Scub. 

ww.osix.net/modules/article/?i­d=455 check this u all for help. its good.

Ok I'm lost. got jtr running hash loaded and nothing till i hit enter the new word?? also this is screwing my head up lol iiii willll winnnn thissss lol

any help on the running of jtr will be Gratefully appreciated thanks.

@manchesterremix I will try to make a JTR video shortly. However, I am pretty busy with school at the moment.

@EXNJ3st3r Top one, I think I have It working but its slow. think i may need a petter word list? or is the one that is with jtr ok? ....good luck with school.

cain and able says "the length of the md5 hash must be exactly 16 bits long"

I figured out mission 3

@PanFascist85 I've finished up to mission 5 but haven't had time to make the videos for them.

Any way I could get your wordlist for this?

Been running a bruteforce on Ubuntu for hours, no results

@frodo6695 I used the Cain and Abel word list for this. If that doesn't work just google wordlist and there should be a 2gb wordlist near the top of your search.

@frodo6695 I used the Cain and Abel word list for this.

What article is that you're showing at 1:22 about RFI?

@ChRiSiMoN It was posted on the HaxMe boards. I will see if I can find it on my laptop when I get home.

yo wen eva i do the missions it doesnt start

at the same homepage as urs

u try it go back to haxme and do web 2 again look its differnt

plz help

You must be mistaken. This is web mission 2 - investive. I did just go back and log in and it is exactly the same as it was before.

cool dude i just re did it it wos probably down and not working for me and u were the only help i could find

peace out

And I've just done the mission again the way I explained it and it's exactly the same.

wow, lol I had to resort to downloading a 1.5 million word wordlist just to get the password

Lol. At least you got it :-p

@EXNJ3st3r I have Jkain because thats what cwade sed to use for hashes but it doesn't recognise it

@jaws0222 JKain should work. But I haven't used it. If you can't get it to work use Cain or there is another one that should work but I don't recall what it is.

Also a suggestion...I noticed you showing the legit way to get authorization, but maybe make a note about the pointer used in the source file. window.location pointing to a....well, a location. These can be useful when spidering through pages. Just a thought =)

One thing I might suggest with this video is a description of how you knew it was on a unix server....aside from the obvious pointers in this mission. In real life scenarios the only way I'd know is trial and error.

you make it when you do ./unshadow SHADOW FILE PASSWDFILE > crack.db

The > crack.db section of the command is telling the computer that whatever results it gets to put it in a file called crack.db

when i do that and then do cat crack.db it shows me the shadow file, not all that stuff it showed u in the video

@nc1614 Your Welcome :)

What theme do you have on firefox?

@chroniccommandpois0n heaven.cube

@EXNJ3st3r Nice theme i prefer Red Shift v3 though. btw how long should JTR take to crack this? its been running on my linux system for like 6 hours and hasn't cracked it and its slowing my whole system down

JTR using a dictionary file. Not even a minute. I tried bruteforcing it first and that hogged my computer resources and didn't crack it in at least 20 minutes.

Oh and I'm a sucker for themes that are blue :p