1
00:00:00,120 --> 00:00:04,230
Picking up right where we left off so I'm going to clean this up just a little bit.

2
00:00:04,230 --> 00:00:05,940
We know the administrator here.

3
00:00:05,950 --> 00:00:08,460
They're the same hash we can identify that here.

4
00:00:08,850 --> 00:00:15,210
So I'm going to actually just delete all of these accounts and we're not going to worry about this w

5
00:00:15,270 --> 00:00:17,640
d a utility here WD.

6
00:00:17,820 --> 00:00:21,010
We're not gonna worry about default account or guest account.

7
00:00:21,010 --> 00:00:22,200
Google Hendley all those.

8
00:00:22,200 --> 00:00:27,830
I'm just interested in the user accounts and the administrator accounts so let's copy this and I'm going

9
00:00:27,830 --> 00:00:33,610
to move this to my hash cap folder and I'm going to just put it in a new text document.

10
00:00:33,660 --> 00:00:39,540
I'm actually going to reuse the one that we used before which was that that hashes for text.

11
00:00:39,690 --> 00:00:43,040
So we'll use that and then we're gonna go ahead and try to crack it.

12
00:00:44,950 --> 00:00:52,700
So bringing this over you can see that these hashes here these hashes are what it called and tell them

13
00:00:52,960 --> 00:00:58,750
previously we've cracked and tell them the two hashes now and tell them are the local hashes when you

14
00:00:58,750 --> 00:00:59,890
dump a Sam.

15
00:00:59,890 --> 00:01:01,720
That's what type of hash it is.

16
00:01:01,720 --> 00:01:04,930
Now these are stored under module 1000.

17
00:01:04,930 --> 00:01:11,200
Again you could do hash cat dash dash help and then grep and tell them and find that but we're going

18
00:01:11,200 --> 00:01:13,680
to try to crack these if we can't crack these.

19
00:01:13,720 --> 00:01:15,560
Then we'll try to pass them around.

20
00:01:15,760 --> 00:01:22,690
Special note one thing to remember you can pass around and tell I'm hashes you can not pass around NTA

21
00:01:22,740 --> 00:01:24,310
and be two hashes.

22
00:01:24,310 --> 00:01:25,030
Big difference.

23
00:01:25,060 --> 00:01:27,980
And tell them hashes can be passed A.L. and B2 cannot.

24
00:01:28,030 --> 00:01:32,410
So remember that from the next video but from here what I'm going to do is I'm just going to do the

25
00:01:32,410 --> 00:01:33,310
same thing as before.

26
00:01:33,310 --> 00:01:40,820
Hash cat 64 that you see and I'm going to give this a module of a thousand because that's and tell him

27
00:01:41,200 --> 00:01:48,550
and then I'm going to just provide this hash is like spell it hashes for text and then rock you that

28
00:01:48,550 --> 00:01:54,820
text will just use a simple wordless dash capital O for optimization here and it's gonna try to crack

29
00:01:54,820 --> 00:02:00,760
these passwords it should go through it pretty quick and I think at least one of them will fall oh we

30
00:02:00,760 --> 00:02:06,970
made the we made the app and password password too I actually had forgotten and then the Peter Parker

31
00:02:06,970 --> 00:02:07,620
or one of them.

32
00:02:07,630 --> 00:02:16,990
3 1 0 3 1 D came back as as a admin that is blank so it's possible that our admin actually is disabled

33
00:02:17,470 --> 00:02:22,750
when we see a blank account like this that means that the password is likely disabled so we might not

34
00:02:22,750 --> 00:02:27,430
be able to actually pass this around because that account has been disabled We could try to pass around

35
00:02:27,430 --> 00:02:32,740
password 1 and password 2 but we've now cracked both of these 2 and these are weak accounts so now we

36
00:02:32,740 --> 00:02:37,450
also have a good idea of what kind of passwords they're using in their environment and we get to take

37
00:02:37,450 --> 00:02:42,310
note of this and this is something that we can write in a report as a finding and just build off of

38
00:02:42,310 --> 00:02:42,930
this.

39
00:02:43,090 --> 00:02:44,740
It's always about passwords right.

40
00:02:44,740 --> 00:02:49,840
It really comes down to passwords and weak passwords are gonna get your network taken down so quick

41
00:02:49,870 --> 00:02:54,850
because there's so many different ways that we can capture hashes in a network that is just a matter

42
00:02:54,850 --> 00:02:58,970
of time before you do and then start trying to crack them or pass them around.

43
00:02:59,050 --> 00:03:01,380
So let's go ahead and meet up in the next video.

44
00:03:01,390 --> 00:03:05,170
When we tried to pass around a hash and then we'll talk mitigations after that.