You need to know how to hack and even hack the systems in order to be able to protect said systems from hackers that actually would exploit it.
Comment has been collapsed.
I didn't get to this one in time but I hope that this does indeed become a series!
Comment has been collapsed.
365 Comments - Last post 1 hour ago by dailylhama
5 Comments - Last post 2 hours ago by Steamgifty
47,146 Comments - Last post 3 hours ago by FranckCastle
19 Comments - Last post 5 hours ago by juryman00
39 Comments - Last post 12 hours ago by Massulan
50 Comments - Last post 12 hours ago by wigglenose
27 Comments - Last post 13 hours ago by Foxhack
2,527 Comments - Last post 4 minutes ago by WarWizard626
1,386 Comments - Last post 6 minutes ago by Vasharal
62 Comments - Last post 6 minutes ago by cheeki7
747 Comments - Last post 28 minutes ago by Myklex
19 Comments - Last post 1 hour ago by m0r1arty
10 Comments - Last post 1 hour ago by herbesdeprovence
34 Comments - Last post 1 hour ago by squall831
Puzzle Hacking Challenge - Part 1
So i kinda fell in love with puzzles and everything on this site!
I thought i would do something slightly different and create a puzzle that
requires you to solve things by doing things related to hacking / cracking.
It's meant for people who are interested in learning about different
security flaws etc. for NON-MALICIOUS PURPOSES only!
Giveaway:
Game: Garshasp: The Monster Slayer
Copies: 3
Time: 23th October 23.59
RULES:
– No malicious stuff in any ways, this is for educational, non-destructive purposes only!
– No sharing of answers in comments or anywhere else, hints and "light" help is ok!
So here goes part 1:
MD5:
a81ebbf4c743c3c99356ad7cf3c63536
Hint #1: HashCat
SOLUTION:
So the purpose of this one was mostly to give an intro to this upcoming series, have a few ideas of some more advanced stuff to come :)
Also this should give an indication of how insecure hashes actually are, for anyone learning while attempting these, most websites do not store passwords in their database, as to not let plain text passwords leak out in case an exploit to read database entries are found, however hashes are only slightly more secure then keeping plaintext, especially with anything less then 8-10 characters or anything that can be cracked by a dictionary attack (never use normal words in password), preferably you want a password to consist of mixed, lower- and uppercase letters, numbers and special chars.
Basically the amount of passwords you would have to test to find which one correspondsto the hash value scales with the power of the number of different characters used in the password (or allowed characters, as the cracker will not know which specific ones go into that password). So in this case you know that the "password" is 5 characters long and consists solely of lower- and uppercase letters as well as numbers. This leaves us with 26 letters 2 + 10 numbers = 62 possibilities per character.
So 62^5 or 62626262*62 gives the number of possible passwords: 916.132.832, that sounds like many, but with modern computers this is an easy task to crack, as even a single PC can test thousands per second, not to mention any "hacker" might have access to a complete botnet of computers to which he can distribute the workload of breaking the hash. So let's explain how to do this the proper way and not just typing "md5 cracking" into google and pressing "i'm feeling lucky".
The hint i gave was to a program called HashCat which is basically a hashcracking software.
Basically you'll unzip the program, create a text file in the program folder in this example named hash.txt.
Then go ahead and open a command prompt and CD into the folder with HashCat then run the following command:
This will result in the program cracking the hash value in the text file against the mask supplied and output results into cracked.txt
(Read the f***ing manual to HashCat for more information on how to set the mask etc. you might need this for the later parts.)
Output from command prompt:
As you can see it took from 00:25:24 2015 to 00:25:31 2015 a mere 7 seconds to check nearly 1 billion passwords on my i7 4770K,
this is without GPU acceleration which can speed this up even more.
AND ONTO PART 2 YOU GO!
Follow & subscribe below for more giveaways:
PeritusTV on Twitch
PeritusGamingTV on Youtube
PeritusTV on Steam
Comment has been collapsed.