Page 28 of 28

Re: Please ask questions ONLY in this topic.

PostPosted: Mon Nov 30, 2015 12:41 am
by haxkid
For those, still stuck in this mission...
I spent an hour to find the password hash and admin location but a day to crack the password. There's some issue with the John the ripper package for Linux in kali Linux. downloaded all the 3 free versions available kept trying without luck. My mistake was I couldn't decipher the thrown error message & took almost a day to realize issue is with my kali Linux. Crap.
Came back to windows, downloaded windows binary and it decrypt the password within a sec and next second, I complete the mission. Thanks good old windows

Re: Please ask questions ONLY in this topic.

PostPosted: Fri Jan 15, 2016 6:49 am
by kana-mycin
Just solved this one but I can't find information about FreeBSD MD5 anywhere. Also I thought md5 hashes were hexadecimal, why does this one have so many special characters?

Re: Please ask questions ONLY in this topic.

PostPosted: Fri Jan 22, 2016 6:54 am
by pbuil
Hi. It's the first time I work with encrypting stuff and I'm having some issues. I'm using Kali Linux, I ran JTR like 1h and a half ago, and it keeps computing. Hw is it possible that for some of you it was a matter of seconds?

Hw did u configure it? Alternatively, I've tried to use hashcat with hardly success. Is there anyone there who used hashcat for decrypting this hash and succedeed?

thanks in advance!

Re: Please ask questions ONLY in this topic.

PostPosted: Tue Jan 26, 2016 6:05 pm
by cyberdrain
Did you configure JTR correctly? Default settings might not work all the time, though I don't remember if that was the case here.

Re: Please ask questions ONLY in this topic.

PostPosted: Fri Feb 19, 2016 3:40 pm
by Carlsb3rg
Damn this mission took a long time to finish. Got the admin hash quite easily but have a lot of fun and games with John the Ripper on a multitude of platforms.

It would recognise the hash type but did little else, so downloaded various word lists/dictionaries but it made no difference.

I took a long break and it came to me that I was just trying to crack the hash without a username in front. How f***ing stupid can you get?!! Good ole Uncle John cracked it in less than a second with the right details.

Let this serve as a warning to others (hopefully this isn't classed as a spoiler but please delete if it is).

Re: Please ask questions ONLY in this topic.

PostPosted: Wed Jan 04, 2017 11:37 am
by nxbxdy
for everybody still stuck on this like i was (i hope i don't spoiler anything):

don't get stuck on ../ if you have the right directory (one little tip, "You can't view this file"). i completely insisted on using it and got stuck on it and it took me a long time to figure it out this way. you do still need directory traversal though.
also, use JTR for cracking the hash.

explaining the installation for windows users: just move the binaries to C: and rename the folder to "John" (that's how i did it, it's easier to find that way but you can just leave the name as it is and use any directory, i think).

after that just copy the hash and make a new .txt file (no matter the name, you can call it password.txt or hash.txt, doesn't matter)in "run", otherwise JTR won't be able to find your .txt file when you try to run it.

the windows command for JTR is: john.exe [name of your hash file].txt.
(btw for the people where it says it couldn't find "john.exe", try to go into folder "run" and try the command again)

corrected this from an earlier post where the command was an old one and thought i should maybe correct it for those that are lost and never installed and ran JTR, like me.

i hope this was atleast a little bit useful.. if anyone still needs help you can PM me.

Re: Clueless.

PostPosted: Tue Jan 24, 2017 8:40 pm
by PavelG
novalyphe wrote:If you're really stuck then a good way to go might be to find out what apache is.

Got it! Thanks for the clue! :D

Re: Please ask questions ONLY in this topic.

PostPosted: Wed Feb 07, 2018 10:34 am
by Starman11
For anyone still trying to figure out where the file is, there *is* a logical path to follow. You don't have to go down any directories, you need to go *UP*. I played this mission again and forgot where the file was, but I have got it again. It might also help if you bare in mind that a directory is NOT a file.