Root-me.org Cryptanalysis Challenge: Hash – Message Digest 5

In this challenge we have to crack an MD5 hash. Using findmyhash, installed on Kali Linux, makes this easy. Opening a terminal I entered findmyhash MD5 -h 7ecc19e1a0be36ba2c6f05d06b5d3058 The -h flag indicates that we are only cracking one hash, if you had a list of hashes to crack you would use -f instead, followed by the path to the list. Below is the output from findmyhash… … Continue reading Root-me.org Cryptanalysis Challenge: Hash – Message Digest 5

Root-me.org Network Challenge: SIP – authentication

This challenge was deceptively simple. Clicking the link opens a txt file with 3 lines. The last 2 lines both have an MD5 in them, the first line doesn’t. The obvious move is to crack the MD5’s, but before I started that I noticed the word PLAIN, followed by a few digits in the first line. Knowing that it really can be that easy, I … Continue reading Root-me.org Network Challenge: SIP – authentication

Root-me.org Network Challenge: IP – Time To Live

Here we download a pcap and we need to figure out the Time To Live (ttl) used in a ping sent to a host. I started by opening the pcap in Wireshark. There are many ttl’s in the capture file but the one we are looking for appears near the bottom of the capture as the bottom shows the oldest, or first packets captured. Looking … Continue reading Root-me.org Network Challenge: IP – Time To Live

Root-me.org Network Challenge: Twitter Authentication

First we download the pcap, open it in Wireshark and select Follow TCP stream. One of the fields shown is Authorization: Basic dX***********************= We take the dX***********************= section and throw it to the command line using the command echo dX***********************= | base64 –decode the result is shown. Continue reading Root-me.org Network Challenge: Twitter Authentication