Traverxec

Сredits of user d *** d in the htp **** d file is a rabbit hole ?

Type your comment> @stoffern said:

Can someone pm me how to crack creds. I know how to use them…

throw a hint how to use them…

Type your comment> @stoffern said:

Can someone pm me how to crack creds. I know how to use them…

use the most common wordlist wif the 2 top tools used to crack hashes… gpu vs cpu

Type your comment> @stoffern said:

Can someone pm me how to crack creds. I know how to use them…

search for john or hashcat

so anyone got past the creds?
and like to share some insights?

Type your comment> @stoffern said:

Can someone pm me how to crack creds. I know how to use them…

Can you give a hint on where to use them ?

got creds and initial shell, stuck at a brick wall now

I also need to crack the *ht*****d, but my friend john keeps guessing the format of the file to crack and in the end, it stops because it can’t guess the format.

Can anyone please PM me to get on the right track?

Type your comment> @D3Fix said:

I also need to crack the *ht*****d, but my friend john keeps guessing the format of the file to crack and in the end, it stops because it can’t guess the format.

Can anyone please PM me to get on the right track?

hashcat is your friend

Type your comment> @D3Fix said:

I also need to crack the *ht*****d, but my friend john keeps guessing the format of the file to crack and in the end, it stops because it can’t guess the format.

Can anyone please PM me to get on the right track?

use hash-identifier to identify and specify when u do john

hint for root pls(

The user is very simple!, now I work on the root. :smiley:

user is simple just read file

Type your comment> @rholas said:

user is simple just read file

What file? :slight_smile:

@idomino said:
Type your comment> @rholas said:

user is simple just read file

What file? :slight_smile:

I’m guessing the .ht******** file
Not sure what to do with cracked creds either :frowning:

Type your comment> @samdahacker said:

@idomino said:
Type your comment> @rholas said:

user is simple just read file

What file? :slight_smile:

I’m guessing the .ht******** file
Not sure what to do with cracked creds either :frowning:

I have that and the creds. But must be missing something super simple again.

I hate when I am missing super simple stuff.

d**** doesn’t reuse passwords obviously. me has a m…-shell as www-data.

Still no ideas how to use creds, neither ssh or su works

Do you think creds could be a rabbit hole?

Don’t get too much stuck on the creds you find, look for “better”.
Currently stuck on root, I’m pretty sure it has to do with all those logs but not sure how.