Tryhackme:CC: PenTesting(PART-2)

[Section 4 — Hash Cracking]: hashcat:

#command:hashcat -a 3 -m 0 md5.hash ?a?a?a?a?a

#command:hashcat -a 0 -m 900 md4.hash rockyou.txt

[Section 4 — Hash Cracking]: John The Ripper:

command:sudo john — format=RAW-MD5 — wordlist=rockyou.txt md5.txt , john — format=RAW-MD5 md5.txt

command:sudo john — format=RAW-SHA1 — wordlist=rockyou.txt md5.txt , john — format=RAW-SHA1 md5.txt

[Section 5 — SQL Injection]: Intro:

Section 5 — SQL Injection]: sqlmap:

Section 5 — SQL Injection]: A Note on Manual SQL Injection:

[Section 5 — SQL Injection]: Vulnerable Web Application:

command:sqlmap -u <target-ip> — forms — level=1 — dbs

[Section 6 — Samba]: Intro:

[Section 6 — Samba]: smbmap:

[Section 6 — Samba]: smbclient:

[Section 6 — Samba]: A note about impacket:

[Miscellaneous]: A note on privilege escalation:

[Section 7 — Final Exam]: Good Luck :D:

--

--

--

CTF-PLAYER, security analyst, Pentesting, vapt, digital forensics

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Measurement Must Have A Scope

HAProxy External-Check

GraalVM, the holy grail.

Analysis of Recursive and Non Recursive Algorithms

Dynamic Programming On Grids

Object Equality in Scala

Summary of what I learned in Design Pattern: Abstract Factory

Brief Tour of Code Qualities with Marco Faella

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
jagadeesh

jagadeesh

CTF-PLAYER, security analyst, Pentesting, vapt, digital forensics

More from Medium

What interesting Axelar Network offers

iMe Smart Platform is launching on Polygon to push mass adoption of cryptocurrencies

Saving Private Oedipus

Crypto lords x Subquery