Daniel Juch IT

TryHackMe – Hashing Crypto 101 Write Up

Hello friend.

This room is a nice introduction to hashing and how cryptography works.

Task 1 – Key Terms

Is base64 encryption or encoding?

encoding

Task 2 – What is a hash function?

What is the output size in bytes of the MD5 hash function?

Can you avoid hash collisions?

nay

If you have an 8 bit hash output, how man possible hashes are there?

2^8 = 256

Task 3- Uses for hashing

Crack the hash “d0199f51d2728db6011945145a1b607a” using the rainbow table manually.

This hash is in the “rainbow table” of the task description: basketball

Crack the hash “5b31f93c09ad1d065c0491b764d04933” using online tools

crackstation doesn’t know it, but you can use md5hashing.net to find it:

tryhackme

Should you encrypt passwords?

Nay

Task 4 – Recognising password hashes

How many rounds does sha512crypt ($6$) use by default?

5000

What’s the hashcat example hash (from the website) for Citrix Netscaler hashes?

1765058016a22f1b4e076dccd1c3df4e8e5c0839ccded98ea

How long is a Windows NTLM hash, in characters?

Task 5 – Password Cracking

Crack this hash: $2a$06$7yoU3Ng8dHTXphAg913cyO6Bjs3K5lBnwq5FJyA6d01pMSrddr1ZG

At first I tried echoing the hash into a file, but since the hash contains $-signs, the shell tries to substitute them with a variable and scrambles the hash. So I just used vim to copy it into a file.

Then I used john with the rockyou.txt wordlist on it.

Crack this hash: 9eb7ee7f551d2f0ac684981bd1f1e2fa4a37590199636753efe614d4db30e8e1

This one I just put into crackstation and got the answer:

halloween

Crack this hash: $6$GQXVvW4EuM$ehD6jWiMsfNorxy5SINsgdlxmAEl3.yif0/c3NqzGLa0P.S7KRDYjycw5bnYkF5ZtB8wQy8KnskuWQS3Yr1wQ0

Same procedure as with the first one, cracking it in john with rockyou.txt.

Bored of this yet? Crack this hash: b6b0d451bbf6fed658659a9e7e5598fe

For this one crackstation also worked:

funforyou

Task 6 – Hashing for integrity checking

What’s the SHA1 sum for the amd64 Kali 2019.4 ISO? http://old.kali.org/kali-images/kali-2019.4/

Klick on the SHA1SUMS file and it is in the first line.

186c5227e24ceb60deb711f1bdc34ad9f4718ff9

What’s the hashcat mode number for HMAC-SHA512 (key = $pass)?

This answer can be found in the man pages of hashcat.

Share the Post:

Not so Weekly Review # 5 – New Things

Hello everybody! As you can see, I am very consistent with my writing. So, what happened lately? Well, I have

Weekly Review #4 – App Store and stuff

Hello there! Huh, it looks like I missed two weeks. Strange, but it happens, I guess. I wasn’t as productive

Send us an Email