Tag: CMD

MDCrack how to crack hashes (MD4/MD5/NTLM1)

Software, , , , , , , ,
MDCrack is a powerful and fast hash cracker. It can brute force MD5, MD4 and NTLM1 hashes. MDCrack is mainly a CMD tool but there is a GUI available. It is available for Windows and for Linux. Usage MDCrack is easy to use but first we will need a hash to test, you can generate one using your Linux terminal or one of the many websites available. To generate an md5 hash in Linux you can use the following command I have already used this command to generate the hash to the word ‘pass’ To crack an md5 hash run…

Shredding a file in Linux with shred

Software, , , , ,
When deleting a file by simply pressing the delete button the file can be easily recovered, you don’t always want that. That’s where shred comes in, What shred does is to wipe the file and make it unrecoverable. This can be very useful if you want to delete a file with sensitive data. Usage Basic options :        -f    force permissions        -u   remove after        -v   verbose        -z   write zeros at the end        -n [number]   times of shreddingIf you are not running the…

Cracking FTP with hydra

Software, , , , , , ,
Hydra is a fast login cracker that supports a lot of protocols. It is a command line tool, but a GUI is available. The FTP (File Transfer protocol) is used to remotely access files. The cracking speed is low but with a weak password and a good wordlist it is possible to be cracked. Most attackers will try to crack a password only if there is no other way in(e.g using an exploit or social engineering). This is a list of supported protocol that hydra supports as listed in the official website :Asterisk, AFP, Cisco AAA, Cisco auth, Cisco enable,…

Sticky keys privilege escalation on windows XP

Software, , , , , ,
The purpose of a privilege escalation attack is to gain more privileges over an operating system. An example can be gaining administrator privileges from a restricted account on windows XP system which is what we are going to do today. How does this attack work ? This attack is a fairly simple one. The way it works is by replacing the ‘sethc.exe’ with the ‘cmd.exe’ file which are both located in the system32 folder, ‘sethc.exe’ is the application that runs when you press shift five times. Then all you have to do is press shift five times in the login…

Creating a disk image with dd

Software, , , , , ,
The dd command is a useful utility that allows someone to easily image a storage unit. You can use this command to backup and restore your flash drive, SD card, etc. It can also be useful for forensic work, e.g if you’re trying to recover deleted files from a flash drive, you can image the drive then work on the image keeping the original safe. WARNING This command if used improperly can result in destruction of data. Be very carefull and double check the command before executing it. Syntax You can always see the commands documentation with the fallowing command Or…