• Etehen

TryHackMe - Crack the hash

En son güncellendiği tarih: 6 Eyl 2020

Everything shown on our site is for educational purposes. It should not be used in illegal ways. If used, the responsibility belongs to the person.

https://tryhackme.com https://tryhackme.com/room/crackthehash


Today I'm gonna show you how to crack the hashes and complete the TryHackMe room named "Crack the hash". You can use an online hash cracker like https://crackstation.net/ but we will use a tool called Hashcat. It's an amazing tool but it can be a little bit difficult to use especially for beginners. Make sure to read our writing about Hashcat (not completed yet).

For this room, we don't need to connect to our network using OpenVPN. We just need our tools.

We will use "rockyou.txt" for every cracking process.


First, we need to identify the hashing algorithms. You can use an online tool like https://hashes.com/en/tools/hash_identifier but I recommend using hash-identifier which is already installed on Kali Linux. Here's an example syntax:

hash-identifier (hash)

Task 1-1

Hash: 48bb6e862e54f2a795ffc4e541caed4d

Algorithm: MD5

hashcat -m 0 48bb6e862e54f2a795ffc4e541caed4d /usr/share/wordlists/rockyou.txt

Task 1-2

Hash: CBFDAC6008F9CAB4083784CBD1874F76618D2A97

Algorithm: SHA-1

hashcat -m 100 CBFDAC6008F9CAB4083784CBD1874F76618D2A97 /usr/share/wordlists/rockyou.txt

Task 1-3

Hash: 1C8BFE8F801D79745C4631D09FFF36C82AA37FC4CCE4FC946683D7B336B63032

Algorithm: SHA-256

hashcat -m 1400 1C8BFE8F801D79745C4631D09FFF36C82AA37FC4CCE4FC946683D7B336B63032 /usr/share/wordlists/rockyou.txt

Task 1-4

Hash: $2y$12$Dwt1BZj6pcyc3Dy1FWZ5ieeUznr71EeNkJkUlypTsgbX1H68wsRom

Algorithm: bcrypt $2*$, Blowfish (Unix)

hashcat -m 3200 $2y$12$Dwt1BZj6pcyc3Dy1FWZ5ieeUznr71EeNkJkUlypTsgbX1H68wsRom /usr/share/wordlists/rockyou.txt

Task 1-5

Hash: 279412f945939ba78ce0758d3fd83daa

Algorithm: MD4

hashcat -m 900 279412f945939ba78ce0758d3fd83daa /usr/share/wordlists/rockyou.txt

Task 2-1

Hash: F09EDCB1FCEFC6DFB23DC3505A882655FF77375ED8AA2D1C13F640FCCC2D0C85

Algorithm: SHA-256

hashcat -m 1400 F09EDCB1FCEFC6DFB23DC3505A882655FF77375ED8AA2D1C13F640FCCC2D0C85 /usr/share/wordlists/rockyou.txt

Task 2-2

Hash: 1DFECA0C002AE40B8619ECF94819CC1B

Algorithm: NTLM

hashcat -m 1000 1DFECA0C002AE40B8619ECF94819CC1B /usr/share/wordlists/rockyou.txt

Task 2-3

Hash: $6$aReallyHardSalt$6WKUTqzq.UQQmrm0p/T7MPpMbGNnzXPMAXi4bJMl9be.cfi3/qxIf.hsGpS41BqMhSrHVXgMpdjS6xeKZAs02.

Salt: aReallyHardSalt

Rounds: 5

Algorithm: sha512crypt $6$, SHA512 (Unix)

This might take some time

hashcat -m 1800 (hash.txt) /usr/share/wordlists/rockyou.txt

Task 2-4

Hash: e5d8870e5bdd26602cab8dbe07a942c8669e56d6

Salt: tryhackme

Algorithm: SHA-1

hashcat -m 110 e5d8870e5bdd26602cab8dbe07a942c8669e56d6:tryhackme /usr/share/wordlists/rockyou.txt

Due to TryHackMe's rules, I can't show you the answer but it is really easy to type or copy+ paste these commands. If you have any problems don't hesitate to ask it in the comments section. Never forget this: "TECHNOLOGY IS AN ART!!".

Son Paylaşımlar

Hepsini Gör