VP 300: Password Hashes (85 pts)

Purpose

Getting Test Hashes

Here's a simple test case. A password of

password

8846f7eaee8fb117ad06bdd830b7586c

Calculating Windows NT Password Hashes with Python

import hashlib
h = hashlib.new('md4', 'password'.encode())
print(h)

import hashlib
h = hashlib.new('md4', 'password'.encode())
print(h.hexdigest())

That's because the Windows algorithm uses Unicode, not ASCII, to encode the characters. Specifically, it uses a very old version of Unicode that uses only lengths of 16 and 32 bits to encode characters. Microsoft is now moving to UTF-8, but that process is only beginning.

Modify your program to use Unicode, as shown below. (NOTE: the code for Unicode is "UTF-16LE" with the letters in lowercase, NOT "utf-161e".)

import hashlib
h = hashlib.new('md4', 'password'.encode("utf-16le"))
print(h.hexdigest())

Flag VP 300.1: Hash Dictionary (10 pts) Create a program that calculates the NTLM hashes for all two-digit passwords from 00 to 99, as shown below. Find the hash containing baad. That complete hash value is the flag.

Flags VP 300.2-4: Windows Hashes (15 pts) The following Windows passwords are constructed according to this system: CCSF-username-PIN Where "username" is the username in lowercase and PIN is a two-digit number. For example, a user named "Sam" might have a password like this: CCSF-sam-01 Crack these passwords, which were collected from a Windows 7 machine with Cain. Ming:"":"":AAD3B435B51404EEAAD3B435B51404EE:52C4859C0617E4A8FEC24BA890C5FC57 Mohammed:"":"":AAD3B435B51404EEAAD3B435B51404EE:39057EF3A9FE57D98E7A9BAB7CD2F4F9 sam:"":"":AAD3B435B51404EEAAD3B435B51404EE:19A641D2520B983ABB7C931CEFF933FA Note that the NTLM hash is the rightmost part of each line, after the last colon. The passwords are the flags, as shown below: VP 300.2: Ming's password VP 300.3: Mohammed's password VP 300.4: Sam's password

Flags VP 300.5-7: MD5 Hashes with Several Rounds (15 pts) The company using the Windows passwords in the previous challenge sets up an online system, with passwords formed the same way. Somewhere in the Terms of Service, it strongly warns users not to re-use the same password as their Windows password. In addition, it is now much more secure, because it uses MD5 instead of MD4, and not only that, it uses many rounds of MD5. The number of rounds is less than 100. It doesn't use Unicode encoding. Crack these hashes. Ming: 7621eca98fe6a1885d4f5f56a0525915 Mohammed: b2173861e8787a326fb4476aa9585e1c sam: 42e646b706acfab0cf8079351d176121 The passwords are the flags, as shown below: VP 300.5: Ming's password VP 300.6: Mohammed's password VP 300.7: Sam's password

Flags VP 300.8-10: Many Rounds of MD5 and SHA-1 (15 pts) Somehow, evil hackers broke into the previous Web application. So the new, super-enhanced system uses a much larger number of MD5 rounds, followed by an even larger number of SHA1 hash rounds. Of course, the total number of hashing rounds is less than 500, because management is sure that's enough. And now each user has to click "I Agree" to a pop-up box requiring them not to re-use passwords, so only a complete idiot would do that. Crack these hashes if you can! Send in the correct passwords to collect credit. Ming: ce788ed5f855e51e6fd78f923b43a6407467c5f2 Mohammed: 582d99006950cddeb2df9f40b3f65ebc283dc378 sam: da660655f4d4714fe605e9063d1ded4b749c50a9 The passwords are the flags, as shown below: VP 300.8: Ming's password VP 300.9: Mohammed's password VP 300.10: Sam's password

Linux Password Hashes

user:$6$jeWFhYPiV3G.U2Kw$J8PgrCnOgw2n2wd2Ua2qM3R.09oc4q4JzbjsKSEbE5A xtLAlFvJUdyZKV0B5R0mJX0MI3yaV3QhWnS3flBSG41:18448:0:99999:7:::

python3

import crypt
crypt.crypt("password", "$6$jeWFhYPiV3G.U2Kw")

Flags VP 300.11-13: Linux Hashes (15 pts) The following Linux passwords are constructed according to this system: CCSF-username-PIN Where "username" is the username in lowercase and PIN is a two-digit number. For example, a user named "Sam" might have a password like this: CCSF-sam-01 Crack these passwords, which were collected from a Debian 10 machine. ming:$6$blbkhFFelIX6BLYW$n95GODbW3vJwYdchQ/k5OX7rxq3NxGIcJdlLeh4npWNZFaTw/09Lf0TFtfwCEEFqjtSlIIWSFMMSa4pmCAvoN0:18448:0:99999:7::: mohammed:$6$zVTWI579J7rOQRHd$0PHXw6LjOibKKLHQ9MYE0qbDdEyl8iS4XNclAhNj6UiYPcae6W0DYA3u95b3usGyJNBgf3XUkPIxbO7xDST73/:18448:0:99999:7::: sam:$6$BCP8vBklvVHIpoNx$3wgjb1cbcmc7QxMFzkymS9jU1iPZghF94n0/ppA4QGBz94wM9T4dxEPsMMx5GBy/NJFoPXTfv0Z3ZTAro0UqY.:18448:0:99999:7::: Note that the NTLM hash is the rightmost part of each line, after the last colon. The passwords are the flags, as shown below: VP 300.11: Ming's password VP 300.12: Mohammed's password VP 300.13: Sam's password

Flags VP 300.14-16: Lastpass-Type Hashes (15 pts) Lastpass reportedly uses "a random salt and 100,000 rounds of server-side PBKDF2-SHA256" hashing. Crack these passwords, in the same form as the previous challenges, using PBKDF2 with these parameters: Salt: SIXTEEN_TONS_OF_ Interations: 100.000 Hash function: SHA256 Derived Key Length: 256 bits ming: 9aff907d8f56caca86df82c2de874398e41ed1dc3bb347c72a4609c920b485a9 mohammed: a7825b5000f71460a9523395010fbda36ad53c5ff699ebdfc552b52b24931e8d sam: 6387a2fcd0facda4fc82075fd68ea1b613ac72f08c712fe81898c663d7ccbfe1 The passwords are the flags, as shown below: VP 300.14: Ming's password VP 300.15: Mohammed's password VP 300.16: Sam's password

References