Password Attacks | Academy

Thank you! Whatever my connection issue is on these two modules is hindering my ability to think, clearly!
:man_facepalming: :man_facepalming: :man_facepalming: :man_facepalming:

Did you get this? Can someone give me a hint on the linux credential hunting? I logged in as kira, I see firefox installed but the method in the module does not work, or maybe I am doing something wrong? I found a password protected .zip file but when I try cracking it, it unpacks as a corrupted .txt file.

Ok I found a logins.json file but the username and password are encrypted…
When I try to use the firefox_decrypt I can decrypt my passwords on my local machine but when I point it at the directory with logins.json from the box I get an error
ERROR - Couldn’t initialize NSS, maybe ‘directory/’ is not a valid profile?

Ok, I got it what a pain! I had to scp the entire directory to my machine and then I could decrypt it.

Once you are logged a kira and found the firefox stored credentials you can crack them using the method of the module, just ensure to use python3.9 or firefox_decrypt will not work well

1 Like

Can anyone help me with the Password Attacks Lab - Hard? I have found the NTLM hash of Administrator 500 but I can’t connect with this account and read the flag.txt.
What I can do ?

MySQL is the name of the service. Took me 3 weeks of learning hashcat, docker, and mysql, then this forum. Everything you need to solve this one ( Password Reuse / Default Passwords) is on the same page (Password Reuse / Default Passwords).

Once you crack the Administrator hash you should be able to use xfreerdp to connect and read the flag.txt

What does this mean? I am stuck on enumerating the users. Where do I get the device and country?