If anyone has done this module stuck on password attacks module section " Passwd, Shadow & Opasswd"
question “Examine the target using the credentials from the user Will and find out the password of the root. Then, submit the password as the answer.”
I cant get any access to the shadow file which has the root hash. Anyone got a hint on how to complete this section?
Still need help? Just finished this one today, it’s a right pain. make sure you’ve done the last task ok, login as Will, check for hidden files in someone’s home directory… then look at how to get rid of shadows section (Y)
Yes I did finish this section still working on the very last hard assessment.
i cant crack unshadowed hash using hashcat - 1800 and rockyou.please give me some hint .should i need to change any output of unshaowed file
Hi @paveenbablu don’t use rockyou.txt use HTB’s files from the resources tab - https://academy.hackthebox.com/storage/resources/Password-Attacks.zip . I managed to find the answer, using these files, mutate the files and hashcat. Hope that helps. The questions are not very clear which files to use.
@cheekychimp did me a solid!
I got the password and shadow files, transferred it to my kali machine and when I’m trying to unshadow them. I’m not getting the hashes. I don’t know what is wrong. Any help is much appreciated.
Update: Got the answer.
hashcat is not cracking the root hash I’m using the list from resources /mutated but hashcat is exhausted not finding the password
what can I help you with?
Can anyone assist with this? I have the s** user creds?
there is a hidden backupfile in will home folder but everything else you need to do should be outlined in the section
hint: If you’re stuck, look for .something hidden in plain sight and use the provided resources like your mutated password.list from earlier in the module.
Backups always a good Idear
I’m stuck here as well, how did you solve this problem?