Update Task 4 Recognizing password hashes.md

yen5004 · Dec 19, 2024 · f54a1bd · f54a1bd
1 parent 54d4311
commit f54a1bd
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/Task 4 Recognising password hashes.md b/Task 4 Recognising password hashes.md
@@ -1,10 +1,10 @@
 Automated hash recognition tools such as https://pypi.org/project/hashID/ exist, but they are unreliable for many formats. For hashes that have a prefix, the tools are reliable. Use a healthy combination of context and tools.  If you found the hash in a web application database, it's more likely to be md5 than NTLM. Automated hash recognition tools often get these hash types mixed up, which highlights the importance of learning yourself.
 
-Unix style password hashes are very easy to recognise, as they have a prefix. The prefix tells you the hashing algorithm used to generate the hash. The standard format is$format$rounds$salt$hash.
+Unix style password hashes are very easy to recognise, as they have a prefix. The prefix tells you the hashing algorithm used to generate the hash. The standard format is **`$format$rounds$salt$hash`**.
 
 Windows passwords are hashed using NTLM, which is a variant of md4. They're visually identical to md4 and md5 hashes, so it's very important to use context to work out the hash type.
 
-On Linux, password hashes are stored in /etc/shadow. This file is normally only readable by root. They used to be stored in /etc/passwd, and were readable by everyone.
+On Linux, password hashes are stored in **`/etc/shadow`**. This file is normally only readable by root. They used to be stored in **`/etc/passwd`**, and were readable by everyone.
 
 On Windows, password hashes are stored in the SAM. Windows tries to prevent normal users from dumping them, but tools like mimikatz exist for this. Importantly, the hashes found there are split into NT hashes and LM hashes.