Prompt
Our analysts have obtained password dumps storing hacker passwords. After obtaining a few plaintext passwords, it appears that they are all in the format: "SKY-HQNT-" followed by 4 digits. Can you crack them?
Walk-Through
These passwords can be cracked using hashcat with a mask of SKY-HQNT-?d?d?d?d
Refer to the walkthrough for the Rockyou challenge for more introductory information and resources on cracking passwords.
Guide
First, add all of the hashes for this challenge to a text document and save it as hash.txt. Next, use command-line or online tools to identify the type of the given hashes.
The only thing missing is how to craft our command to use the password format ("SKY-HQNT-”) given in the prompt. Learning more about the mask attack setting in hashcat will be helpful to understanding how to craft the attack.
Refer to official documentation where possible.
According to the hashcat wiki on mask attacks, we can see all possible combinations of SKY-HQNT-0000 through SKY-HQNT-9999 if ?d is used to represent each of the unknown numbers in the password as follows: ‘SKY-HQNT-?d?d?d?d’. This is essentially brute-forcing the password, which is why both are discussed together in the documentation.
Solution
Use this command to crack the hashes:
hashcat -m 0 -a 3 ./hash.txt 'SKY-HQNT-?d?d?d?d'hash.txt : the file location + file name that has the hashes hashcat will try to crack
-m 0 : uses hash-mode 0 — indicates the hashes are MD5 hashes
-a 3 : indicates a brute-force/mask attack
‘SKY-HQNT-?d?d?d?d’ : hashcat should attempt passwords with a different digit in the place of each ?d
hashcat does not preserve the original hash order. Always verify each cracked hash matches the correct question before submitting!
Useful resources for this challenge:
- Hashcat mask attack: https://hashcat.net/wiki/doku.php?id=mask_attack
- Use the Tutorial Video below
Tutorial Video
Watch our full Tutorial Video to learn more about hashed passwords, salted hashes and password cracking AND to see a walkthrough of how to solve this challenge:
Questions
71b816fe0b7b763d889ecc227eab400a
674291170dffcf620bda2a604a6820ea
06f03267f31077d2c4b5c728472070ae
d866f4b3b34b598375149fb7661113ab
d9053951a8d1c15254b46ec9fc974a6b
©️ 2026 Cyber Skyline. All Rights Reserved. Unauthorized reproduction or distribution of this copyrighted work is illegal.