Collaborate Disseminate
I have a KeePass 2.47 database which is protected with a master password and a key file.
I managed to lose the 2nd part of my master password. So, I have access to the database, the key file and the first part of the master password (ftyhb… Continue reading How to crack KeePass database when knowing the first part of the master password [duplicate]
I know that when you attempt to log in to a device via SSH, upon inputting an incorrect password, you must wait several seconds before you get another attempt. This is obviously a deterrent against brute force attacks. But what’s stopping … Continue reading What’s stopping attackers from brute forcing SSH passwords over new sessions?
At my job, we have a UniFi controller that is hosted on a ESXi client – we need to get in there so we can switch the AP’s to our controller and other things. The company we took it over – didn’t give us the passwords for it. I’ve been just… Continue reading Gain access to UniFi controller hosted on ESXi box
If a person finds an old hard drive that was partially overwritten and let’s say 1GB of that wasn’t and was formerly used for part of a LUKS encrypted partition, what is the risk that such data, which looks random, could be brute force dec… Continue reading LUKS brute force risk?
If an attacker wants to create a phishing website with a fake TLS certificate, to my noob mind, there is a way to do this:
Create the fake website certificate
Create the hash for this certificate
Take a valid root PKI certificate with the… Continue reading Brute force copy of PKI root certificates
I am trying to pentest my router’s login page, but I get a "connection refused" error.
I get the same error when I try to pentest my kali login and my Windows login to my PC accounts and I’m not sure how to fix it.
sudo hydra -l … Continue reading I am trying to Pentest with hydra password cracking tools [closed]
I am using hydra to bruteforce my router admin page. By scanning with nmap it is showing port 22 ssh is open and when i use medusa it is bruteforcing properly but with hydra i am using this command :
hydra -l admin -p admin ssh://192.168…. Continue reading Why hydra showing this error [ERROR] could not connect to ssh://192.168.0.1:22?
On a machine supporting ssh, an RSA key is given but no username.
My idea was brute-forcing the SSH username with Hydra but I didn’t find any option to give the RSA key to Hydra.
Is it possible to brute force ssh usernames with an RSA key … Continue reading Hydra brute force ssh usernames with given RSA key
I’m creating a wordlist with uppercase letters A-Z and numbers 0-9. The length is exactly 8 characters long. Using the tool crunch, preinstalled in Kali, I was able to generate a wordlist that doesn’t contain any consecutive characters, fo… Continue reading Creating wordlist with no more than 2 repeating characters [migrated]
Some creator I support on SubscribeStar hosts their files on a dedicated AWS web storage server of theirs and the names are easily accessible and sometimes guessable without any kind of security or authentication. I got curious to see what… Continue reading Unlisted directory discovery of a web server without using bruteforce attacks