[root-me]Command & Control Level 5

The goal from the challenge was to get the password of user JohnDoe from a given memory dump,so lets get started

First, get Hashdump using the great Volatility :

root@kaliLinux:~/rootme# python /root/networkpentest/volatility-2.4/vol.py -f ch2.dmp --profile=Win7SP0x86 hashdump

Volatility Foundation Volatility Framework 2.4
Administrator:500:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
Guest:501:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
John Doe:1000:aad3b435b51404eeaad3b435b51404ee:b9f917853e3dbf6e6831ecce60725930:::

Then use john to crack John Doe Password :

root@kaliLinux:~/rootme# john ./pwlist --format=nt --wordlist=/root/rockyou.txt
Created directory: /root/.john
Loaded 1 password hash (NT MD4 [128/128 X2 SSE2-16])
-> passw0rd         (John Doe)
guesses: 1  time: 0:00:00:00 DONE (Thu Jan  8 13:53:58 2015)  c/s: 16000
Advertisements

5 thoughts on “[root-me]Command & Control Level 5

  1. Hello,

    you’ve published several solutions to Root-Me’s challenges.
    As it’s written in the legal disclaimer, documents published on the site are covered by copyrights. Any retaking is conditioned to the respect of the intellectual property considering the authors and assignees.

    That’s why the publishing of solutions, with a free access outside of the portal, is not allowed.

    So, we ask you to remove this content.
    If it’s not the case in a delay of 7 days, we will lock your account on our portal.

    Root-Me already offers you to share solutions with other players directly on the website but respectfully for those who didn’t validate challenges.
    These rules are here in order to keep an user-friendly and emulating spirit and to learn infosec together with fun.

    You can find more infos at:
    http://www.root-me.org/en/Informations/Legal-Disclaimer/
    http://www.root-me.org/en/breve/Public-solutions-and-cheating

    Thank you in advance for your action,
    Faithfully,
    Root-Me team

    Like

  2. Hello,

    we have detected that you’ve published several solutions to Root-Me’s challenges in this blog.

    As it’s written in the legal disclaimer, documents published on the site are covered by copyrights. Any retaking is conditioned to the respect of the intellectual property considering the authors and assignees.

    That’s why the publishing of solutions, with a free access outside of the portal, is not allowed.

    So, we ask you to remove this content.
    If it’s not the case in a delay of 7 days, we will lock your account on our portal.

    Root-Me already offers you to share solutions with other players directly on the website but respectfully for those who didn’t validate challenges.
    These rules are here in order to keep an user-friendly and emulating spirit and to learn infosec together with fun.

    You can find more infos at:
    http://www.root-me.org/en/Informations/Legal-Disclaimer/
    http://www.root-me.org/en/breve/Public-solutions-and-cheating

    Thank you in advance for your action,
    Faithfully,

    Root-Me team

    Liked by 1 person

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s