Cracking Files

Protected Files

Hunting for Encoded Files

Hunting for Files

for ext in $(echo ".xls .xls* .xltx .csv .od* .doc .doc* .pdf .pot .pot* .pp*");do echo -e "\\nFile extension: " $ext; find / -name *$ext 2>/dev/null | grep -v "lib\\|fonts\\|share\\|core" ;done

Hunting for SSH Keys

grep -rnw "PRIVATE KEY" /* 2>/dev/null | grep ":1"

Cracking with John

# John Hashing Scripts
locate *2john*

# generating the corresponding hashes for encrypted SSH keys.
ssh2john.py SSH.private > ssh.hash

# Cracking SSH Keys
john --wordlist=rockyou.txt ssh.hash

john ssh.hash --show

Cracking Documents

Cracking Microsoft Office Documents

# generating hash
office2john.py Protected.docx > protected-docx.hash

# cracking hash
john --wordlist=rockyou.txt protected-docx.hash
john protected-docx.hash --show

Cracking PDFs

# Generating hash
pdf2john.py PDF.pdf > pdf.hash

# Cracking hash
john --wordlist=rockyou.txt pdf.hash
john pdf.hash --show

Protected Archives

Cracking Archives

Cracking ZIP

Using zip2john

zip2john ZIP.zip > zip.hash

Cracking the Hash with John

john --wordlist=rockyou.txt zip.hash

Viewing the Cracked Hash

john zip.hash --show

Cracking OpenSSL Encrypted Archives

Using file

file GZIP.gzip

Using a for-loop to Display Extracted Contents

for i in $(cat rockyou.txt);do openssl enc -aes-256-cbc -d -in GZIP.gzip -k $i 2>/dev/null| tar xz;done

Cracking BitLocker Encrypted Drives

Using bitlocker2john

bitlocker2john -i Backup.vhd > backup.hashes
grep "bitlocker\\$0" backup.hashes > backup.hash
cat backup.hash

Using hashcat to Crack backup.hash

hashcat -m 22100 backup.hash /opt/useful/seclists/Passwords/Leaked-Databases/rockyou.txt -o backup.cracked

PreviousPass-the-Hash (PtH)NextRemote Password Attacks

Last updated 3 years ago