My head explose now !!! @PaoloCMP
now I have to find a passowrd for the profile ???
WHAT THE ■■■■ THIS LAB ???
WE ARE IN ACADEMY ! THIS IS VERY HARD FOR THE NEWBIE
1 Like
Ok… on Password Mutations
I have created a mutated list with the resources as the question and module tells me too.
hashcat --force password.list -r custom.rule --stdout | sort -u > mut_password.list
I then used hydra on the FTP service with -o to a file and ran through the entire list. Which takes forever since I can’t do it in one shot. However I did not get a hit with sam as the username and the mutated list as the password.
hydra -l sam -P mut_password.list -V -t64 -o out.txt ftp://10.129.112.164
For the love of Pete can someone help me?
Do I really have to do this with SSH (it is super slow trying SSH) with the entire list?
Edit: soon after this post I got it. I tried again using the method with awk to sort out smaller words from the wordlist, as was hinted at above. I sorted the wordlist by numbers greater than 8,9,10 etc… The amount of frustration this brought me!.. And I was able to use FTP as also hinted at above… yarghh!
2 Likes
man, this module is bullshit !
I understand your frustration ! It’s almost a month I blocked in the Password Attacks module !!!
3 Likes
Hey guys,
How can I login with Kira, I am using the password indicated in the hint throught ssh, ftp and smb but nothing works. In smb the access to SHARE in denied.
I also have tried to brute force ssh using kira and the wordlist that can be found in resources but it does not work
Should I use mutations with the password indicated in the hint?
Thank you in advance
Here the password. I dont give a ■■■■ about this ■■■■ module !!! I wasted a lot of time for nothing interesting !
L
0
v
e
y
0
u
1
!
OOK ?
5 Likes
Here the password. I dont give a ■■■■ about this ■■■■ module !!! I wasted a lot of time for nothing interesting !
L
0
v
e
y
0
u
1
!
OOK ?
2 Likes
yes
If the connection wasn’t so bad I might not be so frustrated. Even on the next section with Mysql I am pretty much watching paint dry with the PWN box or with VPN. It is definitely extremely frustrating! I can type a command or two, then sit here and wait 5 minutes for anything to happen…
This is after I connect with sam via ssh… 
Thank you
Hi guys! Can you give me some tips on the mysql part? I’ve tried almost everything, googled 3306 and 33060, looked through all mysql, mysqld and mysqlx files, I also tried going through all the existing default credentials (with and without rules). I don’t know what else I can do. I have access to the user sam and k.
this is the best hint, thank you very much.
After your hint i switched to the pwnbox and i solved it in about 30 minute. Thank you very much
Topic.: Password Attacks | Password Mutations
PWNBOX and PaoloCMP’s hint was the key for me as well. Pretty frustrating that the VPN wouldn’t work. 
Hi man,
I try to attack the Browsers with firefox_decrypt and laZagne.py
For firefox_decrypt, It ask me for a master password. I can’t go so far cause I dont know how to bruteforce this password.
For laZagne.py, it find nothing.
Other hint ?
I did it right now. Logged in as kira, firefox_decrypt, second item and done. Have you downloaded the firefox_decrypt from github?
Hmm. I use firefox_decrypt-0.7.0 as recommand in github for python < 3.9
And it ask me for the master password…
I retry right now, same error. wtf
Oh ■■■■ I got it !
I wast time to find master password of firefox or try with other solution (like lazagne.py) , but the solution is very simple. There is no password protection for firefox !!!
I just hit enter…
Thank you very much for your hint and your time 
Any luck on this? I am still fighting it as well, mainly due to the fact that when I connect via ssh to the mysql box it keeps hanging and I can get any work done…
Still the same, how about you?
I pray to God, help me with the chapter on “Password Reuse / Default Passwords”!
1 Like
It’s easier than it seems. Nothing to crack, look at the github DefaultCreds-Cheat-Sheet for what you are looking for