Post-Exploit Password Attacks
1. Crack using the tool - john (Too slow in real world)
Locate the rockyou file.
john --wordlist=/usr/share/wordlists/rockyou.txt windows
john --show windows
Conbine the files and save as unshadow.
john --rules --wordlist=/usr/share/wordlists/rockyou.txt unshadow
2.Using Hash craker on the Internet. (Suggested)
8846F7EAEE8FB117AD06BDD830B7586C
3. Use the tool hashcat
On Kali Linux.(Too slow locally)
hashcat -m 500 /usr/share/wordlists/rockyou.txt unshadow --force
On Windows
hashcat64.exe -m 500 unshadow.txt rockyou.txt
Hash Craker Websites:
Tips: If it is hard to crack the password, do not waste time on it. Just skip it and find another way.
OSCP Learning Notes - Post Exploitation(3)
原文:https://www.cnblogs.com/keepmoving1113/p/11273528.html