Today, I tried one challenge from tryhackme call crack the hash. There is 2 Level of decryption.
Room : https://tryhackme.com/room/crackthehash
Level: Easy
I’m using this online hash detector to detect type of hash https://www.tunnelsup.com/hash-analyzer/. Its helped me a lot to narrow down the brute force. For the tool, I’m using hashcat — the best password cracker
So, lets get started
Task 1
Hint: MD5
# hashcat -m 0 48bb6e862e54f2a795ffc4e541caed4d ~/wordlists/rockyou.txt --force
Hint: SHA1
# hashcat -m 100 CBFDAC6008F9CAB4083784CBD1874F76618D2A97 ~/wordlists/rockyou.txt --force
Hint: SHA256
# hashcat -m 1400 1C8BFE8F801D79745C4631D09FFF36C82AA37FC4CCE4FC946683D7B336B63032 ~/wordlists/rockyou.txt --force
Hint: Blowfish
# hashcat -m 3200 hash.txt ~/wordlists/rockyou.txt --force
Hint: MD4
This one I tried same dictionary not working. Once I try rule-based using hashcat rules, then its able to decrypt.
# hashcat -m 900 "279412f945939ba78ce0758d3fd83daa" ~/wordlists/rockyou.txt --force -r /usr/share/hashcat/rules/toggles1.rule
Task 2
Hint: SHA256
# hashcat -m 1400 "F09EDCB1FCEFC6DFB23DC3505A882655FF77375ED8AA2D1C13F640FCCC2D0C85" ~/wordlists/rockyou.txt --force
Hint: NTLM
# hashcat -m 1000 "1DFECA0C002AE40B8619ECF94819CC1B" ~/wordlists/rockyou.txt --force
Hint: SHACrypt512
This takes longer than expected about 50 minutes
# hashcat -m 1800 hash.txt ~/wordlists/rockyou.txt --force
Hint: HMAC-SHA1
# hashcat -m 160 e5d8870e5bdd26602cab8dbe07a942c8669e56d6:tryhackme ~/wordlists/rockyou.txt --force
Mission Completed~~. This challenge is quite easy and can be hard because you need to know how and which the hash type is in action. This challenge takes me 1 day because of some of it take too long to brute force