Class 4 Lab 2 ‐ RAR and Hash Cracking - Justin-Boyd/Ethical-Hacking-Class GitHub Wiki

Task 1: Extract the Hash Value

Step 1

Make sure the Kali VM is running on bridged/NAT for internet access

Step 2

Copy the attached file (called CrackMe.rar) to the Kali machine’s Documents folder. Try to extract the file and verify it is password-protected.

Step 3

Navigate to the document’s location (this may be different from the screenshot below, depending on where you placed the file) to extract the hash value of the password from the archive using rar2john (this was introduced in EH-04).

rar2john CrackMe.rar > Hash.txt

Step 4

To show what is in the Hash.txt file, use cat.

cat Hash.txt

Task 2: Crack the Hash

Step 1

Before cracking the hash value, we need to navigate to /usr/share/wordlists to unzip rockyou.txt. Use the gzip -d rockyou.txt.gz command.

cd /usr/share/wordlists
gzip -d rockyou.txt.gz

Step 2

Crack the hash value in the file you saved in task 1. Use the John the Ripper command john --wordlist=/usr/share/wordlists/rockyou.txt Hash.txt to Bruteforce the hash.

john --wordlist=/usr/share/wordlists/rockyou.txt Hash.txt
john -- show Hash.txt

Step 3

Now that you have found the password, open the MD5 Flag.txt file.

Step 4

Use https://www.md5online.org/md5-decrypt.html to decrypt the hash to plain text.