You need to know how to hack and even hack the systems in order to be able to protect said systems from hackers that actually would exploit it.
Comment has been collapsed.
I didn't get to this one in time but I hope that this does indeed become a series!
Comment has been collapsed.
47,161 Comments - Last post 2 minutes ago by Sh4dowKill
28 Comments - Last post 1 hour ago by BanjoBearLV
8 Comments - Last post 2 hours ago by LighteningOne
405 Comments - Last post 2 hours ago by dooder
21 Comments - Last post 2 hours ago by Wok
59 Comments - Last post 2 hours ago by Ninglor03
9 Comments - Last post 5 hours ago by Insound
11 Comments - Last post 2 seconds ago by at46
766 Comments - Last post 15 minutes ago by alexfirehouse
28,746 Comments - Last post 17 minutes ago by ClapperMonkey
2,559 Comments - Last post 25 minutes ago by lycankai
26 Comments - Last post 27 minutes ago by meneldur
205 Comments - Last post 33 minutes ago by Lugum
808 Comments - Last post 36 minutes ago by Vee79
Puzzle Hacking Challenge - Part 1
So i kinda fell in love with puzzles and everything on this site!
I thought i would do something slightly different and create a puzzle that
requires you to solve things by doing things related to hacking / cracking.
It's meant for people who are interested in learning about different
security flaws etc. for NON-MALICIOUS PURPOSES only!
Giveaway:
Game: Garshasp: The Monster Slayer
Copies: 3
Time: 23th October 23.59
RULES:
– No malicious stuff in any ways, this is for educational, non-destructive purposes only!
– No sharing of answers in comments or anywhere else, hints and "light" help is ok!
So here goes part 1:
MD5:
a81ebbf4c743c3c99356ad7cf3c63536
Hint #1: HashCat
SOLUTION:
So the purpose of this one was mostly to give an intro to this upcoming series, have a few ideas of some more advanced stuff to come :)
Also this should give an indication of how insecure hashes actually are, for anyone learning while attempting these, most websites do not store passwords in their database, as to not let plain text passwords leak out in case an exploit to read database entries are found, however hashes are only slightly more secure then keeping plaintext, especially with anything less then 8-10 characters or anything that can be cracked by a dictionary attack (never use normal words in password), preferably you want a password to consist of mixed, lower- and uppercase letters, numbers and special chars.
Basically the amount of passwords you would have to test to find which one correspondsto the hash value scales with the power of the number of different characters used in the password (or allowed characters, as the cracker will not know which specific ones go into that password). So in this case you know that the "password" is 5 characters long and consists solely of lower- and uppercase letters as well as numbers. This leaves us with 26 letters 2 + 10 numbers = 62 possibilities per character.
So 62^5 or 62626262*62 gives the number of possible passwords: 916.132.832, that sounds like many, but with modern computers this is an easy task to crack, as even a single PC can test thousands per second, not to mention any "hacker" might have access to a complete botnet of computers to which he can distribute the workload of breaking the hash. So let's explain how to do this the proper way and not just typing "md5 cracking" into google and pressing "i'm feeling lucky".
The hint i gave was to a program called HashCat which is basically a hashcracking software.
Basically you'll unzip the program, create a text file in the program folder in this example named hash.txt.
Then go ahead and open a command prompt and CD into the folder with HashCat then run the following command:
This will result in the program cracking the hash value in the text file against the mask supplied and output results into cracked.txt
(Read the f***ing manual to HashCat for more information on how to set the mask etc. you might need this for the later parts.)
Output from command prompt:
As you can see it took from 00:25:24 2015 to 00:25:31 2015 a mere 7 seconds to check nearly 1 billion passwords on my i7 4770K,
this is without GPU acceleration which can speed this up even more.
AND ONTO PART 2 YOU GO!
Follow & subscribe below for more giveaways:
PeritusTV on Twitch
PeritusGamingTV on Youtube
PeritusTV on Steam
Comment has been collapsed.