Return to site
Return to site

Hash Crack Challenge

Password Hash Cracking Contest

· Password Cracking,password hash,password contest,one time grid,password challenge

CHALLENGE OVER

The Challenge

Two plain SHA1 password hashes have been generated using separate techniques from a single "Random-Grid" One-Time Grid (see One-Time Grid write-up <HERE>). This password cracking challenge will last one week, which starts Aug 27th, 2018 1200PM EST and ends September 3rd, 2018 at 1200PM EST.

HASH #1

[CRACKED by @BoursierEtienne] fe0c9f335b35c45e92d5e7d07c5933b6c4c0a522

HASH #2

[CRACKED by @lakiw]

120c249bc0f301ef3cba7a0fcbff463aaaded486

Prizes

Claim your prizes by posting on Twitter to @netmux with the cracked password. All valid submissions must be received before Sept 3rd at 1200PM EST.

***Limit=1. Sorry only United States contestants are eligible to receive the password cracking rig. A $500 Amazon gift card will be awarded for an international winner that cracks HASH #2.

**To receive your final prizes contestants must submit a write-up of your strategy for cracking the password hash. These write-ups will be posted at the end of the challenge accompanying the correct solutions.

Clues

Clues will be given periodically throughout the contest. Please follow @netmux on Twitter for announcements of new clues.

  1. "Pattern" & "Scatter"
  2. One-Time Grid attached below 
  3. Birthday Paradox
  4. Are all cell values equally probable?
  5. str(PIN)[:-1]
  6. scatter_cells + str(PIN)[:-1]
  7. Use seven of the possible ten "repeats" to mask your way to the other half of the scatter_cells solution.
  8. Hash #2 = print(len(scatter_cells + str(PIN)[:-1])) = 19
  9. No cell values have been reused in the composition of scatter_cells.
    “q$*????????)wc” + str(PIN)[:-1]
hash crack challenge one time grid

CHALLENGE WRITE-UP

-wanted to give back

-rush to get it out, switched from md5 to sha1 at last minute

-hard to know what's obvious when you know the answer

-tried to slow down people with larger rigs and make it about clever analysis and tricks

-Explain each "Clue"

-36 Unique total characters out of 49 = IA9GVwc8oyL$)M.!q03WKH+epP?*{TxJzhbu

-10 characters repeating = IG8oL$.+p3

-7 repeat characters used = $I.3+LG

-HASH #2 = q$*I.3+xLHG)wc71997

08+{superjetyoMKHp

q$*I.3+xLHG)wc71997

The Clues Explained

  1. "Pattern" & "Scatter"
  2. One-Time Grid attached below 
  3. Birthday Paradox
  4. Are all cell values equally probable?
  5. str(PIN)[:-1]
  6. scatter_cells + str(PIN)[:-1]
  7. Use seven of the possible ten "repeats" to mask your way to the other half of the scatter_cells solution.
  8. Hash #2 = print(len(scatter_cells + str(PIN)[:-1])) = 19
  9. No cell values have been reused in the composition of scatter_cells.
    “q$*????????)wc” + str(PIN)[:-1]

"There is nothing more deceptive than an obvious fact."

broken image

HASH #1 = 08+{superjetyoMKHp

broken image

HASH #2 = q$*I.3+xLHG)wc71997

broken image

Cells with repeat values = q$*I.3+xLHG)wc71997

One-Time Grid: Random Password Book

one-time grid password book

Hash Crack: Password Cracking Manual

hash crack password cracking manual

Pentester Portable Cracking Rig

pentester portable rig prize
PreviousNext
Cookie Use
We use cookies to improve browsing experience, security, and data collection. By accepting, you agree to the use of cookies for advertising and analytics. You can change your cookie settings at any time. Learn More
Accept all
Settings
Decline All
Cookie Settings
Necessary Cookies
These cookies enable core functionality such as security, network management, and accessibility. These cookies can’t be switched off.
Analytics Cookies
These cookies help us better understand how visitors interact with our website and help us discover errors.
Preferences Cookies
These cookies allow the website to remember choices you've made to provide enhanced functionality and personalization.
Save