β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Use Hashcat to brute force crack the password hash
1) In recent years, the development of graphics cards has changed dramatically; they now contain hundreds or thousands of processors inside the chip, all of which work in parallel.
2) When applied to password cracking, this means that if a single processor can calculate 10,000 hashes in one second, a GPU with 1,000 cores can reach 10 million. This means reducing the cracking time by 1,000 times or more. In this chapter, we will use Hashcat to brute force the hash.
3) But this feature is only effective if you install KaliLinux as a basic system on a computer with Nvidia or ATI chipset. If you install Kali Linux on a virtual machine, GPU cracking may not work, but you can install Hashcat on the host. There are Windows and Linux versions (https://hashcat.net/hashcat/).
π¦ Environmental preparation
You need to ensure that the graphics drivers are installed correctly and that Hashcat is compatible with them, so you need to do the following:
1) Run Hashcat independently; it will tell you if there is a problem: hashcat
2) Test the hash rate of each algorithm it supports in benchmark mode hashcat --benchmark
3) Depending on your installation, you may need to force Hashcat to use your specific graphics card: hashcat --benchmark --force
π¦ Combat drill
let's crack a hash value. Take the administrator's hash
π¦ Use Hashcat to brute force crack the password hash
1) In recent years, the development of graphics cards has changed dramatically; they now contain hundreds or thousands of processors inside the chip, all of which work in parallel.
2) When applied to password cracking, this means that if a single processor can calculate 10,000 hashes in one second, a GPU with 1,000 cores can reach 10 million. This means reducing the cracking time by 1,000 times or more. In this chapter, we will use Hashcat to brute force the hash.
3) But this feature is only effective if you install KaliLinux as a basic system on a computer with Nvidia or ATI chipset. If you install Kali Linux on a virtual machine, GPU cracking may not work, but you can install Hashcat on the host. There are Windows and Linux versions (https://hashcat.net/hashcat/).
π¦ Environmental preparation
You need to ensure that the graphics drivers are installed correctly and that Hashcat is compatible with them, so you need to do the following:
1) Run Hashcat independently; it will tell you if there is a problem: hashcat
2) Test the hash rate of each algorithm it supports in benchmark mode hashcat --benchmark
3) Depending on your installation, you may need to force Hashcat to use your specific graphics card: hashcat --benchmark --force
π¦ Combat drill
let's crack a hash value. Take the administrator's hash
hashcat.net
hashcat - advanced password recovery
World's fastest and most advanced password recovery utility
π¦As you can see, we can set the hash directly from the command line, and it will be cracked in less than a second.
> Now, to crack the entire file, we need to delete the username from it and leave only the hash value, as shown below:
> Now, to crack the entire file, we need to delete the username from it and leave only the hash value, as shown below:
π¦ To crack the hash value in the file, we only need to replace the hash value of the file name in the previous command: oclhashcat -m 0 -a 3 hashes_only_6_7.txt. As you can see in the screenshot below, with the old GPU, Hashcat can cover all possible combinations of one to seven characters (at a rate of 6.885 million hashes per second) in just 10 minutes, testing 8 All combinations of characters take more than 2 hours. This seems pretty good for brute force
> Hashcat can also use dictionary files and create a hybrid attack (Brute Force plus dictionary) to define the character set to be tested and save the results to a specified file (it saves them to /usr/share/oclhashcat/Hashcat.pot). It can also apply rules to words and use statistical models (Markov chains) to improve cracking efficiency. To view all its options, use the --help option, for example: oclhashcat --help.
> Hashcat can also use dictionary files and create a hybrid attack (Brute Force plus dictionary) to define the character set to be tested and save the results to a specified file (it saves them to /usr/share/oclhashcat/Hashcat.pot). It can also apply rules to words and use statistical models (Markov chains) to improve cracking efficiency. To view all its options, use the --help option, for example: oclhashcat --help.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦WHAT IS XSS for beginers :
> XSS is also called CSS ( Cross Site Script ), cross-site scripting attack
>It refers to a malicious attacker inserting malicious HTML code into a W web page. When a user browses the page, the HTML code embedded in the Web page will be executed, thereby achieving the special purpose of the malicious user
> XSS is a passive attack, because it is passive and not easy to use, so many people often ignore its harmfulness
> In XSS attacks, there are generally three roles involved
π¦attacker
Target server
Victim's browser
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦WHAT IS XSS for beginers :
> XSS is also called CSS ( Cross Site Script ), cross-site scripting attack
>It refers to a malicious attacker inserting malicious HTML code into a W web page. When a user browses the page, the HTML code embedded in the Web page will be executed, thereby achieving the special purpose of the malicious user
> XSS is a passive attack, because it is passive and not easy to use, so many people often ignore its harmfulness
> In XSS attacks, there are generally three roles involved
π¦attacker
Target server
Victim's browser
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ The hazards of XSS :
1) Break through domain restrictions
2) Modify HTML code
3) XSS worm attack
4) Command execution
5) Get client information
6) Combining CSRF attacks
7) Obtain system management background permissions
8) Steal account
9) DDOS attack
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ The hazards of XSS :
1) Break through domain restrictions
2) Modify HTML code
3) XSS worm attack
4) Command execution
5) Get client information
6) Combining CSRF attacks
7) Obtain system management background permissions
8) Steal account
9) DDOS attack
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦DIFFERENT XSS TYPES :
1) Reflective XSS
> <Reflective XSS>, also known as < non-persistent XSS >, is characterized by entering malicious code directly in the URL
> This XSS attack has poor concealment, and ordinary browsers can recognize and intercept it
> Beautiful cherry blossoms
π¦Storage XSS
< Storage XSS > is also known as < persistent XSS >. This attack is characterized by malicious code stored in a database or server
> Generally, the XSS of the storage type is relatively concealed, and the browser generally does not detect and intercept it, so the harm is also the biggest.
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦DIFFERENT XSS TYPES :
1) Reflective XSS
> <Reflective XSS>, also known as < non-persistent XSS >, is characterized by entering malicious code directly in the URL
> This XSS attack has poor concealment, and ordinary browsers can recognize and intercept it
> Beautiful cherry blossoms
π¦Storage XSS
< Storage XSS > is also known as < persistent XSS >. This attack is characterized by malicious code stored in a database or server
> Generally, the XSS of the storage type is relatively concealed, and the browser generally does not detect and intercept it, so the harm is also the biggest.
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Mining XSS vulnerabilities :
> When digging, XSS input test should be carried out wherever things can be input
> Generally common such as message module
> If it is a reflective XSS , you must pay attention to the parameters in the URL
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
If it is a storage type XSS , you should pay attention to the text box and any other places where you can fill in the content
π¦ Mining XSS vulnerabilities :
> When digging, XSS input test should be carried out wherever things can be input
> Generally common such as message module
> If it is a reflective XSS , you must pay attention to the parameters in the URL
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
If it is a storage type XSS , you should pay attention to the text box and any other places where you can fill in the content
π¦Simple demonstration of storage XSS
1) We assume that there is such a website where people leave a message, the system will store the message on the server
2) We still use OWASP to demonstrate
3) There is a message system here, let's leave a comment
4) We tested it and found that we can completely keep our message in the system
1) We assume that there is such a website where people leave a message, the system will store the message on the server
2) We still use OWASP to demonstrate
3) There is a message system here, let's leave a comment
4) We tested it and found that we can completely keep our message in the system