Cracking Hashes

Use JohnTheRipper against lots of different types of hashes. Doesn't need a GPU so works well on a virtual machine.

This is useful to identify hash type:

Hash Analyzer - TunnelsUP

Can speed up JohnTheRipper if you tell it the correct hash type:

john --wordlist=/usr/share/wordlists/rockyou.txt --format=Raw-SHA256 hash.txt

PGP Key

Convert PGP key to John format:

gpg2john tryhackme.asc > tryhackme.asc.john

Crack it:

john --wordlist=/usr/share/wordlists/rockyou.txt tryhackme.asc.john

SSH

If we find an encrypted SSH private key, get sshng2john if needed and convert to John format:

curl -sk https://raw.githubusercontent.com/truongkma/ctf-tools/master/John/run/sshng2john.py > sshng2john.py
python sshng2john.py id_rsa > id_rsa.encrypted

Now we can try to crack it:

john --wordlist=/usr/share/wordlists/rockyou.txt id_rsa.encrypted