Hey friends, today my Paul and I kept trying to hack the VulnHub machine based on the movie Billy Madison (see part 1 and 2). In our journey we learned some good stuff:

  • Port knocking is awesome using utilities like knock:
/opt/knock/knock 1466 67 1469 1514 1981 1986
  • Sending emails via command line is made (fairly) easy with swaks:
swaks --to eric@madisonhotels.com --from vvaughn@polyfector.edu --server --body "My kid will be a soccer player" --header "Subject: My kid will be a soccer player"

You could also use telnet and do this command by command – see this article from Black Hills Information Security for more info.

  • Hyda works good for spraying FTP creds:
hydra -l user -P passlist.txt
  • Check out my quick cheat sheet about bettercap (see episode #522) for some syntax on extracting WPA handshake data from cap files:
# ...it looks like the new standard hash type might be m22000 per this article (https://hashcat.net/forum/thread-10253.html).  In that case, here's what I did on the pcap itself to get it ready for hashcat:sudo /usr/bin/hcxpcapngtool -o readytocrack.hc22000 wifi-handshakes.pcap# Then crack with hashcat!sudo /path/to/hashcat -m22000 readytocrack.hc2000 wordlist.txt

Written by: Brian Johnson

Share on socials: