TryHackMe: Crack the hash Writeup

The room: “Cracking hashes challenges”
https://tryhackme.com/room/crackthehash

Tools Used

Hashcat is the world’s fastest and most advanced password recovery utility, supporting five unique modes of attack for over 300 highly-optimized hashing algorithms.

The -m parameter is used to specify the hash type. Hash mods are available here. The hash modes to be used in Room are as follows:

-m 0: MD5

-m 100: SHA1

-m 160: HMAC-SHA1 (key = $salt)

-m 1000: NTLM

-m 1400: SHA2-256

-m 1800: sha512crypt $6$, SHA512 (Unix) ²

-m 3200: bcrypt $2*$, Blowfish (Unix)

Hash Identifier: Software to identify the different types of hashes used to encrypt data and especially passwords.

CrackStation: uses massive pre-computed lookup tables to crack password hashes.

Hashes

Used wordlist

Rockyou.txt was used for hashcat tool.

Task 1: Level 1

1.1. 48bb6e862e54f2a795ffc4e541caed4d

hashcat -m 0 -a 0 md5.txt rockyou.txt

easy

1.2. CBFDAC6008F9CAB4083784CBD1874F76618D2A97

hashcat -m 100 -a 0 SHA-1.txt rockyou.txt

password123

1.3. 1C8BFE8F801D79745C4631D09FFF36C82AA37FC4CCE4FC946683D7B336B63032

hashcat -m 1400 -a 0 SHA-256.txt rockyou.txt

letmein

1.4. $2y$12$Dwt1BZj6pcyc3Dy1FWZ5ieeUznr71EeNkJkUlypTsgbX1H68wsRom

The hint part of the question says that if we create a list of four-character words of the rockyou list, our hash-breaking time will be shorter, so we narrow our rockyou list using the following command.

awk ‘length == 4’ rockyou.txt >four-character-words.txt

hashcat -m 3200 a 0 Blowfish.txt four-character-words.txt