Password Challenge
Objective
The objective of this lab is to put your password hash cracking and text decoding skills to the test. This lab uses various encoding and hashing algorithms that you'll need to figure out.
It is a progressive lab, so the farther down the list the harder the passwords will be to crack. I'd venture to guess that some may even be unbreakable, but just like real life you can expect to run into hashes that cannot be cracked.
I'm asking you to try to get them all, but don't be disappointed if you are unable to.
The idea here it to get you thinking about how to evaluate a hash (or encoded text) and figure out the best tools and methods to crack (or decode) the hashes or encoded text into a string or the plaintext version of the password.
Materials
For the purposes of this lab, you will need the following:
- Time and patients and Google and some luck...just like EC01
- The list of encoded or hashed (or both) passwords below
- A large wordlist, perhaps a GPU, and john the ripper, oclhashcat, or any other hash cracking, text decoding tools you see fit to complete this mission
The Setup
We have been handed a file that contains a bunch of encoded text or hashed passwords and we need get these back into a readable plain text format. Some answers are text strings and others are the passwords that we will need to complete our investigation into an on-going matter at our client. To get credit you need to decipher the items in the list below. Note that each piece of encoded text or hashed password has a "level" next to each one. The level is indicative of the difficulty of the encoding or hash and more difficult decryption are worth more extra credit points. You're also free to use any tools at your disposal and are not limited to the tools we discuss in class or that are in the labs.
Unfortunately, the guy who pulled these from the systems under investigation won the PowerBall and quit. When he left he "air-dropped" a microphone and screamed "Seacrest, out!" We tried to stop him and ask for his notes on the case but he said something about an appointment to buy an island, walked off, and that's the last we heard from him.
Oh, and one more thing, in the event you need it, the user account name for each hash is "depaul" (not in quotes obviously). Also, the salt, unless you can see it in the hash itself, is "hello" (also, obviously not in quotes). Not every hash needs this information, but that's part of your job, to figure this out...
Here's the list:
Q1. (Level 0) - Gsrh lmv rh vzhb, z hrnkov zgyzhs vmxlwv. Gsv mvcg lmv'h zm vmxlwv zh dvoo, xzm blf urtfiv rg lfg?
Q2. (Level 1) - Sio ain cn, yums, lcabn? Hyrn ihy cm uh yhwixy um qyff - nbyh ih ni nby bulxyl koymncihm
Q3. (Level 1) - ZW5vdWdoIGVuY29kaW5nIGFmdGVyIHRoaXMsIG9uIHRvIGhhc2hlcy4gIHlvdSBhcmUgZ2 9pbmcgdG8gbmVlZCBhIGRlY2VudCB3b3JkbGlzdCBhbmQgc29tZSBwb3dlciB0byBnZXQg YWxsIG9mIHRoZSBoYXNoZXMuICBDb25zaWRlciB0aGFuIEkgdXNlZCBOVExNLCBkb21 haW4gY2FjaGVkLCBNRDUodW5peCksIHNoYTI1NmNyeXB0LCBhbmQgc2hhNTEyY3J5c HQgdG8gY3JlYXRlIHRoZSBoYXNoZXMsIHBsdXMgc29tZSBvdGhlciBmb3JtYXRzIHRoY XQgeW91J2xsIG5lZWQgdG8gZmlndXJlIG91dCBhdCB0aGUgZW5k
Q4. (Level 1) - 7a21990fcd3d759941e45c490f143d5f
Q5. (Level 2) - f4e61f523ae3dc73f55cf3227b5e7138
Q6. (Level 1) - $1$1toVu3pw$KasX5rAcEgyU6J3kvFdaM.
Q7. (Level 1) - $5$helloooo$2skkWHNtJoatQzUeigpO6h52zJ4BsGxzBJ0pHhrBPH5
Q8. (Level 2) - $5$helloooo$emr2mn7KebTBsRGoVZMJ53GYN2Yz./We5WkR.Yb9rb.
Q9. (Level 2) - $1$AMGdQZMu$oUpv70n6pzECtBWgkzOCv1
Q10. (Level 1) -
$6$helloooo$T2CRgIHDBgTpWARClHDcfAg1I9llipJfnvyKgjxd1pe5Nb8wVkE9BuWxChaJjg Sz3M3aeqMfdSGQAnTaibOE0/
Q12. (Level 2) -
$6$helloooo$02OtvcXrDaGblWygaXbMuZl7WNMv7SovNrxLxvZpFiu.w1puUuVXWQkpazY EoDCksDpKxTIuV1O96jHC.jdFH1
Q13. (Level 3) - $1$i9Xvdk.J$itPsQ3Aw/tSytR1guqSiC1
Q14. (Level 3) - $P$BROjlbx4FlCrENsKm8B9LKooWoepD21
Q15. (Level 3) - 11f4e97a0609eb99
Q16. (Level 4) - JDEkTHgxTDNKRWwkb0NwMTI4T01PZ1plSVVDVWxhTFo4MQ==
Q17. (Level 4) - c513158d4340c9fd6f85886ffabd4d42edb56a9f3770fdc0107ee5e51433a3d61692d0cdadc15e200 b6a9ef9279d0a2da780fb6d69553fb0ed0a541b88a19b15
Q18. (Level 5) - 1314009918a24a28466e84e31c3b8827
Q19. (Level 5) - 50 52 49 97 101 102 51 51 100 53 49 48 97 53 49 101 57 57 102 49 57 56 99
98 97 48 48 49 99 49 99 54
What you need to turn in
- A list of the hash/encoded text, the plaintext version of the text or password, the type of hash, and the method in which you cracked/deciphered it (i.e. john the ripper using the rockyou.txt wordlist). For the password hashes I'd also be interested, although not required, how long it took to crack the hash. If you're supplying that last piece of info you may need to tell me something about the system you were using, such as CPU/cores or GPU model. This information would probably be best in a spreadsheet of some kind, with columns of question number, original hash/encoded text, decoded hash/text, method, notes/additional info, etc.
- You will get credit for the items you complete, so it would be in your best interest to complete as much as possible and turn this in. Credit will be given based on the difficulty and number of these you complete.
Attachment:- NetworkMiner.rar