I hereby claim:
- I am grutz on github.
- I am grutz (https://keybase.io/grutz) on keybase.
- I have a public key whose fingerprint is 8B59 F3BF 6E27 1945 BB27 2367 91AC A71E 80F4 E20A
To claim this, I am signing this object:
#!/bin/bash | |
# crack-all-lms-avenger | |
# (c) 2012 by Kurt Grutzmacher ([email protected]) | |
# License: BSD 3-Clause - http://opensource.org/licenses/bsd-3-clause | |
# | |
# So you have a pwdump file and it has some LANMAN hashes, eh? Run this and I | |
# guarantee you'll crack a ton of them! | |
# | |
# Some paths are hardcoded. YMMV. No warranty express or implied. See your |
#!/usr/bin/env python | |
""" | |
Bible/Quran books, chapters, and verse wordlist generator | |
This script creates an output of books of the Bible and Quran, permutations of their | |
chapters and verses. Includes common abbreviations of book names and the Spanish equivalent | |
for the Bible. | |
(c) 2012 Kurt Grutzmacher <[email protected]> |
grutz@beelzebubba:2013-cmiyc-street-challenges_1-9$ tar -tvf Challenge9_street.tar.xz | |
drwxr-sr-x root/root 0 2013-08-01 20:12 Challenge9_street/ | |
-rw-r--r-- root/root 329 2013-08-01 20:12 Challenge9_street/README | |
-rw-r--r-- root/root 67108864 2013-08-01 20:12 Challenge9_street/efs.dd | |
grutz@beelzebubba:2013-cmiyc-street-challenges_1-9$ cd Challenge9_street | |
grutz@beelzebubba:loop$ Challenge9_street$ cat README | |
The filesystem in this .dd image has some encrypted files within it. | |
If you recover any of the passwords needed to decrypt the files, |
grutz@beelzebubba:2013-cmiyc-street-challenges_1-9$ tar -xvf Challenge9_street.tar.xz | |
drwxr-sr-x root/root 0 2013-08-01 20:12 Challenge9_street/ | |
-rw-r--r-- root/root 329 2013-08-01 20:12 Challenge9_street/README | |
-rw-r--r-- root/root 67108864 2013-08-01 20:12 Challenge9_street/efs.dd | |
grutz@beelzebubba:2013-cmiyc-street-challenges_1-9$ cd Challenge9_street | |
grutz@beelzebubba:Challenge9_street$ cat README | |
The filesystem in this .dd image has some encrypted files within it. | |
If you recover any of the passwords needed to decrypt the files, |
grutz@beelzebubba:Challenge9_street$ cd loop | |
grutz@beelzebubba:loop$ ls | |
backup $RECYCLE.BIN secret documents System Volume Information | |
grutz@beelzebubba:loop$ ls backup | |
63492B3A0CE6EF8BBFD60B8446C95A76D26E30C7 mabel.pfx | |
grutz@beelzebubba:loop$ ls secret\ documents/ | |
dipper.txt mabel.txt shared.txt |
grutz@beelzebubba:loop$ backup$ openssl pkcs12 -in backup/mabel.pfx | |
Enter Import Password: | |
Mac verify error: invalid password? | |
grutz@beelzebubba:loop$ /opt/pw-crackers/jtr/JohnTheRipper/run/pfx2john backup/mabel.pfx | |
mabel:$pfx$*2558*308209fa020103308209b606092a864886f70d010701a08209a7048209a33082099f3082060806092a864886f70d010701a08205f9048205f5308205f1308205ed060b2a864886f70d010c0a0102a08204fe308204fa301c060a2a864886f80be020207d0048204d8305d1ca9b208ecf652688134b1bea08c5d68657b01a28ee2405c3df2df8a098b85231b50d3d8587f3a68f7c23303cb2cd614ab69e9110fa3b9f7f6960a057c49a2f30abbbea2d4459fdef767365de4a29faed039d6c4a0662b73a32ba900dca20c64b1a63118b639e298bbc874cec74c42b5ca32b0fa0c88f5661eed640bd35e0f9fdd75b63a81eed2c64c46c94b8d2251bd67274c733f8dbcf63f3b80c86be5ea94cba8e6701498b6b6cd93dc2fb15186b00d621e2e2b69a22028aeebe1aa1ae968b39a74cbeab9ff7239dde62fe007e861cc056fd40e3bf84556ee47d692c2702ac21d3dfe1ae23d837b62ff07085b5db26cb549bf253615d16ac464a2c745d70df8cdd8e534db953097ffa2f263a588e3b27893b3f1bb0f34e981d8553ff6752 |
grutz@beelzebubba:2013-cmiyc-street-challenges_1-9$ tar -xvf Challenge3_street.tar.xz | |
Challenge3_street/id2entry.bdb | |
grutz@beelzebubba:2013-cmiyc-street-challenges_1-9$ cd Challenge3_street/ | |
grutz@beelzebubba:Challenge3_street$ file id2entry.bdb | |
id2entry.bdb: Berkeley DB (Btree, version 9, native byte-order) | |
grutz@beelzebubba:Challenge3_street$ strings id2entry.bdb | grep SSHA | head | |
&{SSHA}rUEBr1cZJEclB1oQP/XnzK2T36aKsZzH | |
&{SSHA}VWbYRWmrB/Mv3VWw3lL17z6t62BY+7at | |
&{SSHA}X0qLhkDDL7o+rIWc5VbMN5bmJu7fcAh2 | |
&{SSHA}RvIG3vxCOy/MAgL5eS9prXfHv2JEt4G6 |
I hereby claim:
To claim this, I am signing this object: