API tools faq
paste
Advertisement
Guest User

FetishCoconut

a guest
Aug 21st, 2017
547
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.22 KB | None | 0 0
raw download clone embed print report
  1. _____ _ ___ ____ _
  2. |_ _(_) __ _ _ __ ___ |_ _|___ | _ \ ___ __ _ _ _ ___ | |
  3. | | | |/ _` | '__/ _ \ | |/ __| | |_) / _ \ / _` | | | |/ _ \ | |
  4. | | | | (_| | | | __/ | |\__ \ | _ < (_) | (_| | |_| | __/ |_|
  5. |_| |_|\__, |_| \___| |___|___/ |_| \_\___/ \__, |\__,_|\___| (_)
  6. |___/ |___/
  7.  
  8. ┌─[✗]─[lulztigre@parrot]─[~]
  9. └──╼ $sudo bash swap_digger/swap_digger.sh -x
  10. [sudo] password for lulztigre:
  11.  
  12. - SWAP Digger -
  13.  
  14. [+] Looking for swap partition
  15. -> Found swap at /dev/sda6
  16. [+] Dumping swap strings in /tmp/swap_dig/swap_dump.txt ... (this may take some time)
  17.  
  18.  
  19. ==== Linux system accounts ===
  20.  
  21. [+] Digging linux accounts credentials... (pattern attack)
  22. -> lulztigre:passwordintentionallyleftblankbecausereasonsandwhatnot
  23. Passwords not found. Attempt dictionary based attack? (Can last from 5 minutes to several hours depending on swap usage) [y/n] n
  24.  
  25. Passwords not found. John was detected on the system, attempt to crack /etc/shadow based on dumped swap wordlist? [y/n] y
  26.  
  27. [+] Digging linux accounts credentials method 3... (John attack)
  28. [+] Cracking linux account passwords using John.
  29. [-] Generating wordlist file...
  30. [-] Cracking /etc/shadow using wordlist... (This may take some time)
  31. Warning: detected hash type "sha512crypt", but the string is also recognized as "crypt"
  32. Use the "--format=crypt" option to force loading these as that type instead
  33. Using default input encoding: UTF-8
  34. Loaded 2 password hashes with 2 different salts (sha512crypt, crypt(3) $6$ [SHA512 128/128 XOP 2x])
  35. Remaining 1 password hash
  36. Press 'q' or Ctrl-C to abort, almost any other key for status
  37.  
  38. 0g 0:00:07:33 DONE (2017-08-21 11:18) 0g/s 482.0p/s 482.0c/s 482.0C/s !!!ZZZCCCDDD..ZZZZZZZZZZZZZZZZ
  39. Session completed
  40. -> lulztigre:passwordintentionallyleftblankbecausereasonsandwhatnot:17257:0:99999:7:::
  41. -> 1 password hash cracked, 1 left
  42. Do you wan to delete john pot? [y/n]
  43.  
  44. ==== Web entered passwords and emails ===
  45.  
  46. [+] Looking for web passwords method 1 (password in GET/POST)...
  47. -> =%27or+1%3D1+limit+1+%3B%23&password=%27or+1%3D1+limit+1+%3B%23
  48. -> username=%27or+1%3D1+limit+1+%3B%23&password=%27or+1%3D1+limit+1+%3B%23
  49.  
  50. [+] Looking for web passwords method 2 (JSON) ...
  51.  
  52. [+] Looking for web passwords method 3 (HTTP Basic Authentication) ...
  53.  
  54. [+] Looking for web entered emails...
  55. -> "test@mail.ru";
  56.  
  57.  
  58. ==== XML data ===
  59.  
  60. [+] Looking for xml passwords ...
  61.  
  62.  
  63. ==== WiFi ===
  64.  
  65. [+] Looking for wifi access points...
  66. [-] Potential wifi network list this computer accessed to:
  67.  
  68. [+] Looking for potential Wifi passwords....
  69. [-] Potential wifi password list (use them to crack above networks)
  70.  
  71. [+] Looking for potential Wifi passwords method 2....
  72. [-] Potential wifi password list (use them to crack above networks)
  73.  
  74.  
  75. ==== Mining most accessed resources ===
  76.  
  77. [+] TOP 30 HTTP/HTTPS URLs (domains only)
  78. -> 3194 http://www.it-ebooks.info
  79. -> 2197 http://freedesktop.org # never visited
  80. -> 363 http://www.freedesktop.org # this either
  81. -> 298 http://libvirt.org # or this
  82. -> 294 http://www.w3.org # nor this
  83. -> 244 https://www.facebook.com
  84. -> 221 http://creativecommons.org # tf is this
  85. -> 205 http://ns.adobe.com # never used adobe
  86. -> 163 http://127.0.0.1
  87. -> 158 http://purl.org # wuuuut??
  88. -> 133 http://udisks.freedesktop.org ###
  89. -> 89 https://www.google.com
  90. -> 86 http://www.oreilly.com # visited just once
  91. -> 81 http://www.inkscape.org # no idea
  92. -> 80 http://www.python.org
  93. -> 71 https://www.catcert.net # ???
  94. -> 63 http://cert.startcom.org # cert what?
  95. -> 59 https://github.com
  96. -> 59 http://www.packagekit.org # no idea
  97. -> 57 http://crl.comodoca.com # sounds like commodore
  98. -> 56 https://wiki.gnome.org # i am a mate dude
  99. -> 53 http://pki.google.com # pk what??
  100. -> 50 http://repository.swisssign.com # swisscoin?
  101. -> 50 http://www.gnome.org # once again mate dude
  102. -> 49 http://crl.comodo.net # comodore 65?
  103. -> 48 http://example.com # is this even a real thing
  104. -> 48 http://www.e-szigno.hu # why do i feel like this is some anime shii
  105. -> 48 http://www.startssl.com # ?????????????
  106. -> 47 http://www.chambersign.org1 # oxlade chamberlain of arsenal ?? i am a united folk
  107. -> 45 http://www.accv.es # ?
  108.  
  109.  
  110. [+] TOP 30 FTP URLs
  111. -> 5 ftp://ftp.unicode.org/
  112.  
  113.  
  114. [+] TOP 30 .onion urls
  115. ##### i do go here frequently tbh!!!
  116.  
  117.  
  118. [+] TOP 30 files
  119. -> 432 file:///home/lulztigre
  120. -> 73 file:///home/lulztigre/.cache
  121. -> 71 file:///usr/share
  122. -> 65 file:///usr/share/u3-pwn/src/banner.py
  123. -> 62 file:///usr/share/u3-pwn/u3-pwn.py
  124. -> 61 file:///home/lulztigre/DesktopBackground/naruto-uzumaki-11-nextsegment.com-.png
  125. -> 60 file:///media/lulztigre/FC7C61947C614B0A
  126. -> 56 file:///usr/share/u3-pwn/src/deviceinfo.py
  127. -> 54 file:///usr/share/u3-pwn/resource/hidden.vbs
  128. -> 54 file:///usr/share/u3-pwn/src/customexe.py
  129. -> 47 file:///usr/share/urlcrazy/common-misspellings.rb
  130. -> 45 file:///usr/share/urlcrazy/country.rb
  131. -> 44 file:///usr/share/urlcrazy/urlcrazy
  132. -> 43 file:///
  133. -> 40 file:///home/lulztigre/Downloads
  134. -> 35 file:///usr/share/sqlmap/waf/360.py
  135. -> 32 file:///usr/share/sqlmap/waf/cloudflare.py
  136. -> 30 file:///usr/share/sqlmap
  137. -> 29 file:///media/lulztigre/D2AA1941AA19238F
  138. -> 28 file:///home/lulztigre/.conky/Green%20Apple%20Desktop
  139. -> 25 file:///usr/share/sqlmap/sqlmap.py
  140. -> 24 file:///usr/share/sqlmap/lib
  141. -> 24 file:///usr/share/sqlmap/lib/techniques/blind/inference.py
  142. -> 20 file:///home/lulztigre/Cryptolocker-1.0.0/Cryptolocker-1.0.0/WindowsFormsApplication1
  143. -> 20 file:///usr/share/u3-pwn/src
  144. -> 18 file:///usr/share/sqlmap/waf
  145. -> 17 file:///home/lulztigre/Cryptolocker-1.0.0/Cryptolocker-1.0.0
  146. -> 15 file:///home/lulztigre/Cryptolocker-1.0.0/Cryptolocker-1.0.0/Generate%20RSA%20Key
  147. -> 15 file:///usr/share/sqlmap/extra
  148.  
  149.  
  150. [+] TOP 30 smb shares
  151. -> 4 smb:///
  152. -> 3 smb://WORKGROUP
  153. -> 2 smb://foo.example.com
  154.  
  155.  
  156. [+] TOP 30 IP addresses (lots of false positives, ex. file versions)
  157. -> 3463 46.46.46.46
  158. -> 2211 2.5.4.10
  159. -> 1996 2.5.4.3
  160. -> 1957 2.5.4.6
  161. -> 1256 2.5.4.11
  162. -> 1027 2.5.29.19
  163. -> 980 2.5.29.14
  164. -> 957 2.5.29.15
  165. -> 627 127.0.0.1
  166. -> 399 2.5.4.7
  167. -> 340 2.5.29.35
  168. -> 207 2.5.4.8
  169. -> 140 2.5.29.31
  170. -> 136 2.5.29.32
  171. -> 113 4.3.2.1
  172. -> 92 2.3.2.2
  173. -> 66 0.7.9.1
  174. -> 61 2.5.29.17
  175. -> 60 1.3.6.1
  176. -> 48 5.5.7.1
  177. -> 44 192.0.2.0
  178. -> 38 0.0.0.0
  179. -> 33 2.16.840.1
  180. -> 30 35.46.46.46
  181. -> 28 2.5.4.5
  182. -> 25 192.168.43.1
  183. -> 25 71.71.71.71
  184. -> 20 06.16.18.17
  185. -> 20 192.0.2.1
  186. -> 18 2.5.29.33
  187.  
  188. SWAP Digger end, byebye!
  189.  
  190. /home/lulztigre
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!