future its the same lol i am having same problems as you any hints?

hey bro did you find the pass for mysql i am stuck in the same problem

Make sure to read the module thoroughly.

thanks i did get everything now stuck at easy lab tired all the users from the inlane website even root no luck idk if i am using the wrong pass list or anything else am i missing any new perspective on this??

Unfortunately, you just need to be patient. The default resources given work for easy lab. Increase your threads in Hydra. You’ll get it eventually. dm if you need more help.

Thank you for your hint.
I m in the machine with kira’s account… But can you give me a hint for the Will’s password ?
I try everything but still can’t find this information.
I found a Notes.zip but to unzip we need a password.
I found also a shadow.bak file but we can’t read it.

3 Likes

Well… it looks like I am in the same boat as everyone else. The password mutations in particular I am getting nowhere with. I see a lot of helpful hints in here. However, when I try to use hydra to guess the password I get disconnected pretty quickly, within a few minutes, I then have to reset the target and start again. Did anyone else experience this? I found the same thing on the next module (password reuse/default). I skipped those two and seem to have an OK connection for the AD, LASS, SAM etc modules. Can anyone help me figure out what I am doing wrong? Thank you!

Hello,

I am also currently stuck at “Password Mutations” and couldn’t come up with a successful approach.
I ran two different bruteforce attacks with Hydra:

  • Using the custom.rule file from the resources section and applying these mutations on the password.list file
  • Crawling the inlanefreight.com website using cewl to create a second password list and also mutating it with custom.rule

Some folks here dropped hints regarding password complexity. Where can I find that information? At the moment, the bruteforce approach takes way too much time…

Hey man,
can you give me more hint the for this lab “Credential Hunting in Linux”
I try everything but can’t find the password of Will.

1 Like

You have to be logged in with kira credentials, then you have to crack an application. Don’t bother with bruteforce

Let me know if you get anything, I have been fighting that section for days now…

Yes, I finally got it using method 1 and 64 threads in hydra. Took me about 40 minutes in Pwnbox.
I didn’t have any issue with connection resets though. Maybe you try resetting your VPN one more time.

ok thanks, maybe ill try PWN box, I was using VPN with Kali.

What do you mean by method 1? Thank you.

■■■ who have troubles with choosing lists, just check RESOURCES on the top of the page, there will be username.list and password.list, and then this tasks will be made just in 15 minutes)))

which section are your referring to? I did this on the password mutations section and have yet to get the password for the question. However as I stated above I get a disconnect/timeout about every 20 or so attempts when trying to brute force ssh. I have other issues using the PWNBOX currently the pwnbox won’t even ping the target and keeps shrinking the screen so small its not usable…
I have about had it with this module and would love some help here. Thanks!

I seem to have the pwnbox working ok finally, it does not do this disconnect like I was running into with the VPN, so fingers crossed I can actually complete this challenge here soon…

1 Like

Hi, what application I have to crack ?
I can log in with kira. BUT Nothing interesting there !

A browser

1 Like