Open in app

Sign in

Write

Sign in

Crack the Hash | TryHackMe

Nihir Zala
3 min readJan 25, 2023

--

Task #1:

Question #1

Hash: 48bb6e862e54f2a795ffc4e541caed4d

The first few questions you can quite easily find the answers using an online cracking tool such as CrackStation:

Question #2

Hash: CBFDAC6008F9CAB4083784CBD1874F76618D2A97

Question #3

Hash: 1C8BFE8F801D79745C4631D09FFF36C82AA37FC4CCE4FC946683D7B336B63032

Question #4

Hash: $2y$12$Dwt1BZj6pcyc3Dy1FWZ5ieeUznr71EeNkJkUlypTsgbX1H68wsRom

This is where we need to start using Hashcat like the instructions imply (make sure you have the rockyou.txt wordlist provided).

Before we let Hashcat start cracking, we need to find out exactly what type of hash this is so that we can set the mode. This link HERE has a list of all the different types of hash modes that Hashcat can handle.

Notice that the hash starts with $2. If we look through that list we can see that it looks like a bcrypt password, or mode 3200.

Create a text file on your Linux machine and title it something like “hash.txt”. This is where Hashcat will go to grab your hash. Copy and paste the entire hash in there and save it.

Then run this command:

hashcat -m 3200 <hash file location> <wordlist file location>

You will notice that it says it may take many days to crack (bcrypt is designed to be like this):

Do not be discouraged though, the password we are looking for is actually close to the top of the wordlist. Go do something else for a bit (ahem, your dishes) and eventually you will see this:

You’ll notice it took 4 hours and 14 minutes for me to crack…This will vary based on your computer’s hardware.

Question #5

Hash: 279412f945939ba78ce0758d3fd83daa

For this one, we can use CrackStation again:

Task #2:

Question#1

Hash: F09EDCB1FCEFC6DFB23DC3505A882655FF77375ED8AA2D1C13F640FCCC2D0C85

Question #2

Hash: 1DFECA0C002AE40B8619ECF94819CC1B

Question #3

Hash: $6$aReallyHardSalt$6WKUTqzq.UQQmrm0p/T7MPpMbGNnzXPMAXi4bJMl9be.cfi3/qxIf.hsGpS41BqMhSrHVXgMpdjS6xeKZAs02.

Salt: aReallyHardSalt

For this question we will need to utilize Hashcat again.

Notice that the hash we collected starts with $6. Let’s look through Hashcat’s LIST again.

A short ways down we see that the hash appears to be sha512crypt, which is mode 1800.

Copy and paste the entire hash into your hash.txt file again (replace the other hash), then save it.

Run this command:

hashcat -m 1800 <hash file location> <wordlist file location>

Eventually you will get the password:

Tryhackme
Tryhackme Walkthrough
Tryhackme Writeup
Tryhackme Pre Security
Tryhackme Learn Linux

--

--

Nihir Zala
Nihir Zala

Written by Nihir Zala

38 Followers
1 Following

Hi there, I'm Nihir Zala—a Laravel developer from Gujrat, India, with over 2.5 years of professional experience. I also learning Penetesting from THM and HTB.

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams