Salta el contingut

JotaTito05

Hashcat / John Reference

JotaTito05

Index
00 Logbook
00 Logbook
- Exam Report Template
- Exam Strategy & Mental Game
- Active Missions
  Active Missions
  - Mission 1: Target [IP]
10 Cheatsheets
10 Cheatsheets
- // NOTES_INDEX
- 02 Service Enumeration
  02 Service Enumeration
  - // SERVICE_ENUMERATION
  - SMB (445/139) - Enumeration
  - 1433 MSSQL
    1433 MSSQL
    
    MSSQL (1433) - Enumeration
  - 161 SNMP
    161 SNMP
    
    SNMP (161) - Enumeration
  - 21 FTP
    21 FTP
    
    FTP (21) - Enumeration
  - 22 SSH
    22 SSH
    
    SSH (22) - Enumeration
  - 3306 MySQL
    3306 MySQL
    
    MySQL (3306) - Enumeration
  - 53 DNS
    53 DNS
    
    DNS (53) - Enumeration
  - 80 443 HTTP
    80 443 HTTP
    
    Web (80/443) - General Enumeration
    
    CMS Apps
    CMS Apps
    
    Tomcat & Jenkins
    
    WordPress Enumeration & Attacks
    
    Web Vulnerabilities
    Web Vulnerabilities
    
    manual SQL Injection
- 03 Active Directory
  03 Active Directory
  - // ACTIVE_DIRECTORY
  - 01 Reconnaissance
    01 Reconnaissance
    
    BloodHound & LDAP Recon
  - 02 Attacks
    02 Attacks
    
    ASREPRoasting
    
    Kerberoasting
    
    LLMNR/NBT-NS Poisoning
  - 03 Lateral Movement
    03 Lateral Movement
    
    Lateral Movement (AD)
  - 04 Persistence
    04 Persistence
    
    Domain Persistence (Golden Ticket)
  - 05 Advanced Trusts
    05 Advanced Trusts
    
    Child to Parent Domain Escalation
  - 06 Certificates
    06 Certificates
    
    Active Directory Certificate Services (AD CS)
- 04 Exploitation
  04 Exploitation
  - // EXPLOITATION
  - Buffer Overflow (Stack Based)
  - File Transfers
  - Port Forwarding & Pivoting
  - Shells & Payloads
  - Evasion
    Evasion
    
    AV & AMSI Evasion
- 05 Privilege Escalation
  05 Privilege Escalation
  - // PRIVILEGE_ESCALATION
  - Linux
    Linux
    
    Linux Privilege Escalation
  - Windows
    Windows
    
    Windows Privilege Escalation
20 Tools Reference
20 Tools Reference
- Burp Suite (Community)
- Hashcat / John Reference Hashcat / John Reference
  Taula de continguts
- 🦅 The OSCP Mega-Cheatsheet
- Metasploit Framework
- 🚀 Reverse Shell Generator
- Wordlists Reference
30 Writeups
30 Writeups
- Writeups
- Active
  Active
  - Active Writeups
  - Writeup: Expressway (HackTheBox)
- NotActive
  NotActive
  - NotActive Writeups
  - TJNull
    TJNull
    
    TJNull OSCP List
    
    Proving Grounds
    Proving Grounds
    
    Linux
    Linux
    
    Proving Grounds - Linux
    
    ClamAV (Proving Grounds)
    
    Writeup: Máquina Pelican
- Template
  Template
  - 🎯 Machine Name: [Target Name]
90 Extras
90 Extras

Hashcat / John Reference¶

[!tip] Efficiency No te vuelvas loco buscando el número de modo. Usa hashid o esta tabla rápida.

1. Common Hashcat Modes¶

Hash Type	Mode ID	Example
MD5	`0`	`8743b52063cd84097a65d1633f5c74f5`
SHA1	`100`	`b89eaac7e61417341b710b727768294d0e6a277b`
NTLM (Windows)	`1000`	`8846F7EAEE8FB117...` (32 chars)
NetNTLMv2 (Responder)	`5600`	`admin::DOMAIN:1122334455667788...`
Kerberoast (TGS)	`13100`	`$krb5tgs$23$*...`
ASREPRoast (TGT)	`18200`	`$krb5asrep$23$...`
Bcrypt (Linux)	`3200`	`$2y$05$...`
SHA-512 (/etc/shadow)	`1800`	`$6$...`
Wordpress	`400`	`$P$...`

2. John the Ripper¶

John suele detectar automáticamente, pero a veces necesitas especificar el formato.

john --format=NT hash.txt
john --format=netntlmv2 hash.txt
john --format=krb5tgs hash.txt

3. Zip / PDF / Office (John)¶

Extraer hash primero.

zip2john file.zip > hash
pdf2john file.pdf > hash
office2john file.docx > hash

john hash