root:$6$YIFGN9YscCV72BjFtx/tehbc7sQTJp09c5.:18277:0:99999:7::: So use the highlighted part as the password. So password = YIFGN9YscCV72BjFtx/
For Windows
Use ntlm hash
Example Administrator:500:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c:::ย
password = 31d6cfe0d16ae931b73c59d7e0c
Old methods
For linux
1- cat /etc/shadow 2-copy whole hash(root) root:$6$YIFGN9YscCV72BjFtx/tehbc7sQTJp09c5.:18277:0:99999:7::: 3-Then find it's MD5 sum and that's your password for writeup
For windows
1-Find root hash with hashdump.exe or any other tool. 2-Then convert that also into MD5 sum 3-That's your password for the Writeup
Basic Information Difficulty-EasyType -WindowsPoints-20Maker-dmw0ngUser Blood- sampriti:08 mins, 06 seconds. Root Blood-sampriti:34 mins, 10 seconds. Steps involved 1-Port Scanning2-Searching exploit for NVMS-10003-Directory Traversal(Using Burp just POC)4-FTP enumeration5-Extracting passwords Using Directory Traversal 6-SSH login into Nadine(user.tx)7-Revising FTP and Nmap enumerations8-Checking Service on port 84439-Local port forwarding through SSH10-Searching exploit for NSClient++11-Exploiting NSClient with CLI12-Getting Root.txt Commands involved…
Brief It is a retired machine from hack the box. It’s a linux insane machine . Steps involved 1-Port scanning2-Enumerating SSLcertificates3-Editing our host file4-Exploiting WP Support Plus5-Getting email password6-Getting creds for secret form7-Decoding Vigenere ciphers8-Decrypting the id_rsa keyprase9-Getting user.txt10-Decrypting the root.txt11-Getting root.txt Commands involved 1-nmap -sC -sV -O -v -oV 10.10.10.172-nano /etc/hosts3-wpscan –url https://brainfuck.htb –disable-tls-checks4-searchsploit…
It is a great machine from hackthebox .It is Having BSD OS .which is very vulnerable .Starting with authentication bypass which gave the ssh-keys for a user .Then simple exploiting OPenBSD 6.6 vulnerabilities .