Crack The Hash

Room: https://tryhackme.com/r/room/crackthehash

"Hashing is a one-way cryptographic function that takes an input (or 'message') and produces a fixed-size string of bytes, the 'hash value' or 'digest'. This process is irreversible, meaning you can't get the original message back from the hash. Hashing is commonly used to store passwords securely and verify data integrity. In this write-up, we'll explore techniques to crack various types of hashes, demonstrating how to identify and potentially reverse this process for educational and ethical hacking purposes."

Tools and Resources

• hash-identifier: A command-line utility that helps identify the type of hash being used. It analyzes the hash's characteristics, such as length and character set, to suggest possible algorithms.
  • Documentation: https://gitlab.com/kalilinux/packages/hash-identifier
• Hashcat: A powerful and versatile password recovery tool. It supports a wide range of hash types and attack modes, making it a standard tool for ethical hacking.
  • Documentation:
    • https://hashcat.net/wiki/doku.php
    • https://hashcat.net/wiki/doku.php?id=example_hashes
    • https://hashcat.net/wiki/doku.php?id=rule_based_attack
• Wordlists:
  • rockyou.txt: A widely used wordlist containing common passwords. It's often used for dictionary attacks. You can typically find it in /usr/share/wordlists/ on Kali Linux.
• Online Hash Cracking Services (Optional):
  • CrackStation: A free online hash cracking service that uses a large lookup table. Useful for quickly checking common passwords.
    • Website: https://crackstation.net/

Level 1

48bb6e862e54f2a795ffc4e541caed4d (MD5)

1. Hash Identification:

Observing its length (32 characters) and the use of hexadecimal characters (0-9, a-f), we can strongly suspect it to be an MD5 hash. MD5 hashes are 128-bit (16-byte) values typically represented as 32-character hexadecimal strings.

hash-identifier 48bb6e862e54f2a795ffc4e541caed4d
> --------------------------------------------------
> Possible Hashs:
> [+] MD5

2. Local Cracking with Hashcat:

hashcat -m 0 -a 0 "48bb6e862e54f2a795ffc4e541caed4d" /usr/share/wordlists/rockyou.txt
> 48bb6e862e54f2a795ffc4e541caed4d:****

hashcat \
  -m 0 \      # Hash type: 0 for MD5 (consult Hashcat's documentation for other types)
  -a 0 \      # Attack mode: 0 for straight (dictionary attack)
  "48bb6e862e54f2a795ffc4e541caed4d" \ # The target hash to crack
  /usr/share/wordlists/rockyou.txt     # The wordlist to use for the dictionary attack

CBFDAC6008F9CAB4083784CBD1874F76618D2A97 (SHA-1)

This hash consists of 40 hexadecimal characters. This length is characteristic of SHA-1 (Secure Hash Algorithm 1) hashes, which produce a 160-bit (20-byte) hash value.

hash-identifier CBFDAC6008F9CAB4083784CBD1874F76618D2A97
> --------------------------------------------------
> Possible Hashs:
> [+] SHA-1

hashcat -m 100 -a 0 "CBFDAC6008F9CAB4083784CBD1874F76618D2A97" /usr/share/wordlists/rockyou.txt
> CBFDAC6008F9CAB4083784CBD1874F76618D2A97:***********

1C8BFE8F801D79745C4631D09FFF36C82AA37FC4CCE4FC946683D7B336B63032 (SHA-256)

The hash is 64 characters long and uses hexadecimal characters. This strongly indicates a SHA-256 (Secure Hash Algorithm 256) hash. SHA-256 produces a 256-bit (32-byte) hash value.

hash-identifier 1C8BFE8F801D79745C4631D09FFF36C82AA37FC4CCE4FC946683D7B336B63032
> --------------------------------------------------
> Possible Hashs:
> [+] SHA-256

hashcat -m 1400 -a 0 "1C8BFE8F801D79745C4631D09FFF36C82AA37FC4CCE4FC946683D7B336B63032" /usr/share/wordlists/rockyou.txt
> 1C8BFE8F801D79745C4631D09FFF36C82AA37FC4CCE4FC946683D7B336B63032:****

$2y$12$Dwt1BZj6pcyc3Dy1FWZ5ieeUznr71EeNkJkUlypTsgbX1H68wsRom (bcrypt)

This hash has a distinct structure:

• It starts with $2y$, which is an indicator of the bcrypt hash algorithm.
• 12 represents the cost factor (or number of rounds) used in the bcrypt algorithm, a higher number means slower calculation, thus better security.
• The rest of the string contains the salt and the actual hash.

