WeakRSA and FindTheEasyPass

fatninja1215 · November 27, 2021, 5:34am

Hi, I was wondering if anyone has tried this lately. I know the flags do to being an old task, but it seems maybe HTB has changed these up a little. They zips are protected with pass. I have done zip2john and used rockyou.txt and many others from SecLists as wordlist to try and crack #>john --wordlist=/usr/share/wordlists/rockyou.txt hashes. I have also did bruteforce for about 24hrs just using #>john hashes to no avail. I am a noob, but seems should be easier to crack for beginner.

Thanks,
Noob

Hilbert · November 27, 2021, 4:59pm

the password for all the zip files is “hackthebox”, it should say that where you downloaded it. They do this because otherwise the file can get flagged by virus scanners.

fatninja1215 · November 27, 2021, 5:14pm

Geesh, your right, I overlooked it. Thank you!

I do see now where it says the password and the checksum.

fatninja1215 · November 27, 2021, 6:39pm

Well, I know what password to use on my financial institutions. ha jk. added to the rockyou.txt and it found it in a 10th of a second.

Topic		Replies	Views
Password Attacks \| protected Archives zip2john	34	7468	December 17, 2024
Cracking Common Hashes --- CRACKING PASSWORDS WITH HASHCAT Academy starting-point , academy	5	995	July 30, 2024
Old is gold. Challenges	26	4635	March 10, 2020
Attacking Common Services - Attacking SMB Academy	10	409	July 15, 2023
Weak Rsa ..? Challenges weakrsa	4	1465	May 11, 2018

WeakRSA and FindTheEasyPass

Related topics