diff --git a/38-easy-passwords.md b/38-easy-passwords.md new file mode 100644 index 0000000..f084b16 --- /dev/null +++ b/38-easy-passwords.md @@ -0,0 +1,47 @@ +# Easy Passwords + +I did not recognize the hash format. The +website gave as +identification: +``` text +md5crypt, MD5(Unix), FreeBSD MD5, Cisco-IOS MD5 +``` + +Searching for md5crypt we can read about the hash format: +. + +[John the Ripper][] (available in [Debian][]) is a password cracker that +supports many crypt(3) password hash types. + +[John the Ripper]: http://www.openwall.com/john/ +[Debian]: https://packages.debian.org/sid/john + +From the [hint][] we learn that all passwords are standard English words, so we +can use a simple wordlist. + +[hint]: https://twitter.com/id0rsa/status/761652735280189440 + +After putting the hashes in a file called `38-hashes.txt`, we let john do its +job: +``` shell +sudo john --wordlist=/usr/share/dict/words 38-hashes.txt +``` + +After a while we look at the results with `sudo john --show 38-hashes.txt`: +``` text +?:the +?:second +?:letter +?:each +?:word +?:in +?:this +?:list +?:in +?:order + +10 password hashes cracked, 1 left +``` +Notice that two passwords are the same, they also have the same hash. John could +not crack the hash for `of` but we can infer it from the context of the other +passwords. diff --git a/38-hashes.txt b/38-hashes.txt new file mode 100644 index 0000000..3a7fca2 --- /dev/null +++ b/38-hashes.txt @@ -0,0 +1,11 @@ +$1$abadsalt$0abdVS0D4YnJJ4b7l0RRr1 +$1$abadsalt$p394aiqZnKUyrO5Rg9Tf01 +$1$abadsalt$cJYsdaTkB9F9L9yH2Qjtd. +$1$abadsalt$lFZDGpRdmOwRbu6HWuqjv0 +$1$abadsalt$1AI/LbmumKa5e6dOxiVe11 +$1$abadsalt$e2hAp/NXE.Uezx3ZOwA5L0 +$1$abadsalt$Cua6x6Rgd8UUHn7Mnzibj. +$1$abadsalt$7XBxlsUB3yXcL62wQpgjK/ +$1$abadsalt$DnSSAXOSmaoAAhN4WKaU90 +$1$abadsalt$Cua6x6Rgd8UUHn7Mnzibj. +$1$abadsalt$7wLTt8frOzyxahbB9Lzdi.