Solutions for TryHackMe Password Attacks Task 5: Offline Attacks

This is the solution for TryHackMe Password Attacks Task5: Offline Attacks.

The only tool is used in Task 5 is hashcat and it is a password recovery tool. The tool has both Linux, OS X and Windows versions.

Let`s check the questions in Task 5;

1 – Considering the following hash: 8d6e34f987851aa599257d3831a1af040886842f . What is the hash type?

For checking the hashtype of a string, we can use hashid tool.

2 – Perform a dictionary attack against the following hash: 8d6e34f987851aa599257d3831a1af040886842f . What is the cracked value? Use rockyou.txt wordlist.

The question is asking us to perform a dictionary attack and we can use any list for dictionary attack. Here, we have a list called rockyou.txt already found in Kali default installation.

The hash is same with the upper question and so we know that the hash is a SHA-1 hash with the output of hashid command. In hashcat command, it is important you know what the hash type is that you are checking for. With -m parameter, you can specify the hash type to solve the password from hash. hashcat -h command will help you to check hash types.

Because our hash is a SHA-1; we will use -m 100 parameter in our command.

$ hashcat -a 0 -m 100 8d6e34f987851aa599257d3831a1af040886842f /usr/share/wordlists/rockyou.txt.gz

The correct answer is sunshine

3 – Perform a brute-force attack against the following MD5 hash: e48e13207341b6bffb7fb1622282247b . What is the cracked value? Note the password is a 4 digit number: [0-9][0-9][0-9][0-9]

Here again we will use hashcat tool but at this time we will use -m 0 parameter because we already know that the hash type is MD5. (Again check for hashcat -h command for parameters of different hash types).

Also we need to add ?d parameter for using digit.

The correct answer is 1337.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s