The default strength for new passwords created on cPanel and WHM looks to be 65.
Note that increasing the strength should not disable any passwords that are under the threshold.

The default strength for new passwords created on cPanel and WHM looks to be 65.
Note that increasing the strength should not disable any passwords that are under the threshold.
The regular command to reset the password for a NextCloud user does not work when NextCloud is installed from a snap package.
$ sudo -u www-data php /var/www/nextcloud/occ user:resetpassword admin Could not open input file: /var/www/nextcloud/occ
The reason is that NextCloud is located in “/snap/nextcloud”
Unfortunately the occ file is not located in /snap/nextcloud/current/
However, you can run the nextcloud.occ command directly without specifying the path. Change admin to your user.
sudo nextcloud.occ user:resetpassword admin
Type in the new password twice and login.
Use a wordlist and best64 rules to try and crack a wordpress hash. Using rockyou.txt as an example.
-m Specifies the hash type
hashcat -m 400 wordpress.hash -r rules/best64.rule wordlist/rockyou.txt
wordpress.hash is a text file that contains the password hash. You can list multiple hashes in the file
Example contents of file
bob@localhost:~$ cat wordpress.hash
$P$BeJ2ZWVgSx/rR8ifcTFyjq1ouCCWwu0
bob@localhost:~$
Attempt every 8 numeric combination for a WPA2 key.
hashcat -m 2500 -a3 capture.hccapx ?d?d?d?d?d?d?d?d
You can swap out the ?d from the above command with any of the built in character sets below.
? | Charset ===+========= l | abcdefghijklmnopqrstuvwxyz u | ABCDEFGHIJKLMNOPQRSTUVWXYZ d | 0123456789 h | 0123456789abcdef H | 0123456789ABCDEF s | !"#$%&'()*+,-./:;<=>?@[\]^_`{|}~ a | ?l?u?d?s b | 0x00 - 0xff
More information
https://hashcat.net/wiki/doku.php?id=cracking_wpawpa2
Rule based attacks are recommended
https://hashcat.net/wiki/doku.php?id=rule_based_attack
apt install hashcat
bob@localhost:~/$ dmesg ... [ 1057.776074] sd 0:0:0:0: [sda] Write Protect is off [ 1057.776074] sd 0:0:0:0: [sda] Mode Sense: 43 00 00 00 [ 1057.776593] sd 0:0:0:0: [sda] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA [ 1057.780234] sda: sda1 [ 1057.783346] sd 0:0:0:0: [sda] Attached SCSI removable disk bob@localhost:~/$
From the above we see that the drive we just pluGged into the system is “sda” so our path and partition is “/dev/sda1”
The following command will run hashcat against “/dev/sda1”, change if the encrypted partition is different. Mode is to brute force every 8 numeric character combination. Refer to the following link to learn more about mask attacks.
https://hashcat.net/wiki/doku.php?id=mask_attack
Note: You should be able to dump the header and work off of that as well.
sudo hashcat -a 3 -m 14600 /dev/sda1 ?d?d?d?d?d?d?d?d
Install crunch and then generate a word list with the following command. The 8 8 tells crunch to generate combinations that have a minimum and maximum length of 8. All the numbers from 1-0 tells crunch to use these characters, -o writes to output file.
Change options if desired.
crunch 8 8 1234567890 -o 8numberchars.lst
Further reading. https://tools.kali.org/password-attacks/crunch
Hydra is a network login cracker. You’ll need a password list and username(s) to get started.
Install Hydra
sudo apt-get install -y hydra
Launch against device
Change the IP address to the target IP
Change ubnt to target Username
Change password.lst to your password list file
SSH Example
hydra -l ubnt -P password.lst 192.168.1.20 ssh
Run hydra -h to get the full help.
