In this tutorial, we're going to work with Metasploitable to show you how to locate and crack password hashes stored in a MySQL database.
Use Metasploitable in the cloud for free at CTF365. Just sign up for a free account at http://CTF365.com, connect to the VPN, and then follow our Metasploitable tutorials.
To complete this tutorial, you need root access to the Metasploitable server. We covered this in a previous Metasploitable tutorial called how to exploit a misconfigured NFS server. You can watch it here: