Password Attacks Lab - Easy | Password Attacks

Good evening,
I need some help with this exercise.

What i already did:
Nmap scans that shows that port 21 ftp and port 22 ssh are open.
Because of de hole Module i tried to brute force the two port with rockyou and with the sources we got from the module. But nothing work.
What i also tried is to anonymous login on ftp and s ftp but it didn’t work.

I hope someone can direct me into the right direction

You have received two lists in the module.
Try it with this lists

Thank you very much. Any tips for the hard one ?
crackmapexec Winrm Scann
winrm
Johanna:password.list –
johanna:password.list –
user.list:password.list
johanna:/usr/share/wordlists/fasttrack.txt –
Johanna:/usr/share/wordlists/fasttrack.txt –
wsman:/usr/share/wordlists/fasttrack.txt –

smb
Johanna:password.list –
johanna:password.list –
username.list:password.list –
Johanna:/usr/share/wordlists/fasttrack.txt –
johanna:/usr/share/wordlists/fasttrack.txt –
wsman:/usr/share/wordlists/fasttrack.txt –
johanna:mut_password.curtorm.list

i tried a lot of wordlists.

Edit.: I found the password for johanna, but i have problems to download the L****.k*** file

I have tried to solve the easy lab using the lists, but i get nothing near the answer

I also used the custom.rule to mutate the password, but still I got nothing

1 Like

Hello, I struggle on this one for days, I used the lists provided as resources, can someone help me pass this easy lab?

DM me if you still need help

Hello. I can’t connect via ssh . Found credits from ftp. downloaded the encrypted key. hacked it. pass ******7 . but when connected, it writes the wrong phrase. what am I doing wrong?

Remember that the SSH key always belongs to a user.

thanks but that didn’t get me closer to an answer. I’m trying to connect with the user m**e and root tried too. I do not accept the passphrase from the key.

Or do I need to look for other users?

Guys I need some help please, I read all the posts but I can’t get past the Password attacks - Easy Lab… I 've done the mutation. sorted it unique, grep the ones with 10+chars, tried for the s user and the k user on the F** port but still no luck, maybe I am missing something… Thanks!

username.list
password.list
chmod 400 id_rsa

1 Like