iExploit

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Apply for Membership

Top Posters

Who's Online (0)

Powered by Vanilla. Made with Bootstrap.
Looking to introduce yourself? Look no further, and click here! We also have IRC! [irc.evilzone.org #iexploit]
[STS]Level 1 - Blowfish
  • chroniccommand
    Posts: 1,389
    So in case you don't know about SmashTheStack, it is a wargaming site for testing your hacking skills. The site can be located HEREE

    So for the first Blowfish level, we need to telnet to:
    blowfish.smashthestack.org 6666

    Once we telnet to that specific box, we should get some instructions and a hashed password. To move on to the next level on the Blowfish series, we need to crack this hash and SSH to level2@blowfish.smashthestack.org port 22(SSH)
    So to crack this we will be using a tool called John The Ripper(JTR for short). To install JTR, first update your aptitude like so:
    sudo aptitude update

    This will update your repo's and get the latest package cache.(Requires internet connection). So now that we have it updated we install john with this code:
    sudo aptitude install john

    This should install JTR. If you get a package not found error, try searching for it using 
    sudo aptitude search <searchstring>


    So now that we have JTR installed we are ready to crack the hash. To crack it, I'm going to make a new file on my desktop with the hash in it. So in the .txt file we are going to have a format like this:
    ANYUSERHERE:passwordhash

    Since we don't have a username for level2, we can put any username we want, separated with a colon then the password hash. Now we must change to the desktop. Since I am on Debian, I use this command:
    cd /home/chronic/Desktop

    This will change the directory to your desktop(Replace "chronic" with your username). Now we are ready for the password to be cracked. If you want to read the manual for JTR, type 
    man john

    This will load the manual for JTR. Now we need to crack the level 1 hash within the text file, which I named "pass.txt". So try this command:
    john --single ./pass.txt

    This should start trying to crack the password. It should crack it in a matter of seconds.
    NOTEFor quicker cracking with JTR, you may use a wordlist. A wordlist contains tons of words in a file and JTR compares them to the hash. If they compare the same, the password is cracked. If not, JTR continues to check through the whole dictionary file.

    Now we should have the password hash cracked. I will not post it here so you actually have to do it :P Just open up the terminal and type
    ssh level2@blowfish.smashthestack.org -p 2222

    It will then give the RSA fingerprint, which you accept by typing "yes" then input the password and you should be logged onto that box :)

    Stay tuned for level 2 tutorial, which I will work on soon.
  • Xin
    Posts: 3,251
    Great share and a great start off for me on blowfish! :)
    Xin
  • Bursihido
    Posts: 406
    what is blowfish :S ..................................
  • Xin
    Posts: 3,251
    Its one of the levels on Smashthestack
    Xin
  • [Deleted User]
    Posts: 0
    Quick correction.
    "first update your aptitude like so" What you are updating is your repository indexes( for apt), which is used by all the high level dpkg front ends.
Add a Comment