Hash Reference
Shadow Hash
sample: root:$6$....:<some_number>:0:<some_number>::::
john --format=sha512crypt --wordlist=/usr/share/wordlists/rockyou.txt root.hash
PGP / GPG
If you discover any file with this extension,
file:
.keys
.asc
creds file:
.pgp
Follow the steps below,
gpg2john hack.asc > crackthis.txt
gpg --import hack.asc
<input password>
gpg --decrypt creds.gpg
Wordpress Database Hash
The database maybe like this:
john crack --wordlist=/usr/share/wordlists/rockyou.txt
PFX (SSL Private and Public Key)
Simple way:
# https://github.com/crackpkcs12/crackpkcs12
./crackpkcs12 -d /usr/share/wordlist/rockyou.txt <file.pfx>
Backup plan:
pfx2john.py <file.pfx> > hashpfx.out
john -format=pfx hashpfx.out -w=/usr/share/wordlist/rockyou.txt
NTLM2 Hash
Sometimes you got it from responder or rubeus.exe
john user_ntlmv2.hash --wordlist=/usr/share/wordlists/rockyou.txt
john user_ntlmv2.hash --show
NTLM Hash
hashcat -m 1000 --f user_ntlm.hash /usr/share/wordlists/rockyou.txt
SSH Key
Sometimes you got it from /.ssh/id_rsa
ssh2john id_rsa > crackme
john --wordlists=/usr/share/wordlists/rockyou.txt crackme
Don't forget to change permission id_rsa to 600if you wanna use it for login.
JWT Signature
save jwt to a file called "jwt"
GPO Passwd
source file: \hostname.domain\Policies{00000000–0000-0000–0000-00000000000}\MACHINE\Preferences\Groups\Groups.xml
Kerberost Hash
If you get from GetUserSPNs
john --format:krb5asrep /tmp/Kerberos --wordlist=/usr/share/wordlists/rockyou.txt