Important Note: bcrypt is intentionally slow to crack. The higher the cost factor, the longer it takes. Cracking this hash with a simple wordlist might take considerable time or may not be feasible, depending on the password complexity. YOU KNOW THE ANSWER IS 4 CHARACTERS LONG, SO FILTER THE rockyou.txt LIKE THIS:

grep '^....$' /usr/share/wordlists/rockyou.txt > ~/Documents/four_char_passwords.txt

hashcat -m 3200 -a 0 '$2y$12$Dwt1BZj6pcyc3Dy1FWZ5ieeUznr71EeNkJkUlypTsgbX1H68wsRom' ~/Documents/four_char_passwords.txt
> $2y$12$Dwt1BZj6pcyc3Dy1FWZ5ieeUznr71EeNkJkUlypTsgbX1H68wsRom:****

279412f945939ba78ce0758d3fd83daa (MD4)

This hash is 32 characters long and composed of hexadecimal characters. These are the characteristics of an MD5 hash.

> Possible Hashs:
> [+] MD5
> [+] Domain Cached Credentials - MD4(MD4(($pass)).(strtolower($username)))

> Least Possible Hashs:
> [+] RAdmin v2.x
> [+] NTLM
> [+] MD4
> [+] MD2

Important Considerations:

• Context: In real-world scenarios, knowing the source of a hash (e.g., a Windows system) can significantly narrow down the possibilities.
• Other Possibilities: Although less likely in this context, RAdmin v2.x, MD4, and MD2 are technically possible, as hash-identifier indicated. If any fails you have strong reasons to suspect of another, you can adjust the -m value in Hashcat accordingly.

Check the hint and they will tell you we are interested in MD4 (code 900 in hashcat).

hashcat -m 900 -a 0 "279412f945939ba78ce0758d3fd83daa" /usr/share/wordlists/rockyou.txt
> Fail

However I did not find the answer with rockyou.txt. You could keep trying with bigger and different wordlists. But also the answer could still be in rockyou.txt capitalized or slightly modified. Knowing that a password might be capitalized, or otherwise slightly modified, is a combination of experience, intuition, and applying systematic techniques.

1. Recognize Common Password Patterns:

   • Capitalization: People often capitalize the first letter of their passwords, especially if they are dictionary words or names. This is a very common pattern.
   • Leetspeak: Substituting numbers for letters (e.g., "e" becomes "3", "a" becomes "4", "o" becomes "0").
   • Appending Numbers/Symbols: Adding numbers or symbols to the end of a word (e.g., "password123", "password!").
   • Simple Transformations: Reversing words, simple substitutions.

2. Exhaust the Most Likely Options First:

   • Dictionary Attack (Plain): Always start with a standard dictionary attack using your wordlist as-is.
   • Dictionary Attack with Common Rules: If the plain dictionary attack fails, use rules that reflect common patterns

3. Systematic Rule Application:

   • Hashcat's Rule Sets: Hashcat comes with a variety of rule files (.rule) in /usr/share/hashcat/rules/. Familiarize yourself with them. Start with the most common ones and gradually move to more complex ones.
     • Start with rules that make small changes, like toggles#.rule or best64.rule.
     • Then, move to rules that make more significant changes, like those that append longer digit sequences, leetspeak substitutions, or combinations of transformations.

4. When to Use Larger Wordlists:

   • If Common Rules Fail: If you've exhausted common rules on your primary wordlist (like rockyou.txt) and still haven't found the password, it's time to consider larger or more specialized wordlists.
   • Specific Context: If you know something about the target or the system (e.g., it's a company with a specific naming convention for passwords), you might choose a wordlist tailored to that context.

hashcat -m 900 -a 0 "279412f945939ba78ce0758d3fd83daa" /usr/share/wordlists/rockyou.txt -r /usr/share/hashcat/rules/toggles1.rule
> 279412f945939ba78ce0758d3fd83daa:***********

• -r /usr/share/hashcat/rules/toggles1.rule: This tells Hashcat to use the toggles1.rule file, which contains instructions for modifying the case of words. Specifically, the T0 ("Toggle Case Position 0") rule within this file will toggle the case of the first character of each word.

