PrivEsc
$2a$10$VM6EeymRxJ29r8Wjkr8Dtev0O.1STWb4.4ScG.anuu7v0EFJwgjjOPasswords are in a standard linux format: $type$salt$hash
$2a$ here means blowfish which is an encryption algorithm with a key. Previously we learned that there is a password reuse which is a variation of PleaseSubscribe!
With that knowledge we can try to crack it using hashcat and creating a file called pass with the above string and running it with 'rule':
hashcat -m 3200 root pass -r /usr/share/hashcat/rules/best64.ruleWe get a password: PleaseSubscribe!21
Last updated