Alfred@localhost:~$ hydra -h Hydra v8.6 (c) 2017 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes. Syntax: hydra [[[-l LOGIN|-L FILE] [-p PASS|-P FILE]] | [-C FILE]] [-e nsr] [-o FILE] [-t TASKS] [-M FILE [-T TASKS]] [-w TIME] [-W TIME] [-f] [-s PORT] [-x MIN:MAX:CHARSET] [-c TIME] [-ISOuvVd46] [service://server[:PORT][/OPT]] Options: -R restore a previous aborted/crashed session -I ignore an existing restore file (don't wait 10 seconds) -S perform an SSL connect -s PORT if the service is on a different default port, define it here -l LOGIN or -L FILE login with LOGIN name, or load several logins from FILE -p PASS or -P FILE try password PASS, or load several passwords from FILE -x MIN:MAX:CHARSET password bruteforce generation, type "-x -h" to get help -y disable use of symbols in bruteforce, see above -e nsr try "n" null password, "s" login as pass and/or "r" reversed login -u loop around users, not passwords (effective! implied with -x) -C FILE colon separated "login:pass" format, instead of -L/-P options -M FILE list of servers to attack, one entry per line, ':' to specify port -o FILE write found login/password pairs to FILE instead of stdout -b FORMAT specify the format for the -o FILE: text(default), json, jsonv1 -f / -F exit when a login/pass pair is found (-M: -f per host, -F global) -t TASKS run TASKS number of connects in parallel per target (default: 16) -T TASKS run TASKS connects in parallel overall (for -M, default: 64) -w / -W TIME wait time for a response (32) / between connects per thread (0) -c TIME wait time per login attempt over all threads (enforces -t 1) -4 / -6 use IPv4 (default) / IPv6 addresses (put always in [] also in -M) -v / -V / -d verbose mode / show login+pass for each attempt / debug mode -O use old SSL v2 and v3 -q do not print messages about connection errors -U service module usage details -h more command line options (COMPLETE HELP) server the target: DNS, IP or 192.168.0.0/24 (this OR the -M option) service the service to crack (see below for supported protocols) OPT some service modules support additional input (-U for module help) Supported services: adam6500 asterisk cisco cisco-enable cvs firebird ftp ftps http[s]-{head|get|post} http[s]-{get|post}-form http-proxy http-proxy-urlenum icq imap[s] irc ldap2[s] ldap3[-{cram|digest}md5][s] mssql mysql nntp oracle-listener oracle-sid pcanywhere pcnfs pop3[s] postgres radmin2 rdp redis rexec rlogin rpcap rsh rtsp s7-300 sip smb smtp[s] smtp-enum snmp socks5 ssh sshkey svn teamspeak telnet[s] vmauthd vnc xmpp Hydra is a tool to guess/crack valid login/password pairs. Licensed under AGPL v3.0. The newest version is always available at http://www.thc.org/thc-hydra Don't use in military or secret service organizations, or for illegal purposes. These services were not compiled in: afp ncp oracle sapr3. Use HYDRA_PROXY_HTTP or HYDRA_PROXY environment variables for a proxy setup. E.g. % export HYDRA_PROXY=socks5://l:p@127.0.0.1:9150 (or: socks4:// connect://) % export HYDRA_PROXY=connect_and_socks_proxylist.txt (up to 64 entries) % export HYDRA_PROXY_HTTP=http://login:pass@proxy:8080 % export HYDRA_PROXY_HTTP=proxylist.txt (up to 64 entries) Examples: hydra -l user -P passlist.txt ftp://192.168.0.1 hydra -L userlist.txt -p defaultpw imap://192.168.0.1/PLAIN hydra -C defaults.txt -6 pop3s://[2001:db8::1]:143/TLS:DIGEST-MD5 hydra -l admin -p password ftp://[192.168.0.0/24]/ hydra -L logins.txt -P pws.txt -M targets.txt ssh
Open a command prompt and run the following command.
netsh wlan show profiles name=* key=clear > Desktop\Passkeys.txt
You can now open up the Passkeys.txt file and view all your saved networks.
If you just need to view one network, you can refer to this link.
Basic steps are as follows.
After installing OpenVAS you may need to setup a user. Running the following command will create the user admin and will print the password for the user below.
openvasmd --create-user admin
Example output.
User created with password 'b4539967-c521-fe41-d255-aeb53e735h9a'.
If needed you can delete a user with the following command
openvasmd --delete-user=USERNAME
The following template can be used to set the user name and passwords for cambium pmp gear. Create a new template in cnMaestro, past in the following, change the passwordEncrypted to the hash of your password and run the config.
You can get the hashed password by pulling it out of a current radio config.
{ "userParameters": { "authenticationConfig": { "accounts": [ { "userName": "admin", "level": 3, "readOnly": false, "passwordEncrypted": "188a934e0246ae248da19400fed83107a" }, { "userName": "root", "level": 3, "readOnly": false, "passwordEncrypted": "188a934e0246ae248da19400fed83107a" } ] } } }