Every day, an absurd amount of new data breaches appear online. On top of that, old breaches still circulate, often easily accessible – both for free and for a fee – and they can pose a real threat to your company.
Attacks using what are known as “creds” (from credentials), i.e., login:password pair…
Czytaj więcej →
No big budget needed to significantly improve security. All it takes is two hours. Two hours that won’t change the world, but could protect your company from severe consequences. And this is not theory. This is practice, evident in every incident that could have been avoided. And there are plenty of…
Czytaj więcej →
Introduction to password cracking #2 - wordlists
Intro
In the previous post, we learned about one of the attack methods that hashcat offers - the dictionary attack. To perform such attack we need dictionary - a good dictionary,
Let's be clear we need solid and (not always) big dictionary to perform …
Czytaj więcej →
Introduction to password cracking #3 - Cracking with rules
Intro
When you have used and try all your dictionaries and the passwords still does not give up... then you need to extend your attack ( assuming the dictionary is prima sort ). The ways that hashcat offers are several. There is the diction…
Czytaj więcej →
Intro
So you want to be a password cracker, huh? Let us show you how it's done. In this post you will learn how to crack passwords with hashcat dictionary attack.
First things first.
A few things are required for Hashcat to begin cracking in dictionary mode:
Hash(es) to crack
Hash id for given has…
Czytaj więcej →
How many times you have run into the problem of replacing the current user Kerberos TGT?
Creating the sacrificial process is the way to prevent that from happening.
If the current user TGT will be replaced, the authentication to the domain resources will be done using the new TGT. To get back to th…
Czytaj więcej →
TL;DR
What's that? CrackMeIfYouCan on DEFCON is one of the most popular hash cracking contests in the wild. Best teams in the world compete on a 48h challenge to crack as many hashes as possible. The are 2 classes of competitiors - Pro and Street. We played under AlphaPwners team, and finished on 5t…
Czytaj więcej →
Currently in Polish only :/
Czytaj więcej →
Currently in Polish only :/
Czytaj więcej →
Currently only in Polish ;/
Czytaj więcej →