Password Mutations

ℹ️ Informations¶

🌐 Website: HackTheBox
📚 Module: Password Attacks
🔗 Link: Password Mutations

❓Question¶

Create a mutated wordlist using the files in the ZIP file under "Resources" in the top right corner of this section. Use this wordlist to brute force the password for the user "sam". Once successful, log in with SSH and submit the contents of the flag.txt file as your answer.

📋 Walkthrough¶

Use the command provided to generate mutation list. Now we can use the mutated wordlist to brute force the SSH login for the user sam. You can use a tool like Hydra to attempt this:

hydra -l sam -P mut_password.list ssh://10.129.217.57

It takes a lot of time. Once the correct password is found, use SSH to log in as the user sam:B@t********. Flag is in folder smb

Answer

[REDACTED]