Level 2

F09EDCB1FCEFC6DFB23DC3505A882655FF77375ED8AA2D1C13F640FCCC2D0C85 (SHA-256)

The hash is 64 characters long. It consists of hexadecimal characters (0-9, A-F). This strongly suggests a SHA-256 hash.

hash-identifier F09EDCB1FCEFC6DFB23DC3505A882655FF77375ED8AA2D1C13F640FCCC2D0C85
> --------------------------------------------------
> Possible Hashs:
> [+] SHA-256

hashcat -m 1400 -a 0 "F09EDCB1FCEFC6DFB23DC3505A882655FF77375ED8AA2D1C13F640FCCC2D0C85" /usr/share/wordlists/rockyou.txt
> f09edcb1fcefc6dfb23dc3505a882655ff77375ed8aa2d1c13f640fccc2d0c85:pa***

1DFECA0C002AE40B8619ECF94819CC1B (NTLM)

The hash is 32 characters long. It uses hexadecimal characters (0-9, A-F). This strongly suggests an MD5 hash.

hash-identifier 1DFECA0C002AE40B8619ECF94819CC1B
> --------------------------------------------------
> Possible Hashs:
> [+] MD5
> [+] Domain Cached Credentials - MD4(MD4(($pass)).(strtolower($username)))

> Least Possible Hashs:
> [+] RAdmin v2.x
> [+] NTLM
> [+] MD4
> [+] MD2

hashcat -m 0 -a 0 "1DFECA0C002AE40B8619ECF94819CC1B" /usr/share/wordlists/rockyou.txt
> FAIL

Actually this does not work. We can try from top to bottom until we guess but better let's see the hint and they tell us about Windows New Technology LAN Manager (NTLM). Although the hash has the same length and character set as MD5, in a Windows environment, NTLM is a much more likely candidate.

Inference: in a real engagement, if you obtained hashes from a Windows system or Active Directory, you would immediately suspect NTLM (or its successor, NTLMv2). This contextual knowledge is essential for efficient hash cracking.

Other Windows Hashes: Besides NTLM, you might also encounter other types of Windows hashes, such as LAN Manager (LM) hashes (older, very weak) or Kerberos hashes.

hashcat -m 1000 -a 0 "1DFECA0C002AE40B8619ECF94819CC1B" /usr/share/wordlists/rockyou.txt
> 1DFECA0C002AE40B8619ECF94819CC1B:n63*******

$6$aReallyHardSalt$6WKUTqzq.UQQmrm0p/T7MPpMbGNnzXPMAXi4bJMl9be.cfi3/qxIf.hsGpS41BqMhSrHVXgMpdjS6xeKZAs02. (SHA-512 crypt)

• The $ delimiters are a strong indicator of a Modular Crypt Format (MCF), a common way of representing various password hashes.
• The 6 between the first two dollar signs signifies SHA-512 crypt, a specific algorithm within the MCF family.
• aReallyHardSalt is, as the name suggests, the salt used in the hash.
• The rest of the string is the actual hash value.

This might take a while depending on your hardware...

grep '^......$' /usr/share/wordlists/rockyou.txt > ~/Documents/six_char_passwords.txt

hashcat -m 1800 -a 0 '$6$aReallyHardSalt$6WKUTqzq.UQQmrm0p/T7MPpMbGNnzXPMAXi4bJMl9be.cfi3/qxIf.hsGpS41BqMhSrHVXgMpdjS6xeKZAs02.' ~/Documents/six_char_passwords.txt
> $6$aReallyHardSalt$6WKUTqzq.UQQmrm0p/T7MPpMbGNnzXPMAXi4bJMl9be.cfi3/qxIf.hsGpS41BqMhSrHVXgMpdjS6xeKZAs02.:wa****

e5d8870e5bdd26602cab8dbe07a942c8669e56d6 (SHA-1 + salt)

• The hash is 40 characters long. It uses hexadecimal characters. This strongly suggests a SHA-1 (Secure Hash Algorithm 1) hash.
• Salt: tryhackme - This is where things get interesting. The presence of a salt implies a more complex hashing process than just SHA-1.

When you encounter a hash that you suspect is SHA-1 and you know a salt is involved, looking for codes related to SHA-1 and salts in the Hashcat documentation is the most efficient and logical next step. Could be 110, 160, etc. I know it is HMAC-SHA1 (key = $salt) (160) because the hint told me in order to save time.

hashcat -m 160 -a 0 "e5d8870e5bdd26602cab8dbe07a942c8669e56d6:tryhackme" /usr/share/wordlists/rockyou.txt
> e5d8870e5bdd26602cab8dbe07a942c8669e56d6:tryhackme:48************