Cracking
Don't go home with closed door.
Hash Reference
Shadow Hash
sample: root:$6$....:<some_number>:0:<some_number>::::
PGP / GPG
If you discover any file with this extension, file:
.keys
.asc
creds file:
.pgp
Follow the steps below,
Convert to john
Crack with John
Open gpg file
Wordpress Database Hash
The database maybe like this:
PFX (SSL Private and Public Key)
Simple way:
Backup plan:
NTLM2 Hash
Sometimes you got it from responder or rubeus.exe
NTLM Hash
SSH Key
Sometimes you got it from /.ssh/id_rsa
Don't forget to change permission id_rsa to 600
if you wanna use it for login.
JWT Signature
save jwt to a file called "jwt"
run john
GPO Passwd
source file: \hostname.domain\Policies{00000000–0000-0000–0000-00000000000}\MACHINE\Preferences\Groups\Groups.xml
Kerberost Hash
If you get from GetUserSPNs
Last updated