You need to know how to hack and even hack the systems in order to be able to protect said systems from hackers that actually would exploit it.
Comment has been collapsed.
I didn't get to this one in time but I hope that this does indeed become a series!
Comment has been collapsed.
450 Comments - Last post 47 minutes ago by klingki
29 Comments - Last post 3 hours ago by adam1224
7 Comments - Last post 5 hours ago by xXSAFOXx
16,297 Comments - Last post 6 hours ago by SebastianCrenshaw
52 Comments - Last post 7 hours ago by adam1224
206 Comments - Last post 10 hours ago by Joey2741
31 Comments - Last post 11 hours ago by Pika8
280 Comments - Last post 3 minutes ago by IgotElbows
44 Comments - Last post 11 minutes ago by alancml
43 Comments - Last post 36 minutes ago by venturercatt
13 Comments - Last post 48 minutes ago by Azaltir
7,978 Comments - Last post 50 minutes ago by hbarkas
727 Comments - Last post 59 minutes ago by eeev
104 Comments - Last post 1 hour ago by Axelflox
Puzzle Hacking Challenge - Part 1
So i kinda fell in love with puzzles and everything on this site!
I thought i would do something slightly different and create a puzzle that
requires you to solve things by doing things related to hacking / cracking.
It's meant for people who are interested in learning about different
security flaws etc. for NON-MALICIOUS PURPOSES only!
Giveaway:
Game: Garshasp: The Monster Slayer
Copies: 3
Time: 23th October 23.59
RULES:
– No malicious stuff in any ways, this is for educational, non-destructive purposes only!
– No sharing of answers in comments or anywhere else, hints and "light" help is ok!
So here goes part 1:
MD5:
a81ebbf4c743c3c99356ad7cf3c63536
Hint #1: HashCat
SOLUTION:
So the purpose of this one was mostly to give an intro to this upcoming series, have a few ideas of some more advanced stuff to come :)
Also this should give an indication of how insecure hashes actually are, for anyone learning while attempting these, most websites do not store passwords in their database, as to not let plain text passwords leak out in case an exploit to read database entries are found, however hashes are only slightly more secure then keeping plaintext, especially with anything less then 8-10 characters or anything that can be cracked by a dictionary attack (never use normal words in password), preferably you want a password to consist of mixed, lower- and uppercase letters, numbers and special chars.
Basically the amount of passwords you would have to test to find which one correspondsto the hash value scales with the power of the number of different characters used in the password (or allowed characters, as the cracker will not know which specific ones go into that password). So in this case you know that the "password" is 5 characters long and consists solely of lower- and uppercase letters as well as numbers. This leaves us with 26 letters 2 + 10 numbers = 62 possibilities per character.
So 62^5 or 62626262*62 gives the number of possible passwords: 916.132.832, that sounds like many, but with modern computers this is an easy task to crack, as even a single PC can test thousands per second, not to mention any "hacker" might have access to a complete botnet of computers to which he can distribute the workload of breaking the hash. So let's explain how to do this the proper way and not just typing "md5 cracking" into google and pressing "i'm feeling lucky".
The hint i gave was to a program called HashCat which is basically a hashcracking software.
Basically you'll unzip the program, create a text file in the program folder in this example named hash.txt.
Then go ahead and open a command prompt and CD into the folder with HashCat then run the following command:
This will result in the program cracking the hash value in the text file against the mask supplied and output results into cracked.txt
(Read the f***ing manual to HashCat for more information on how to set the mask etc. you might need this for the later parts.)
Output from command prompt:
As you can see it took from 00:25:24 2015 to 00:25:31 2015 a mere 7 seconds to check nearly 1 billion passwords on my i7 4770K,
this is without GPU acceleration which can speed this up even more.
AND ONTO PART 2 YOU GO!
Follow & subscribe below for more giveaways:
PeritusTV on Twitch
PeritusGamingTV on Youtube
PeritusTV on Steam
Comment has been collapsed.