Prompt

Our analysts have obtained password dumps storing hacker passwords. After obtaining a few plaintext passwords, it appears that they are all in the format: "SKY-HQNT-" followed by 4 digits. Can you crack them?

Walk-Through

These passwords can be cracked using hashcat with a mask of SKY-HQNT-?d?d?d?d

Refer to the walkthrough for the Rockyou challenge for more introductory information and resources on cracking passwords.

Guide

First, add all of the hashes for this challenge to a text document and save it as hash.txt. Next, use command-line or online tools to identify the type of the given hashes.

The only thing missing is how to craft our command to use the password format ("SKY-HQNT-”) given in the prompt. Learning more about the mask attack setting in hashcat will be helpful to understanding how to craft the attack.

🚧

Refer to official documentation where possible.

According to the hashcat wiki on mask attacks, we can see all possible combinations of SKY-HQNT-0000 through SKY-HQNT-9999 if ?d is used to represent each of the unknown numbers in the password as follows: ‘SKY-HQNT-?d?d?d?d’. This is essentially brute-forcing the password, which is why both are discussed together in the documentation.

Solution

Use this command to crack the hashes:

hashcat -m 0 -a 3 ./hash.txt 'SKY-HQNT-?d?d?d?d'

hash.txt : the file location + file name that has the hashes hashcat will try to crack

-m 0 : uses hash-mode 0 — indicates the hashes are MD5 hashes

-a 3 : indicates a brute-force/mask attack

‘SKY-HQNT-?d?d?d?d’ : hashcat should attempt passwords with a different digit in the place of each ?d

Partial output of successful recovery shown. Cracked passwords have been redacted.

🚧

hashcat does not preserve the original hash order. Always verify each cracked hash matches the correct question before submitting!

Useful resources for this challenge:

Hashcat mask attack: https://hashcat.net/wiki/doku.php?id=mask_attack
Use the Tutorial Video below

Tutorial Video

Watch our full Tutorial Video to learn more about hashed passwords, salted hashes and password cracking AND to see a walkthrough of how to solve this challenge:

NCL Summer Live - Cracking Password Hashes - Aug 19 2021

Learn tips and tools of the trade with the National Cyber League's NCL Summer Live video tutorial series. This episode covers how to approach cracking password hashes; Password Cracking is one of the 9 NCL competition categories. Franz Payer, CEO of Cyber Skyline explains the basics of what is a hash; how password hashes work; the types of hashes, including salted hashes, and various tools available to crack password hashes. He finishes up with a live demo in the NCL Practice Gym for you to follow along. The National Cyber League, powered by Cyber Skyline, is a bi-annual, all-virtual cybersecurity student competition, advancing hands-on skills and knowledge. Check the website at nationalcyberleague.org for details.

www.youtube.com

NCL Summer Live - Cracking Password Hashes - Aug 19 2021

Mask

Prompt

Walk-Through

Guide

Solution

Tutorial Video

NCL Summer Live - Cracking Password Hashes - Aug 19 2021

Questions

71b816fe0b7b763d889ecc227eab400a

674291170dffcf620bda2a604a6820ea

06f03267f31077d2c4b5c728472070ae

d866f4b3b34b598375149fb7661113ab

d9053951a8d1c15254b46ec9fc974a6b