It's been a while. Completed Holiday Hack 2022 while SANS CDI. I saw the challenge go up early, so I started working on it as soon as I saw it. I was taking SEC565 the week that I finished the Holiday Hack and did NetWars again that week. It was nice to play NetWars again, given it had been a while. Things have changed regarding NetWars. They pause the game so you can't work on flags outside of the hours for the tournament. In a way, it's good-it keeps students from being too focused on NetWars so they aren't paying attention in class.
Working on a different ctf. In this one, they gave us a hash type that's not supported by tools I use (like hashcat)-at least not for the versions I use that I'm aware of. I was a little scared of this question. I wouldn't call myself strong when it comes to programming or scripting.
I thought about very basically how logging in and crackers work. You have a hash (and potentially a salt stored in a database. When someone wants to login, they submit their password, then that password is hashed with the algorithm used to hash their password (and/or salt) to begin with, and that hash is compared to the hash stored in the database.
I thought, "How do I create a hash?" Looked up that algorithm, and someone was nice enough to already have a program out there that creates hashes with that algorithm. I took their program as a starting point. Then I thought, "What do I want to do specifically?" Take passwords from a list (dictionary), hash them with the salt, one by one, and compare each hash to the one I'm trying to crack. Then tell me the password. "Are there any other variables I need? Well, I needed one for comparing the hashes. I also needed one for the password itself. Are there any functions I need to add? I added a loop that takes each password line by line from a file. Then I added a function that compares the created hash and the original that tells me if the hashes match and what password it was. It breaks out of the loop at that time as well.
I did a test run with one password/hash. It worked. Tried it with the hash for the ctf. Worked again. The password was in a well-known dictionary. Thank goodness for that.
I went out of my comfort zone with this one; I wasn't sure if this would be a challenge I could tackle, but I did. You don't really know what you are capable of unless you try.